Attribution Reporting API.

A Privacy Sandbox API in Chrome and Android that lets advertisers measure ad conversions across sites without cross-site identifiers, using browser-mediated, noise-injected event-level or aggregated reports. Es gehört zur Kategorie Datenschutz der Cybersicherheit.

A Privacy Sandbox API in Chrome and Android that lets advertisers measure ad conversions across sites without cross-site identifiers, using browser-mediated, noise-injected event-level or aggregated reports.

The Attribution Reporting API (ARA) is the Privacy Sandbox mechanism for measuring ad-driven conversions without exposing cross-site identifiers. Sources (ad clicks or views) are registered on the publisher side; triggers (conversions) are registered on the advertiser side. The browser maintains the join between them locally and, at delayed and randomized intervals, sends one of two kinds of report. Event-level reports return a noisy, low-resolution mapping from a source event to a conversion event, suitable for click attribution. Aggregatable reports go through a separate Aggregation Service running in a trusted execution environment, which adds calibrated noise (differential privacy) before returning aggregate dashboards across many users. Both report types are designed to bound the cross-site information any caller can learn. ARA is one of the central pieces of the post-third-party-cookie measurement story and a focus of regulator attention (CMA, French CNIL, German DPAs). For ad-tech and measurement vendors, integrating ARA requires substantial backend changes for noise budgets, report aggregation, and trust-establishment with the Aggregation Service.

Schutzmaßnahmen gegen Attribution Reporting API kombinieren typischerweise technische Kontrollen und operative Praktiken, wie in der Definition oben beschrieben.

Übliche alternative Bezeichnungen: ARA, Attribution Reporting.