Imagine you want to know how many people visited your website after clicking on an ad, but you don't want to track individual users. The Private Aggregation API can help you measure this while protecting user privacy.
Here's a simplified explanation of how it works:
- Calling the API: When you want to collect data, your website can call the Private Aggregation API. The user’s browser will then create a special, encrypted report that doesn’t identify the user individually. This report is sent to your server.
- Collecting the reports: Your server gathers these encrypted reports from different users’ browsers and then groups them together into a batch.
- Submitting the data for aggregation: Once enough reports are collected in a batch, your server sends them to the Aggregation Service. This service is designed to protect privacy and uses a secure environment to decrypt reports and combine the data. To further enhance privacy, the Aggregation Service adds “noise,” or random data, to the aggregated results, which makes it difficult to identify individual users within the aggregated data. The output is a summary report, showing overall trends and insights, such as the number of people who bought your product or the average purchase value, without revealing any individual user data.
Learn more about how Private Aggregation works in the developer documentation.