IP Protection applies to domains on the Masked Domain List (MDL) only when accessed in a third-party context in Incognito mode. To determine what is first-party and third-party, IP Protection uses a combination of factors.
- One factor is domain matching, which checks if the domain of the embedded content matches the domain of the website being visited.
- The other factor is Related Website Sets, which helps define the boundaries between first- and third-party contexts by grouping related websites together. This ensures that domains on the MDL that are embedded on a website in the same Related Website Sets are treated as first-party and therefore receive the user's original IP address.
For example, imagine a website that uses a separate domain for its analytics tracking. This analytics domain is on the MDL because it collects user data. When you visit the main website, the analytics domain is loaded in the background. If the website has set up Related Website Sets correctly, IP Protection will recognize that the analytics domain is related to the main website and won't mask your IP address. This allows the website to continue collecting analytics data without being affected by IP Protection.
To minimize disruptions to websites and services, Chrome will temporarily use a best-effort approach to deduce domain ownership until companies create their Related Website Sets. This approach leverages an entity mapping created by Disconnect.me. If a company hasn't submitted a Related Website Set and Chrome's deduction is inaccurate, the company can submit a Related Website Set to correct any errors.
See the IP Protection GitHub documentation for a more technical understanding of first-party versus third-party determination.