blog: Don Marti


letter to Consumer Reports

04 March 2021

(here's the body of a letter I'm sending to Consumer Reports. Feel free to copy, modify, and send to other public-interest sites or open-source projects.)

I'm writing to ask you to set an HTTP header on the Consumer Reports site to help keep deadly robots from burning people's houses down.

First, here's the header.

Permissions-Policy: interest-cohort=()

I know it's a little overhead on each request, but here's why you're going to need it.

The Google Chrome web browser is going to be coming out with a new feature called Federated Learning of Cohorts (FLoC). FLoC is software that runs in the browser and assigns the user to a group, or cohort, based on the web sites they visit.

Each user would be assigned to one cohort, so the Consumer Reports site visitors will be spread out among several cohorts. In order to use cohorts, sites will have to learn which cohorts correspond to which characteristics about people. For example, Consumer Reports members might be assigned to cohorts that are heavy on "appliance buyers who are concerned about safety." When retail sites are able to analyze the meaning of a visitor's cohort, they'll likely begin to optimize, showing the safest, highest-quality appliances to the users whose cohort shows they're likely to be Consumer Reports members, and showing the lower-quality appliances, more likely to catch on fire, to the members of other cohorts.

In the long run, it's bad for everyone in the market when companies can easily monetize unsafe products. FLoC doesn't require a deliberate decision by anyone to trick any customer into buying a dangerous appliance. The machine learning software on the retail side just "learns" how to optimally move certain SKUs, without ever knowing that they match up to fire hazards for the customers. Cohort training is an important area for ethical AI research, but Google has been abruptly terminating some key people who were responsible for leading research in the field of AI ethics. Until FLoC has been tested for safety, and for other problems such as enabling unlawful discrimination, it seems best to stay opted out of it. That header is the only opt-out method for now.

If you have any questions about how to test the HTTP header, please let me know. A test of FLoC will be starting shortly, and you can learn more at the World Wide Web Consortium's Web Incubator Community Group (WICG).