Prebid JS UserId hashed email id sub-module

[pm-harshad-mane]

Type of issue

Feature request: Prebid User Id sub-module to add hashed email id

Description

• Create a submodule which will expose an API say pbjs.storeHashedEmail
• publisher will pass user's email id to pbjs.storeHashedEmail('[email protected]')
• the sub-module will create a one way encrypted hash value of the given email id
• store the hash value in a first-party cookie say, pbjs-hashed-email-id
• pass hashed-email-id value to bidders thru bids.userId.hashedEmail
• respect user-opt-out, should be taken care of by Prebid User Id module
• respect GDPR, should be taken care of by Prebid User Id module
• delete the cookie when the user opts out

Benefits

• This hashed email id can be used to target users where third-party cookies are disabled, Safari, Firefox, Edge.

[pm-harshad-mane]

I was looking at the code of UserId module and I think it is easier to include this feature in UserId module itself than creating a submodule.

[josepowera]

This should probably also define some enum for hashType

Currently used in some major platforms are:
Plain,
Md5(email)
Sha1(email)
Sha256(email)

[smenzer]

While I agree that getting hashed emails into the ecosystem is important to handle browsers not supporting 3rd party cookies, I see a couple of issues with this proposal:

1. hashing the email client side is not terribly secure, as every script on page would have access to the raw email. hashing should be done server-side by the publisher IMO
2. passing around a hashed email means the user can never "reset" it...it's like a fingerprint. yes, they need to give consent to have it be used in the first place, but what if they want to "clear cookies" so to speak and reset their ID? they can't because their email just gets re-hashed the same way and all data previously stored on them is still available. this is why MAIDs allow you to reset the ID on your device. using an identity provider to bridge between an email and an ID allows for the email to be associated to a new, pseudonymous ID that resets any data platforms may have previously known about the user.

[gglas]

@pm-harshad-mane we believe that this should be largely achievable via Publisher Provided ID - https://docs.prebid.org/dev-docs/modules/userId.html#pubprovided-id, #5690 -- apart from the details of the publisher leaning on the browser to execute email encryption. Would you agree / can we close this issue?

[jdwieland8282]

in place of a user id module we built a general purpose module (https://docs.prebid.org/dev-docs/modules/idLibrary.html) that anchors any userid.subadapter output to a hashed email and sends the payload to a user defined endpoint. Pubs can use the output to deterministically link 1st party ids. We think this alongside the pubprovided module is the better approach.

[slayser8]

No. This is a bad idea.

[pm-harshad-mane]

@gglas we may close this issue.