When a user grants a website permission to access a powerful API (specifically Bluetooth, Camera, Clipboard, DisplayCapture, Geolocation, Microphone, Serial, and USB), their consent is intended for the site, not necessarily to every third-party script running on the page. In particular, embedded ad scripts running in the main frame or same-origin iframes can currently leverage the page's permission to opportunistically access this sensitive data. The user may not be aware that an advertisement is accessing their information. This intervention aims to better align a granted permission with user intent by preventing ad script in a context with API permission from using it, reinforcing user trust and control over their data.
Explainers: https://github.com/explainers-by-googlers/selective-permissions-intervention