Another day, another avian-themed web standard proposal in the Chrome Privacy Sandbox. Meet Dovekey, which was committed to GitHub on Wednesday.
But there’s something a little different about this proposed spec.
It’s the first time that Google has incorporated an ad industry proposal into one of its own, and it’s encouraging to see a kernel of collaboration begin to grow between stakeholders that have been at loggerheads since January.
But don’t get too excited, said Tom Kershaw, CTO of Magnite.
“It’s encouraging, but that is more of a reflection on the extremely slow pace of progress in this process than it is a positive indication that we are turning a corner,” Kershaw said. “The fact that Google commented on a proposal from the ad tech community without rolling its eyes in disdain can certainly be construed as progress.”
Bird’s-eye view
It’s probably worth a quick refresher on how we got here.
Google first hinted in August that it would be open to entertaining parts of SPARROW. Dovekey is a modification of SPARROW, a proposal developed by Criteo in response to Google’s TURTLEDOVE proposal.
TURTLEDOVE suggested moving the ad auction into the browser, which many criticized as too big of an engineering challenge and a power play on Google’s part. SPARROW’s answer was to place control over bidstream data and auction logic with an independent, trusted third-party server or “gatekeeper.”
Dovekey aims to simplify the bidding and auction-related aspects of TURTLEDOVE by introducing the gatekeeper concept from SPARROW. As Dovekey’s authors put it on GitHub, it’s “the benefit of SPARROW bidding even if the gatekeeper server just acts as a simple lookup table.”
Rather than an acknowledgment that the browser isn’t the end-all-be-all user agent, Dovekey is an attempt to create technology that would make TURTLEDOVE more capable of functioning in the real world.
“The concept of adding a key-value server could make it easier for ad tech companies to make the transition from interest-group targeting that relies on third-party cookies to TURTLEDOVE-like flow by enabling components of ad selection to remain server-side,” said Chetna Bindra, Google’s senior product manager for user trust, privacy and transparency.
(Slow) progress
This nascent interplay of industry specs with proposed specs in the Privacy Sandbox does represent some level of progress amid the fraught debate within the W3C’s Improving Web Advertising Business Group.
It’s worth noting that the Dovekey proposal appears to have been submitted by members of the Google Ads team, which to date has been largely absent from the group’s weekly discussions.
“This would be the first significant sighting of a Google Ads person in this process in months,” Kershaw said. “If they intend to actively participate going forward, that would be a significant, and probably welcome, change.”
Dovekey’s authors are also very careful to point out that proposals in the Privacy Sandbox shouldn’t be interpreted as commitments about forthcoming Google Ads products.
It’s interesting to see that Google is concerned about the optics of its ideas being presented as a “’done deal,” said James Rosewell, CEO and co-founder of device detection company 51Degrees, “and rightly are taking steps to prefix their material more clearly.”
“That’s a small step in the right direction,” Rosewell said.
But by the same token, Dovekey is brand spanking new. Most participants of the Improving Web Advertising Business Group haven’t had a chance to dig in, Kershaw said, “and we have not yet seen Chrome’s reaction to it.”
“A lot of TBDs out there still,” he said. “Certainly, we agree it can only be viewed as positive. The question is – is it positive enough?”
Open questions
That isn’t the only question.
Ambiguous within the Dovekey proposal, for example, is how many key-value servers are needed to process ad requests at scale. And how exactly do interest groups get created? Who should serve as the trusted gatekeeper to host the bidding models?
The jury is still out on what type of entity makes sense to take on that role. Given their existing technological integrations with publishers, an SSP could be one option, said Charles-Henri Henault, VP of product, ads platform and analytics at Criteo. A cloud provider might be another possibility. Ultimately, there could be multiple gatekeepers, Henault said, each of which should be subject to audits to ensure neutrality and trustworthiness.
But even if there was a clear answer to the gatekeeper question, Dovekey doesn’t deal with anything beyond facilitating auctions. Creative rendering, measurement and reporting are all out of scope. (Creative rendering is addressed in the fenced frames proposal.)
There’s a heck of a lot to do and not much time left to do it. Dovekey does, however, represent a detente of sorts on the road toward the eventual phaseout of third-party cookies in Chrome.
“We’ll continue to engage in industry forums to contribute toward further evolution of proposals,” Google’s Bindra said. “Improving user privacy protections and reducing cross-site tracking while supporting a thriving ad-funded web ecosystem is an important endeavor, and for this to succeed we know we need the involvement of partners across the industry.”
