Home Privacy What’s In Google’s Privacy Sandbox? Nothing, For Now

What’s In Google’s Privacy Sandbox? Nothing, For Now

SHARE:

Google plans to phase out third-party cookies by 2022.

What will replace them? The answer lies in Google’s Privacy Sandbox, a proposed set of web standards designed to protect privacy while still giving advertisers the ability to target and measure campaigns.

In other words, the standards are web browser APIs that will eventually serve as privacy-preserving technical alternatives to third-party cookies.

But the operative word is “eventually.” There aren’t any tangible tools inside the Privacy Sandbox, at least not yet.

“It’s pretty much just a number of proposals, what you might call explainers, for browser APIs,” said Ratko Vidakovic, founder of ad tech consultancy AdProfs. “I think it’s fair to call them conversation starters.”

Chrome’s purpose here is to trigger an information exchange among advertisers, developers, ad tech vendors, publishers, other browsers, trade groups – anyone that relies on the web to do business. All are invited to experiment with the proposed mechanisms, share feedback and introduce ideas of their own via GitHub.

There’s probably not a single product manager in ad tech who isn’t glued to Chrome’s proposals on GitHub right now, Vidakovic said.

It makes sense for Chrome to take this approach. Browser sandboxing is a common analysis environment used by developers and researchers to test plug-ins, features and root out potential vulnerabilities.

But, more importantly, the offer of collaboration – rather than unilateral action by Google – will help it circumvent accusations of anticompetitive behavior that would have arisen if Google had pulled the third-party cookie rug out from under the ad industry at once.

The first two issues Google will try to address through the sandbox are conversion measurement and interest-based advertising. Trials for click-based conversion measurement sans third-party cookies will start by the end of the year.

Chrome’s move to kill third-party cookies is clearly far more cautious than other browsers – Safari and Firefox both block third-party cookies by default – but it’s clear evidence that browser APIs are the future.

“It’s not the Wild West anymore, and browsers, smart routers such as Amazon’s Eero, satellite internet projects such as Elon Musk’s Starlink and other new tech, have the ability to filter everything,” said Zach Edwards, founder of analytics firm Victory Medium. “Upstream user data filtering and privacy-as-a-service are clearly where things are going in general.”

Although they’ll obviously morph and change over the next two years, the API proposals in Google’s Privacy Sandbox offer a peek into the future of data sharing on the web.

Here’s what’s in there, so far (and click here for the full set of entries):

Conversion measurement

A conversion measurement API proposal would allow advertisers to measure and report on ad click conversions and ad performance without using cross-site trackers.

The Chrome team acknowledges, however, that one API can’t support all of the ad-related conversion measurement use cases out there. What if there are multiple touches for the same conversion, for example, or what if an advertiser wants to send reports to multiple reporting partners at the same time? The vision here would be to use this proposal as a jumping off point for multiple conversion-related APIs.

This isn’t the first proposal of its kind. Apple released an experimental attribution API for Safari in May 2019 that enables a limited form of click-to-conversion tracking that’s built directly into the browser and doesn’t rely on cookies. Brave also has a related protocol.

FLoC

Federated learning of cohorts (FLoC) would use on-device machine learning to observe the behavior of cohorts or “flocks” – see what you did there, Chrome – to enable interest-based advertising, rather than tracking the browsing behavior of individuals. In other words, bye-bye one-to-one marketing, we hardly knew ye.

Each flock would be comprised of thousands of people with similar browsing histories and referred to by a short, alphanumeric name. This, some privacy advocates say, represents a major loophole. A flock name would essentially serve as an identifier or “behavioral credit score” of a user’s preferences, purchases and movements, thereby defeating the purpose, according to the Electronic Frontier Foundation.

PIGIN

A related proposal dubbed PIGIN (or private interest groups, including noise) would enable the browser, rather than the advertiser, to track what people are interested in and place them into so-called “interest groups” that could be used for targeting. The size of a group couldn’t fall below a set threshold so that the API itself doesn’t become a mechanism to enable microtargeting.

Aggregating reporting

An aggregated reporting API would collapse information into a “single privacy-preserving report” that enables ad measurement without relying on cross-site identifiers. The browser API could measure a campaign’s reach or manage frequency capping, and the data would only be reported back if it’s “sufficiently” aggregated across users.

Privacy budget

Websites would be given a privacy budget that limits how much information they can access about an individual to prevent fingerprinting. Sites that exceed their allotted “budget” would lose access to the APIs. Google first announced its intention to crack down on browser fingerprinting in Chrome last spring.

Privacy model for the web

Next up is a “potential privacy model for the web” that aims to answer two questions. First, across what range of web activities should a browser let websites treat a person as having a single identity? And two, how can information move across identity boundaries without compromising that separation?

The proposal available on GitHub is amorphous, but the gist appears to be that the browser should be able to treat third parties as first parties, depending on the circumstance. If an unidentified user visits a site, for example, certain verified third parties would be given the right to recognize the user while others would not.

Trust token

A trust token API would help publishers detect and prevent fraud by separating users into two groups: trusted and untrusted. Nonpersonalized cryptographic tokens, or “privacy passes,” could be issued to trusted users. The tokens would be indistinguishable from each other so that sites couldn’t use them for tracking.

Willful blindness

The willful blindness API would provide a mechanism for HTTP applications to prevent themselves from being able to see IP address or other identifying network info, but without interfering with the normal operations of servers that use IP address to help with bot, DoS and spam detection.

First-party sets

Lastly, a first-party sets API would enable related domain names owned by the same entity – google.com, google.co.uk and youtube.com, for example – to declare themselves as the same first party.

The takeaway

It’s still really early in this process, but it’s up to ad tech vendors to actively share feedback and contribute to the sandbox proposals if there’s any chance of a solution that’s “extensible across the industry,” said Jessica Berman, principal product manager at SpotX.

“The overarching message from Google is that they want to create tools that will increase transparency of data use and enable users to have more control over their privacy, which includes eliminating ‘opaque’ tracking mechanisms, like fingerprinting,” Berman said. “As an ad business, Google has a vested interest to ensure the privacy features will still allow programmatic advertising to continue, which ultimately funds free internet content.”

Google claims it’s already received “positive feedback” on the mechanisms that underlie the privacy sandbox from people involved with the World Wide Web Consortium, an international group that develops standards and protocols for the web.

Must Read

LinkNYC Kiosks Have Started Airing World Cup Games – TV Ads And All

The cinematic trope of people stopping to watch the news on a storefront TV display feels pretty out of date today. But sometimes, life can still imitate art.

How TIME’s CMS Transition Laid The Foundation For Its AI-Driven Content Overhaul

The CMS migration helped unify TIME’s fragmented content data after years of platform transitions under multiple owners. This enabled TIME to launch its own AI search product and convert archival content into AI-friendly “markdown” pages.

Adobe Advertising Just Launched Its Own Custom Algorithms Product

Last week, Adobe Advertising announced the general release of its own Custom Algorithms product, which is “a huge departure from the TubeMogul days,” Erwin Castellanos, GM of Adobe Advertising, tells AdExchanger.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

MFA Ad Spend Is Increasing. Is AI Slop To Blame?

This year, the percentage of ad spend going toward made-for-advertising (MFA) sites went up instead of down for the first time since 2023.

Kickbacks Takes An Outsider’s View While Bringing Ads To AI Agents

Andrew McCalip is a founding engineer at Varda Space Industries, where he oversees the manufacturing of things like hypersonic reentry vehicles and satellite buses.

CTV Buyers Are Getting The Show-Level Performance Optimization They’ve Always Wanted

A collaboration between InterMedia Advertising, Peer39 and Pontiac Intelligence provided show-level cost-per-acquisition data for 94% of CTV ad impressions.