What is Google’s Privacy Sandbox?
The Google Privacy Sandbox is a new initiative aimed at making the web more private for users, whilst also still permitting advertisers to carry out tracking and measurement. It comes as a response to growing concern over the use (and misuse) of cookies for purposes such as marketing. The broad aim is to spark industry-wide collaboration to develop alternative purpose-built APIs which are designed to improve user privacy whilst simultaneously supporting the ad-funded web.
In computing terms, a sandbox is a virtual space in which certain functions can be run/tested without being able to impact anything outside of the sandbox. It’s a common approach for testing, but the principal is now being applied to Google’s privacy framework. The intention is to turn a series of browser APIs into open web standards that could be adopted by all browsers. These would provide functionality to replace “leakier” approaches such as Third-Party Cookies, Fingerprinting and User-Agent Strings.
These APIs will store and process data at the browser level, as opposed to the data leaving the users’ device. This provides more security and privacy to users but still allows advertisers to utilise this more controlled environment for targeting and measurement.
Ultimately, Google’s Privacy Sandbox comprises of a series of proposals to satisfy third-party cookie functionality without user-level tracking mechanisms.
Why is Privacy Sandbox needed?
In recent years, there has rightfully been a surge in concern amongst internet users surrounding their online privacy. This concern has fuelled browsers to differentiate themselves by placing an emphasis on users’ privacy and blocking ads by default. Whilst it is, of course, important for users to have control over their data, ad blocking fundamentally disrupts the online value exchange.
If digital publishers cannot monetize their content through advertising, then online information will not remain freely accessible to users which presents a problem to the ‘free’ internet.
Fortunately, there is a solution. If advertising is relevant, it is not only more valuable to both advertisers and publishers, but it is also more engaging and less intrusive to users. The issue with making ads relevant is the way that this personalisation is accomplished – through cross-site tracking which compromises users’ privacy. This is where Google’s Privacy Sandbox comes in.
According to Google, the removal of Third-Party Cookies can reduce publishers’ ad revenue by 52%.
What’s in Google’s Privacy Sandbox?
Google’s Privacy Sandbox comprises of five main browser APIs:
Trust Token API
This API aims to help detect and prevent fraud through the use of ‘privacy passes,’ which are non-personalised cryptographic tokens. These tokens distinguish trusted, real-life human users from untrusted users whilst simultaneously preventing websites from tracking visitors. The Trust Token API is Google’s alternative to CAPTCHA, which is currently used to distinguish computers from humans.
The Privacy Budget API
Within the Privacy Budget API, websites will be allocated a budget to limit the amount of data they can access from an individual to prevent the identification and tracking of users across the web. This will also prevent opaque tracking techniques, such as Browser Fingerprinting, which often used as a substitute technique when cookies are blocked.
Conversion Measurement API
The most widely discussed API is the Conversion Measurement API. Advertisers need to measure conversions from their ad campaigns in order to understand how well their ads perform and determine their ROI. This API will inform advertisers if a user purchased a product or landed on a promoted page as a result of their ads.
Federated Learning of Cohorts (FLoC)
FLoC concerns finding a workaround for interest-based advertising on the web that does not invade individual users’ privacy. Instead, advertisers will observe the browsing habits of groups of people and group similar users together in ‘cohorts’ or ‘flocks.’ With this information, users will be targeted by ads depending on what group they fall into. The browser will use machine learning algorithms that are based on users’ browsing history and site content to develop a ‘cohort’ of users with related interests.
Google has claimed that the new innovation has delivered results in its test environment that are around 95% as effective as cookie-based approaches. As a result, the tech giant plans to roll out FLoC for wider testing in March. It isn’t yet clear how granular the cohorts will be and this is expected to be clarified in March.
Remarketing API (FLEDGE, formerly TURTLEDOVE)
The FLEDGE (First “Locally-Executed Decision over Groups” Experiment) proposal aims to replace behaviorally-targeted campaigns by re-engaging users based on their actions on a website or other types of brand interaction in a privacy-compliant way. FLEDGE is Google’s third attempt at constructing a solution to remarketing that meets users privacy expectations. FLEDGE evolved from both TURTLEDOVE and PIGIN which were replaced last year due to privacy concerns. FLEDGE is said to have more robust privacy guarantees as it removes ad auction logic from remote servers to the local browser.
It is clear that Google and the ad tech industry still have a long way to go in the next two years before Third-Party Cookies are phased out completely. Privacy Sandbox is still its early developmental stage and Google will continue to seek out ideas and feedback from all members of the industry, such as advertisers, publishers, developers and of course, privacy advocates. The tech giant has already set the wheels in motion by introducing some new measures in Chrome, such as the SameSite attribute, that are aimed at preserving users privacy.