Introducing the Google Privacy Sandbox

By Janus Boye

While most consider data protection very important, one of problems with the current technologies, is that third parties are collecting your user data, storing it, aggregating and often also sharing it.

To be blunt: Digital advertising pays for large parts of the Web, but relies on cookies and other tracking mechanisms. Tracking mechanisms that were invented a long time ago and not designed with data ethics in mind.

This is the big problem that Google is proposing to solve with the emerging Privacy Sandbox. The Privacy Sandbox is a series of proposals to satisfy cross-site use cases without third-party cookies or other tracking mechanisms.

In a recent member call, Sam Dutton, shared an overview of the Privacy Sandbox project. Sam is Developer Advocate at Google in London, specifically focused on Google Chrome and for the past 3 years he has been with the Privacy Sandbox team.

We started by hearing more about the motivation behind the large project, then moved onto APIs and the feature lifecycle. At the end of this post, you can find the entire recording from the call and links to further reading.

Improving privacy while keeping the Web healthy

Just to set the stage: The topic of privacy has been a big one in recent years and we’ve covered it numerous times at peer group meetings and past Boye conferences. Tim Walters gave a memorable keynote in 2019 on how Trust is a prerequisite for great customer experiences and earlier this year, he shared a member call on The necessary shift from privacy to trust. To summarise, privacy is not just about compliance and GDPR. It’s about doing the right thing and doing what you can to be trustworthy.

Sam opened the call, by briefly introducing us to the powerful concept of composability. A term that’s quite widely used at the moment. In this context, it’s what Sam called the ‘superpower of the Web’ - the idea that different parts of your digital experience can come from different sources, like an external news feed, an external map coupled with some advertising. Advertising is not a new thing, but as he said: Whether you like it or not, browsers today need to support advertising.

If you work in marketing and buy display ads, you might have seen the below slide which Sam shared in the beginning. It shows the complex and overwhelming advertising ecosystem. Few advertisers, developers and publishers understand the entire ecosystem and supply chain for third party services. When you visit a website, do you know what they are doing with your data?

As Sam said in the call: “The ad ecosystem is really complex! Not even developers, advertisers or publishers understand the supply chain for third-party services.”

So, we have a complex marketplace, a Web that was designed in a different time and age, advertisers who need reliable numbers on things like conversion rates and finally, we do have an increasing importance of data privacy as shown on the below slide.

People really care about what happens to their data and regulators are stepping up around the world. It’s a problem for the entire Web ecosystem that Privacy Sandbox for the Web is trying to address by proposing better ways to support advertising online.

Specifically, Privacy Sandbox will phase out third-party cookies by using the latest privacy techniques, like differential privacy, k-anonymity, and on-device processing. Privacy Sandbox also helps to limit other forms of tracking, like fingerprinting, by restricting the amount of information sites can access so that your information stays private, safe, and secure.

The core principles behind the Privacy Sandbox is laid out in this post: A Potential Privacy Model for the Web which describes a way the web could potentially work that would not require cross-site tracking, but would still let publishers support themselves with effective advertising.

What’s in the Privacy Sandbox and how far along is it?

One of the major innovations of the Privacy Sandbox is that it will become the user’s browser on the user’s device holds information about a user’s interests. That means that it’s not the advertiser or the adtech platform, which is the case today.

At the moment there’s 5 privacy sandbox technologies which are out for public testing, including the Topics API, FLEDGE API and Attribution Reporting API. As you can probably derive from the funnel shown below, relevant ads is the big focus. They are more profitable, drive more business and importantly also annoy users less

If you want to dive a bit deeper, as Sam also did in the call, then here’s links to additional reading:

  • Topics API - Enable interest-based advertising, without resorting to tracking the sites a user visits.

  • FLEDGE API - A proposal for on-device ad auctions to serve remarketing and custom audiences, without cross-site third-party tracking.

  • Attribution Reporting API - An API to measure when an ad click or view leads to a conversion, such as a purchase on an advertiser site.

There’s been big engagement so far in the initiative, with 30+ proposals by Chrome and others to support a wide range of use cases, including fraud detection, federated identity and behavioral audience groups. There’s also 500+ participants in W3C discussion and incubation groups.

As you can see on the below timeline, mid 2023 is the big planned release and then the current plan is to phase out support for third party cookies by 2nd half of 2024.

Privacy Sandbox timeline as of October 2022 - refer to privacysandbox.com/timeline for an updated version

How is it being developed and how can you be a part of it?

As Sam pointed out several times during the call, Privacy Sandbox is not a unilateral decision by Google. It’s a quite open initiative as known from other standards initiatives and there’s extensive engagement from people outside Google.

From the timeline shown in the previous paragraph, you can see that it takes time. For each proposal, it is a journey from draft proposal, to an explainer, via a test version to becoming implemented in Chrome stable takes time. There’s a healthy number of meetings and debate in each phase and Sam showed some interesting examples, also on bug reporting that helps create a better solution.

To reduce the risk of breaking things, Google also takes a staged approach to rolling out new features in Chrome.

Some of the Privacy Sandbox initiatives have now reached the ‘Utility testing’ phase.

If you are a developer, then there’s a good introduction here: Introduction to the Privacy Sandbox on Android. If you want to learn how to get started, then consult the Program overview.

For the open web, you can contribute to the public discussions in forums such as the W3C, and if you’re a business, talk to your trade groups and technology vendors about engaging in this process.

Learn more about the Google Privacy Sandbox

As it says on the Android developer site:

“Our proposal is to bring the Privacy Sandbox to Android, providing a clear path forward to improve user privacy without putting access to free content and services at risk”

There’s naturally a dedicated website for this initiative - see privacysandbox.com.

As you can imagine from any initiative which comes from Google and has the focus on privacy, there’s also been a healthy interest from the press. Here’s a few good ones to start with:

Finally, you can also download the slides (PDF) or lean back and enjoy the entire recording from the call.