Google this week said some of its Privacy Sandbox tools will see general availability in Chrome 115 on July 18, in order to prepare for the slow phase-out of third-party cookies next year.
“Starting with the July Chrome release, and over the following weeks, we’ll make the Privacy Sandbox relevance and measurement APIs available to all Chrome users,” said Anthony Chavez, VP of Privacy Sandbox, in an announcement. “With this milestone, developers can utilize these APIs to conduct scaled, live-traffic testing, as they prepare to operate without third-party cookies.”
Since 2019, shortly after Europe’s General Data Protection Regulation (GDPR) took effect, Google has been working on various methods of delivering targeted ads without the use of intrusive third-party cookies – data deposited in people’s browsers by third-party scripts on websites that can be abused to track people online and violate expectations of privacy.
The following year, the Chocolate Factory said it would phase out support for third-party cookies, leaving advertisers with little choice but to make do with its Privacy Sandbox ad tech. That’s taken longer than anticipated due to regulatory entanglements, industry blowback, and privacy promises that the tech initially couldn’t meet.
The scheduled portion of Privacy Sandbox consists of six application programming interfaces: Protected Audience (formerly FLEDGE), for remarketing (showing ads based on past website behavior at other websites); Topics (showing targeted ads without identifying people); Attribution Reporting (measuring ad interaction without third-party cookies); Private Aggregation (private ad reports); Shared Storage (sharing data cross sites without sharing identifiers); and Fenced Frames (a related cross-site data mechanism).
With these APIs, advertisers will have a way, without third-party cookies, to target ads at those with specific interests and get data about how those ads perform. And in theory, this will provide some measure of privacy beyond what little is available currently.
Meanwhile, starting in Q1 2024, Google plans to deprecate third-party cookies for just one percent of Chrome users, as a trial run for more extensive third-party cookie removal at a later date. And developers will be able to simulate the anticipated cookie withdrawal starting in Q4 2023. This conforms with the timeline Google committed to in consultation with the UK Competition and Markets Agency (CMA), to allay criticism from rival ad firms.
That criticism, based on concern that Google will use privacy as a pretext to withhold ad metrics from rivals, has not entirely died down, however.
“Privacy Sandbox removes the ability of website owners, agencies and marketers to target and measure their campaigns using their own combination of technologies in favor of a Google-provided solution,” said James Roswell, a digital marketer and co-founder of marketer advocacy group Movement for an Open Web.
Privacy Sandbox removes the ability of website owners, agencies and marketers to target and measure their campaigns using their own combination of technologies
“No one would accept all food retailers closing the home baking aisle and forcing everyone to buy their own brand bread. Why would anyone accept Google and Apple’s identical behavior in digital markets? In relation to Google, the CMA urgently needs to review the commitments and police them effectively.”
Roswell argues that the Privacy Sandbox APIs fail to reproduce the functionality of the systems they’re designed to replace while degrading advertising performance and possibly violating EU law.
He cites the website performance penalty that has been documented when using Google’s new adtech. As cited in Google’s own report to the CMA, User-Agent reduction and the deployment of User-Agent Client Hints makes websites load more slowly – about 50 ms on average using the First Contentful Paint metric, which informs site search ranking among other things.
Roswell also points to Article 26 of the EU Digital Services Act, which requires large online publishers to show data about advertisers to website visitors. Google’s Fenced Frames API, he claims, will prevent anyone other than Google from seeing that information.
Google’s Chavez describes a more cordial scenario in which the search biz “collaborate[s] with participants across the industry, as we reach the final stages of our journey to deprecate third-party cookies in Chrome, and improve privacy across the web for everyone.”
That may be overselling the ad industry’s enthusiasm about playing in Google’s Privacy Sandbox. ®