The announcement caused a stir in January: Google plans to make third-party cookies obsolete in its Chrome browser in the next two years, a move which echoes recent decisions from Safari and Firefox, and will pose a problem to publishers and advertising professionals. The web giant is looking for ways to conserve mechanisms that measure advertising effectiveness, and perhaps even sponsored messages, while also being less intrusive for users. This will be a balancing game for the browser, which is used by 64% of Internet users today!
What is Google’s “Privacy Sandbox” all about?
To reach its goal, Google is working on creating a secure browsing environment called Privacy Sandbox, which will allow the substitution of current advertising cookies with a technological tool, particularly with the use of anonymous signals that users leave in their browsers. This will first roll out for Chrome, but will eventually be available in an open source format for other browsers. Google thus hopes to avoid unsafe workarounds for users, such as fingerprinting.
The project was already revealed in August 2019 by Justin Schuh, Google’s Director of Chrome Engineering. On January 14 2020, Google published a new post on the topic on its Chromium blog, reiterating its commitment and promising to accomplish this huge goal by 2022. For now, Google is giving developers around the world the chance to discuss in open source via GitHub to find solutions – several options have already been explored.
More than just a simple way of increasing online security and data privacy, Privacy Sandbox could bring about a small revolution in how online advertising works. Google promises to define a newdata exchange protocol to ensure anonymity, for advertising purposes. France’s regulatory authority on data privacy, the CNIL, also indicate the disappearance of advertising cookies, which would eventually give Big Tech the upper hand:
But how does Google actually plan to replace third-party cookies?
To replace third-party cookies, Google will offer a range of APIs which will let publishers to continue developing targeted advertising and measuring their performance – while being privacy-compliant. This range of APIs has four main objectives: guaranteeing user anonymity, preventing ad fraud, allowing targeted advertising and measuring campaign performances.
In practice, guaranteeing anonymity means that events (clicks, impressions, navigation) that are today collected by advertising platforms will, in the future, be stored only by the browser in a black box, with highly restricted access.
Advertising interactions will take place under a set of instructions carried out locally by this black box, without any access to data details. The results of these operations will be aggregated by an infrastructure, which has yet to be defined, and reported only if the aggregation guarantees user anonymity – that is to say, if there is a large enough number of browsers with the same characteristics.
Most of the main marketing use cases would thus be covered, but only one aggregated reading of results will be possible: say goodbye to viewing results by user. This black box could also make local decisions specified by the platforms, without giving them access to the data. The idea is that all decisions will be made by the browser itself.
Google plans to integrate these different APIs incrementally between now and 2022, beginning with basic functions and followed by ad-hoc additional security measures to ensure user anonymity.
What will this actually change for users and digital professionals?
As far as the user experience is concerned, we must note that the new model for advertising interactions is first and foremost a technical response to privacy concerns. There’s a good chance that, even though users’ personal data will be better protected, the individual user web experience will be very similar to how it is today! Thus, even though users will be able to modify their targeted advertising preferences within their browsers, their perception of being targeted might not change.
As for advertising platforms, they will have much less information about users they are trying to target, because according to information supplied by Chrome in the Turtledove API, it is the browser itself that will compare advertiser bids to choose which ads to show, without transferring user data to the platforms. The advertiser can opt to show a given ad based on interest group and user preferences, but it is the browser that will have the last word on targeting. It can decide to show a contextual ad (depending on page visits) or a targeted ad (depending on the user profile) – but the browser will not share these choices with the ad network. The power balance will therefore considerably shift, in favor of the browser!
This new measure will require a fair amount of technical and technological transition from industry professionals to adapt all use cases that they usually operate. In any event, this is no small change and it will be essential to coordinate with a team of experts upstream.
Three key words to sum up the new measure called “Privacy Sandbox”: transparency, choice, and control, for safer user browsing by 2022. Will Google meet this challenge in just two years, simultaneously securing an almost-monopoly on the advertising performance measurement market? In responding to this question, we must not rule out the arrival of alternative browsers, the complexity of mechanisms for a hurried user, or even the habit shifts for advertising players, all of which is as-yet-unknown. Stay tuned!