Google's Privacy Sandbox Explained
Google's Privacy Sandbox is an initiative designed to protect user privacy while keeping the ad-supported web functional. Built on privacy-enhancing technologies, it aims to deliver effective ad targeting and campaign measurement without relying on third-party cookies.
Key Points
- Google's Privacy Sandbox is a set of open standards that strengthen online privacy while supporting digital advertising businesses and ad-supported websites.
- Chrome developed Privacy Sandbox to address the privacy problems associated with third-party cookies. Google originally planned to phase out those cookies in tandem with the Privacy Sandbox rollout, but reversed course and will instead introduce a browser-level mechanism letting users choose whether to allow or decline cookies.
- The main advertising standards within Privacy Sandbox are the Private Aggregation API, Attribution Reporting API, Topics API, and Protected Audience API (PAAPI).
What Is Google's Privacy Sandbox?
In the AdTech context, Google's Privacy Sandbox is an initiative that provides an alternative path for delivering targeted ads and measuring ad campaign performance. It comprises several standards built on privacy-enhancing technologies — including differential privacy and on-device processing — that carry out core programmatic advertising processes while strengthening user privacy.
Each proposal in the Privacy Sandbox goes through a structured testing process before adoption. The W3C Improving Web Advertising Business Group, working in collaboration with Chrome, AdTech companies, agencies, publishers, and Google's advertising teams, develops and evaluates these new privacy standards.
Since Privacy Sandbox was introduced in 2019, some standards have been partially revised, some proposals have been closed, and others have moved forward largely as originally designed.
Why Google Created Privacy Sandbox
The General Data Protection Regulation (GDPR), introduced in 2018, brought privacy concerns around data collection into sharp focus and accelerated demand for more privacy-conscious approaches. Privacy Sandbox is Google's structural response to that pressure.
Beyond the GDPR and other privacy regulations, major browser vendors also moved to tighten their own privacy policies. In the same year the GDPR came into effect, Safari and Firefox began restricting cross-site identification. Critically, neither browser offered any replacement mechanism — they simply removed cross-site tracking capabilities for publishers and media buyers without providing an alternative.
Alphabet, Google's parent company, generates the majority of its revenue from advertising. Allowing Chrome to continue supporting third-party cookies preserves that revenue stream. Rather than follow Safari and Firefox in outright blocking those cookies, Alphabet chose to find a middle ground: reduce cross-site tracking while offering a viable alternative — primarily to satisfy the growing demands of privacy advocates, regulators, and users.
Chrome's first step was introducing the SameSite attribute, which required website developers and AdTech companies to explicitly declare third-party cookies with SameSite=None. This change made it easier for users to block and remove those cookies — but it wasn't sufficient on its own. In 2019, Chrome moved further and developed the Privacy Sandbox as a broader set of open standards.
Google had originally planned to phase out third-party cookies in parallel with rolling out Privacy Sandbox, but reversed that plan and will instead introduce a user-facing option to allow or decline cookies from their browser.
The Goals of Privacy Sandbox
From a technical standpoint, Privacy Sandbox has three primary objectives:
- Replace cross-site tracking mechanisms that currently rely on third-party cookies.
- Introduce a mechanism that allows users to choose whether to allow tracking or not.
- Address covert tracking techniques, such as fingerprinting.
Privacy Sandbox applies a privacy-first design philosophy, using techniques like federated learning and differential privacy to enable targeted advertising without tracking individual user behaviour across websites. It also reduces the risk of large-scale data breaches by keeping data stored locally on the user's device through decentralized data handling.
Why Privacy Sandbox Matters to the AdTech Industry
Privacy Sandbox aims to move advertising processes into a controlled environment — a significant departure from how those activities currently operate. The intent is to strike a balance between user privacy and the needs of an ad-supported web, addressing concerns from users, privacy advocates, and regulators alike.
By promoting contextual targeting, Privacy Sandbox shifts focus from individual user behaviour to the content of the page being viewed. In practical terms, it represents an effort to establish new privacy-friendly standards for digital advertising at web scale.
The Key Advertising Standards in Privacy Sandbox
Privacy Sandbox encompasses several standards aimed at:
- Strengthening cross-site privacy boundaries
- Showing relevant content and ads
- Measuring digital advertising
- Preventing covert tracking
- Combating spam and fraud on the web
The standards most relevant to the AdTech industry are:
- Private Aggregation API — cross-site data reporting
- Attribution Reporting API — ad campaign effectiveness measurement
- Topics API (initially FLoC) — interest-based advertising
- Protected Audience API (initially TURTLEDOVE, then FLEDGE) — remarketing
Private Aggregation API
This API focuses on aggregating and reporting cross-site data in a privacy-preserving way. Developers can create aggregate data reports using the Private Aggregation API, drawing on data from the Protected Audience API and cross-site data from Shared Storage.
As of 2024, the API performs one operation — sendHistogramReport() — which allows marketers to gather data across users using defined aggregation keys. This operation returns a noised aggregated result in the form of a summary report. Individual users cannot be linked to any result.
As a practical example: drawing on Shared Storage demographic and geographic data, a marketer could generate a histogram showing the approximate number of users in a particular location who have seen their ads across different websites.
Additional operations may be supported by this API in future.
Attribution Reporting API
The Attribution Reporting API enables advertisers and AdTech providers to measure conversions without relying on third-party cookies.
Measurable conversions include:
- Ad clicks and views.
- Ads in a third-party iframe, such as those on a publisher site using a third-party AdTech provider.
- Ads in a first-party context — for example, ads on a social network or search engine results page, or a publisher serving their own ads.
Private Aggregation API vs. Attribution Reporting API
The two APIs serve related but distinct purposes. The Private Aggregation API is designed for cross-site measurements, working alongside APIs like the Protected Audience API and Shared Storage to evaluate unified, cross-site events. The Attribution Reporting API operates independently, measuring conversions by correlating data from separate impression and conversion events.
Topics API (initially FLoC)
Google's interest-based advertising standard went through one major evolution before reaching its current form. The original experiment — Federated Learning of Cohorts (FLoC) — grouped users into cohorts based on similar browsing patterns, avoiding individual-level tracking. Despite its privacy goals, FLoC drew significant criticism and was eventually shut down and replaced.
Federated Learning of Cohorts (FLoC): An experimental technology that clustered users by browsing patterns to enable targeted advertising without individual tracking. Privacy concerns led to its discontinuation.
Topics API: Replaced FLoC, using broader interest categories rather than detailed individual profiles. This approach enables personalized advertising without the extensive tracking that cohort-based systems required.
Protected Audience API (initially TURTLEDOVE and FLEDGE)
Protected Audience API (PAAPI) evolved through several iterations, incorporating proposals from multiple industry participants along the way.
TURTLEDOVE: The original remarketing standard in Privacy Sandbox. It was designed so that details about user interests were stored by the browser rather than the advertiser, preventing interests from being linked to personal identifying information. TURTLEDOVE was later renamed FLEDGE.
FLEDGE: An early prototype of ad serving within TURTLEDOVE's framework, incorporating proposals from independent AdTech companies and Chrome itself.
Key components folded into FLEDGE included:
- Criteo's SPARROW proposal: Enabled frequency capping, A/B testing, and optimization via a third-party server.
- Chrome's Dovekey: Introduced a third-party key-value server for handling bidding and auction processes.
- Chrome's Fenced Frames: Allowed ads to load on a web page without revealing which ad was being displayed to the rest of the page.
- NextRoll's TERN: Improved TURTLEDOVE by giving publishers more control over auction dynamics and encouraging second-price auctions.
- Magnite's PARROT: Gave publishers control over auction decisioning using Fenced Frames.
In 2023, FLEDGE was renamed to Protected Audience API to better reflect the standard's primary purpose.
How Key Programmatic Advertising Processes Work in Privacy Sandbox
Ad Targeting
The Topics API observes and records topics of user interest based on online activity, with the entire process running on the user's device within the browser. Advertisers and ad platforms can access these topics without learning anything else about the user's browsing history.
Topics are organized into publicly curated lists — such as Arts & Entertainment or Business & Industrial — that are regularly updated. Chrome's test list excludes sensitive categories like race or sexual orientation.
For the top 50,000 websites, Chrome manually maps site names to topics. For all other sites, a machine learning model infers topics from site names.
This is how the Topics API works:
Frequency Capping
Frequency capping limits how many times a given user sees the same ad within a defined timeframe — for example, 10 impressions over 24 hours. The Protected Audience API handles frequency capping by storing counts of ad events on-device and filtering ads based on preset rules.
Each device, ad technology, and ad type maintains its own counts. Ads need specific code to track views or clicks, and the Protected Audience API updates those counts when interactions occur, storing them on-device for a set period.
When selecting ads, the Protected Audience API weighs these counts alongside other factors like retargeting parameters and context, ensuring frequency capping applies consistently across all ad requests.
Measurement and Attribution
Within Privacy Sandbox, advertisers can measure events and correlate them with conversions through two report types.
Event-level reports: The browser links clicks or views to conversion data set by an ad technology, then sends these reports to a designated destination with some delay and added noise, preventing any cross-site identity connection.
Summary reports: These aggregate data across a group of users without linking it to individuals. They provide detailed conversion data — such as purchase amounts and cart contents — along with click and view data. Summary reports are less delayed than event-level reports.
Frequently Asked Questions About Google's Privacy Sandbox
Why are some people criticizing Google's Privacy Sandbox?
Privacy advocates, the IAB Tech Lab, and the broader programmatic advertising industry have raised concerns about Privacy Sandbox across several dimensions: advertising effectiveness, media measurement, brand safety, and transparency.
According to the IAB Tech Lab's gap analysis report, Privacy Sandbox would severely inhibit many current forms of digital advertising. A central concern is the loss of runtime data, which could create significant brand safety problems.
The IAB Tech Lab also argues that the transition to Privacy Sandbox would require major infrastructural changes and could negatively affect AdTech companies, publishers, and advertisers.
On the competitive front, Google's dominant position in digital advertising raises antitrust concerns. Critics argue that Privacy Sandbox could further consolidate Google's control over online advertising by centralizing data and targeting tools within its own ecosystem, potentially stifling competition and innovation from other players.
What are the pros and cons of Google's Privacy Sandbox?
Pros:
- Privacy Sandbox improves user trust and supports compliance with privacy regulations by reducing cross-site tracking and providing more transparent user controls.
- It offers technologies that enable targeted advertising while preserving user privacy.
Cons:
- Google's control over Privacy Sandbox standards could reinforce its market position, potentially disadvantaging smaller AdTech firms and publishers. This is one of the areas currently under investigation by the UK's Competition and Markets Authority (CMA).
- There are genuine doubts about whether Privacy Sandbox technologies can effectively balance privacy and advertising needs, leading to scepticism among AdTech stakeholders.
- Publishers, AdTech companies, and advertisers all need to adapt before Privacy Sandbox is fully operational. Publishers need to build addressable audiences, AdTech vendors need to update their technology stacks, and advertisers need to review publisher relationships with a greater emphasis on first-party data.
Will Google use Privacy Sandbox in its own advertising platforms (e.g., DV360)?
Google hasn't provided a definitive timeline for when a UI for testing Privacy Sandbox on DV360 might be made available. However, the company has stated that buyers don't need to take direct action to test within Google ad platforms.
Instead, Google conducts scaled testing for the buy-side using global traffic slices to generate learnings applicable to its entire customer base. Other AdTech firms are also testing Privacy Sandbox, providing buy-side participants with testing opportunities even where DV360 doesn't directly facilitate them.
Is Privacy Sandbox effective for reaching target audiences and maintaining high CPMs?
Privacy Sandbox may limit the ability to reach target audiences precisely or sustain high CPMs for two main reasons:
- Lack of 1-to-1 identification: Advertisers will not be able to identify their target audience at the individual level and serve perfectly matched ads.
- Ad campaign performance accuracy: Campaign effectiveness will be less precise due to reduced ability to connect ad views and clicks to specific conversions.
Is Privacy Sandbox only available in Chrome, or does it extend to Android as well?
Privacy Sandbox functionalities are being rolled out across both Chrome and Android-powered devices. The goal is to phase out third-party cookies in Chrome and mobile advertising IDs on Android to limit cross-site and cross-app tracking and strengthen user privacy.
What role does the UK's Competition and Markets Authority (CMA) play in the Privacy Sandbox rollout?
The UK's Competition and Markets Authority (CMA) is actively investigating Google's Privacy Sandbox proposals to ensure they don't disrupt competition. The CMA's inquiry addresses both privacy concerns and the potential impact on publishers and the broader digital advertising market.
Will Privacy Sandbox be available in other browsers like Safari, Firefox, and Edge?
In September 2017, Safari introduced Intelligent Tracking Prevention (ITP), a privacy feature that automatically blocks third-party cookies and restricts the duration of first-party cookies and local storage.
Firefox similarly launched Enhanced Tracking Protection (ETP), which blocks third-party cookies and device fingerprints by default.
Neither browser has announced plans to adopt Chrome's Privacy Sandbox. That said, the possibility hasn't been entirely ruled out as industry standards continue to evolve.