Google has officially begun to roll out its new advertising platform, the Privacy Sandbox, in its Chrome web browser, nearly four months after the tech giant announced its plans back in July. This new interest-based advertising platform is an initiative taken by Google to reduce third-party interference in their users.
Initially, the search giant plans to roll out the technology for around three percent of users to conduct sufficient tests. Those users will be met with an alert titled “Enhanced ad privacy in Chrome” that briefly describes the new ad platform when starting the new Google Chrome browser platform. This new privacy feature alert reads:
We’re launching new privacy features that give you more choice over the ads you see. Chrome notes topics of interest based on your recent browsing history. Also, the sites you visit can determine what you like. Later, sites can ask for this information to show you personalized ads. You can choose which topics and sites are used to show you ads.”
The Privacy Sandbox is a two-step project for the web and Android to provide relevant and accessible content and ads in a privacy-friendly manner. While Google promises this to be a step towards ensuring user privacy, the feature has attracted lots of controversy, with many people calling it “invasive” in terms of privacy.
What is Google’s Privacy Sandbox?
Privacy Sandbox is an umbrella term by Google for a set of technologies designed to eliminate third-party tracking cookies and reduce cross-site and cross-app tracking. This technology will “support developers in conducting real-world experiments that assess the readiness and effectiveness of their products without third-party cookies,” said Anthony Chaves, vice president of Privacy Sandbox at Google.
This new advertising platform is designed to help users maintain privacy while providing businesses with a method to present ads without unfair exploitation. In simpler terms, Google uses the Privacy Sandbox to create a more private method for tracking user’s interest in advertising.
Previously, advertisers relied on third-party cookies to harvest users’ interest through cross-site and cross-app tracking. However, with the advent of Privacy Sandbox, users’ interests will be directly available on the Google Chrome browser for advertisers to use.
These user interests will be available for the advertisers as a categorized list of anonymous data covering various subjects such as sports, beauty, technology, comics, etc. The list of interests will be computed from the user’s browsing history.
The advertisers can use the Privacy Sandbox by “requesting” the visitors’ or users’ interest to show the relevant ad. To further ensure user privacy, the Privacy Sandbox uses Oblivious HTTP Relays to transmit the data between the browser and the advertisers, which provides end-to-end encryption.
These relays help ensure user anonymity by preventing Google from associating users’ IP addresses to their interest data by removing every unnecessary request header from the connection. Moreover, Google promises to delete all the users’ computed interests each month and will continue to refresh unless the user removes them.
The Privacy Sandbox is broken up into three components, which are described below:
1. Ad Topics
It is the main component of the Privacy Sandbox, comprising the user’s topic of interest based on their recent browsing history. It is used to display personalized ads to users. These interests are generated when users visit many Google-associated sites related to a particular topic or category. Users can see and delete their generated interests and the sites that define them by going into Settings > Privacy & Security > Ad Privacy > Ad Topics.
2. Site-Suggested Ads
The sites a user visits can determine their likes, and they tell Chrome the type of advertisement that should be shown to the visitor. With the Privacy Sandbox, advertisers can request the user’s interest group to show them the suggested advertising. For example, any user who has visited a laptop repair website will see ads for laptops and laptop repair. Users can block the site that they don’t want to show ads by going into Settings > Privacy & Security > Ad Privacy > Site-suggested ads.
3. Ad Measurement
This component allows sites and advertisers to determine the performance of their advertisements by storing data within the web browser, which is later shared with the other sites the user visits. This data mainly comprises the time of day an ad was shown, whether the ad was viewed or clicked, and how the ad was displayed. As per Google, this ad measurement data is regularly deleted from the user’s device, and the browsing history remains private. In simpler terms, here, Google has merely rebranded marketing for the users to ensure they are in control of their privacy.
Google plans to test the Privacy Sandbox feature throughout Q1 2024 with 1% of third-party cookies depreciation, which will be entirely disabled by default from Q4 2024. Google Chrome is one of the dominant web browsers in the market, with more than 60% market share, but it has been the last in line to disable third-party cookies since its rivals Safari and Firefox have been blocking third-party cookies for a while now.
Given that Google is a significant driver of web traffic, advertisers and developers are worried about implementing the new solution. The company, therefore, made the API public in July for developers to test the new Privacy Sandbox environment. Google has also clarified its intention on rolling out a simulation environment for developers to adjust to a cookie-less future.
As of now, since Google is rolling out the Privacy Sandbox feature, users are welcomed with the following alert, which interestingly only has “Got it” and “Settings” buttons, implying that the Privacy Sandbox has to be enabled regardless of the button a user clicks on.
Are third-party cookies the reason?
The advent of the Privacy Sandbox takes root from third-party cookies, which are browser cookies created by a web domain other than the website you are currently visiting. Initially, these cookies were called first-party cookies and were created in 1994 for web pages to remember user passwords, preferences, language settings, and even shopping carts.
This method of information exchange between a user and a website was private and secure. However, advertisers soon hacked the idea to create third-party cookies which exploited user privacy.
These cookies are usually dropped by tracking scripts and advertisements to track users on other sites using code from the same third-party domain. These were designed to help advertisers determine a user’s topic of interest, purchases, and browsing habits to create better-targeted advertisements and improve business.
This continued covertly until the European Union’s General Data Protection Regulation Act made it mandatory to limit the use of third-party cookies without the user’s permission in 2018. This led to websites bombarding users with constant cookie messages.
Soon, browsers also started taking initiatives in blocking third-party cookies, starting with Firefox in 2019, followed by Safari in 2020, giving a massive blow to advertisers. With Google being the largest, it has tried to overcome the decreasing use of third-party cookies by providing internet-based advertising through the FLoC platform (Federated Learning of Cohorts). This platform has now morphed into a critical feature of Privacy Sandbox Topics. While there seems to be a vast difference between Privacy Sandbox and third-party cookies, there are only a few differing features, such as:
- Instead of third-party cookies, Chrome will now provide Advertising topics summaries of user browsing data collected within the browser that companies can access to send target advertisements.
- It has a feature known as Protected Audience, which can serve users ads for remarketing, which will be based on Chrome’s collected tracking data of the sites a user visits.
- Chrome has introduced the Attribution Reporting feature that gathers data on users’ ad clicks.
Simply put, Google has stopped third-party cookies from spying and instead enabled tracking features directly within Chrome.
How to disable the Privacy Sandbox
For anyone who does not wish to use Google’s Privacy Sandbox, they can easily disable it in Google Chrome using the following steps:
1. Go to Settings > Privacy & security > Ad privacy which will show you a screen showing individual features.
2. Individually go to each feature that is Ad Topics, Site-suggested ads, and Ad measurement and toggle them off.
3. Once all three options are disabled the Privacy Sandbox feature will be disabled entirely.
Final Words – Is Privacy Sandbox really serving privacy?
Although Google is rolling out the new Privacy Sandbox labelled as an attempt to enable better user privacy, the question remains whether it is all just a facade or even accurate. It is no news that Google is the only and the largest platform that provides third-party cookies for revenue, and when Safari blocked third-party cookies, Google faced a blow to its revenue. After that, to secure its advertising business and ensure privacy, Google had to introduce an alternative to tracking, which it released in the form of FLoC.
For Google, there has to be a spying platform. The FLoC was also met with much criticism, with the Electronic Frontier Foundation labelling it as a “terrible idea,” saying,
[Google’s] framing is based on a false premise that we have to choose between ‘old tracking’ and ‘new tracking.’ It’s not either-or. Instead of re-inventing the tracking wheel, we should imagine a better world without the myriad problems of targeted ads.
Electronic Frontier Foundation
With the Privacy Sandbox, the idea is somewhat similar, as now Google has all the rights to track. Even though the third-party cookies are now blocked, Google is still tracking and collecting data to profit off your online activities.
I’m actually confused. I still don’t understand what this is really all about and how it affects our browsing experience.
All this seems to be a lot of noise and for most people, perhaps even overthinking this. I’m pretty sure it’ll all just fly over most people’s heads. There’s no mention in the blog how his sandbox impacts extensions like Adguard and U-Block. I guess redditors will have an answer, eventually. I’m not going to concern with this fluff.
Hi @Shigraf Aijaz,
That was a very well written article!
There was a lot to inform about in the subject and it was very clearly and succinctly put.
The article was fair and balanced discussion of a contentious matter.
Well done!
Sven, will this change or impact persons who don’t use chrome browser?
welcome Shigraf to the Restore Privacy team!
– a follower of Restore Privacy for a couple years now
(hopefully a Mullvad VPN review is coming)
The Mullvad review is live.