5 MINUTE READ | July 28, 2021
The Cookieless Future: Google Updates Timeline for Google Privacy Sandbox Initiatives
Abby manages PMG's editorial & thought leadership program. As a writer, editor, and marketing communications strategist with nearly a decade of experience, Abby's work in showcasing PMG’s unique expertise through POVs, research reports, and thought leadership regularly informs business strategy and media investments for some of the most iconic brands in the world. Named among the AAF Dallas 32 Under 32, her expertise in advertising, media strategy, and consumer trends has been featured in Ad Age, Business Insider, and Digiday.
This summer, Google took the (advertising) world by surprise after announcing the company would delay its plans to phase out third-party cookies until late 2023. This week, Google provided an update on the progress being made across several Google Privacy Sandbox initiatives, including what the phase-out process will look like in the years to come.
Amid the industry-wide reckoning over consumer privacy and data security, Google began working on an open-source project known as the Privacy Sandbox in 2019. The idea for the Privacy Sandbox was to create a testing ground that allows commercial and private interests to work together in identifying the next generation of tracking solutions that are privacy-first and could eventually replace traditional identifiers like third-party cookies. Eighteen months later, the Google Privacy Sandbox comprises roughly 30 proposals that cover a wide range of use cases and requirements.
Earlier this year, the UK’s Competition and Markets Authority (CMA) announced it would launch a formal investigation into the Privacy Sandbox over suspected breaches of competition law. According to the CMA case overview, the investigation is concerned with “Google’s proposal to remove third-party cookies on Google Chrome and replace their functionality with a range of ‘Privacy Sandbox’ tools while transferring key functionality to Google Chrome.” In other words, since Google operates Google Chrome and a portfolio of digital advertising tools, the CMA remains concerned that any solution to come out of the Privacy Sandbox would give an advantage to Google’s other products and services.
After collaborating with the CMA, Google agreed to a set of commitments, which include:
Improving collaboration and consultation with industry experts and stakeholders
Upholding its commitment to not build alternate identifiers (i.e., to not give Google a data advantage for Google’s other products)
Ensuring that Google will not give preferential treatment or advantages to Google products (i.e., self-preferencing).
It’s likely that the involvement of governing bodies and vocal external stakeholders factored into Google’s decision to delay phasing out third-party cookies until 2023.
The most ambitious — and headline-grabbing— proposal introduced to date is known as Google’s Federated Learning of Cohorts (FLoC), which started with the idea that “groups of people with common interests could replace individual identifiers,” according to the Google Ads & Commerce blog. By clustering large groups of people with similar interests together, Google argued that FLoC could “provide an effective replacement signal for third-party cookies.” However, in the months since its release, the technology hasn’t been well-received by the industry as a viable alternative to third-party cookies, with tech partners ranging from Amazon to Github and Microsoft saying they would not implement FLoC. Similarly, interest groups like the Electronic Frontier Foundation (EFF) have argued that FLoC comes with its own privacy challenges, while one WordPress core contributor called it a security vulnerability.
Related: Just yesterday, Twitter removed support for Google FLoC.
It’s important to note that Google FLoC is going through the web standards process overseen by the World Wide Web Consortium (W3C). This process is intentionally designed to pressure-test solutions and solicit feedback, then make adjustments. Already, engineers at Mozilla have outlined a few ways that FLoC could be adapted to better protect user privacy. FLoC is just one of roughly 30 proposals that have been submitted to W3C to help transition the industry away from cookies.
“We are committed to making progress to protect people’s privacy on the web with the Privacy Sandbox,” Marshall Vale, product manager for Privacy Sandbox, told Casey Newton at Platformer. “The current FLoC proposal is in the very early origin trial phase to help us get feedback and understand how FLoC might be used so we can continue to improve its design. We fully expect to make changes and improvements that enhance privacy for FLoC as we iterate based on feedback from the web community.”
It’s been a few weeks since Google first announced it would be delaying the phase-out of third-party cookies until 2023, and just last week, Google released the first look at how the company is tracking against the initiatives that aim to replace third-party cookies.
See the full timeline on the Google blog.
The updated timeline provides improved transparency and rigor to the Privacy Sandbox, detailing the testing and adoption approach while dividing Google’s privacy-first initiatives into four primary categories:
Fight spam and fraud on the web
Show relevant content and ads
Measure digital ads
Strengthen cross-site privacy boundaries
In a blog post accompanying the timeline, Google clarified that third-party cookies would be phased out over a course of three months in Q2 2023, following nine months of monitoring adoption and soliciting feedback from the advertising and tech industries. For now, Trust Tokens is the only initiative in the open testing phase. More details can be found on the Privacy Sandbox resource page, but essentially, Trust Tokens is an API that helps to combat ad fraud and reduce bot traffic. More initiatives will enter the open testing phase in Q4 2021, including the Google Attribution Reporting API for measuring ad effectiveness, Google FLoC, and First Locally Executed Decision over Groups Experiment (FLEDGE) API. Similar to Google FLoC, FLEDGE is another way to offer targeted ads by tracking behavior using group-level tracking rather than user-level cookies.
Stay in touch
Subscribe to our newsletter
By clicking and subscribing, you agree to our Terms of Service and Privacy Policy
Though Google noted that proposals within the Privacy Sandbox are in various stages of development, and timelines may change, the added transparency will help advertisers understand how quickly — or slowly — Google is making progress against these key issues as it charts a new path to responsibly phasing out third-party cookies and supporting a privacy-first approach to the digital experience.