Privacy Sandbox

The Privacy Sandbox is an initiative led by Google to create web standards for websites to access user information without compromising privacy. Its core purpose is to facilitate online advertising by sharing a subset of user private information without the use of third-party cookies. The initiative includes a number of proposals, many of these proposals have bird-themed names which are changed once the corresponding feature reaches general availability. The technology include Topics API (formerly Federated Learning of Cohorts or FLoC), Protected Audience, Attribution Reporting, Private Aggregation, Shared Storage and Fenced Frames as well as other proposed technologies. The project was announced in August 2019.

On September 7, 2023, Google announced general availability of Privacy Sandbox APIs, naming explicitly Topics, Protected Audience, Attribution Reporting, Private Aggregation, Shared Storage and Fenced Frames, meaning these features were enabled for more than half of Google Chrome users. Privacy Sandbox features were also made available on Android around the same time.

The initiative has been described as anti-competitive and has generated an antitrust response due to concerns that the introduced proposals limit tracking through traditional methods and push advertisers to use Google as a middleman in order to show advertisements.

Proposals in the Privacy Sandbox follow the idea of k-anonymity and are based on advertising to groups of people called cohorts instead of tracking individuals. They generally place the web browser in control of the user's privacy, moving some of the data collection and processing that facilitates advertising onto the user's device itself. There are three focuses within the Privacy Sandbox initiative: replacing the functionality of cross-site tracking, removing third-party cookies, and mitigating the risk of device fingerprinting.

In January 2020, Google invited advertising technology companies to join the Improving Web Advertising Business Group (IWABG) of the World Wide Web Consortium (W3C) as a way to participate in the proposal process for the Privacy Sandbox.

On March 31, 2022, Google announced the start of a single origin trial, for the Topics, FLEDGE and Attribution Reporting APIs. It allows sites to run unified experiments across the APIs.

In October 2022 RTB House published its findings of actively testing FLEDGE by adding users to interest groups. Google and Criteo, also ran tests. The report highlighted that, while positive, the FLEDGE origin trials were limited in scope. It noted that a number of essential features of FLEDGE, specifically k-anonymity requirements, were not available for testing, and will require adjustments after industry feedback.

The scale of tests is increasing. Google Chrome aims to dedicate H1 of 2023 to developer testing, and make FLEDGE available for the entirety of Chrome users in H2 of 2023.

In November 2022 the Competition and Markets Authority released a report on Google’s quantitative testing of its Sandbox technologies that highlighted the importance of the industry adopting a common testing framework so that performance tests can be conducted more widely across multiple testing entities. Google is developing such a framework in cooperation with the CMA and is seeking to drive engagement with market participants on the design of testing between now and at least the beginning of General Availability in Q3 2023.

Google's proposals during Privacy Sandbox surrounding privacy preserving ads have garnered significant pushback. Concerns have been raised that the proposals are anticompetitive and privacy compromising. Google's initial proposal for privacy preserving ads under the Privacy Sandbox umbrella (codenamed FLoC) received significant opposition from browser vendors. Mozilla, the company that makes Firefox, released a statement committing to not implementing FLoC or other related web advertising proposals. Apple, the makers of Safari took a negative position against the proposal. Chromium derivatives like Brave, Vivaldi and Microsoft Edge disabled the feature by default on their browsers. Concerns were raised that the FLoC's proposal could allow websites to track users in new ways that were previously not possible through third-party cookies, the technology that FLoC was meant to replace. Multiple media outlets and privacy advocacy groups criticised Google's decision to enable the feature by default for all users during the testing phase. This led to Google to withdrawing the proposal in early 2022.

Google's replacement for FLoC, known as the Topics API, faced similar criticism from various groups. Mozilla pointed out flaws in the Topics API's design, highlighting that it could allow large advertising networks to reidentify and track users by aggregating their interests across numerous websites. Apple echoed similar concerns, also noting that the proposal contradicted efforts made by other browsers to partition data on a per-site basis. Furthermore, when the proposal was initially announced, there were uncertainties about how Google or other browser vendors would establish a taxonomy of topics, a critical aspect of the API that was left underspecified. Alongside the Topics API, Google's other proposals within the Privacy Sandbox, such as Client Hints, have also sparked significant privacy concerns among other browsers. These concerns primarily revolved around the potential for Client Hints to expand the surface area for passive fingerprinting on browsers.

Due to Google's ownership of the browser with the largest market share, concerns have been raised about the anticompetitive nature of its proposals. Consequently, in January 2021, the Competition and Markets Authority (CMA) in the United Kingdom announced plans to investigate the Privacy Sandbox initiative, with a focus on its potential impacts on both publishers and users. CMA subsequently accepted legally binding commitments offered by Google concerning its proposals to remove third party cookies on Chrome and develop the Privacy Sandbox. The formal acceptance of these commitments by the CMA resulted in the closure of the investigation, with no decision on whether the Competition Act 1998 was infringed. CMA reported that Google was complying with its legally-binding commitments between July 2022 and September 2022. In March 2021, 15 attorneys general of U.S. states and Puerto Rico amended an antitrust complaint filed the previous December; the updated complaint says that Google Chrome's phase-out of third-party cookies in 2022 will "disable the primary cookie-tracking technology almost all non-Google publishers currently use to track users and target ads. Then [...] Chrome, will offer [...] new and alternative tracking mechanisms [...] dubbed Privacy Sandbox. Overall, the changes are anticompetitive". The lawsuit suggests that the proposed changes in the Privacy Sandbox would effectively require advertisers to use Google as a middleman in order to advertise.

• Official website