Analysis Google on Monday said it will make some of its Privacy Sandbox proposals available for testing with the release of Chrome 89 in March as part of its effort to rewire the technical infrastructure of online advertising.
The planned privacy defenses aren't entirely ready yet, but should be, eventually.
"Advertising is essential to keeping the web open for everyone, but the web ecosystem is at risk if privacy practices do not keep up with changing expectations," said Chetna Bindra, group product manager for user trust and privacy, at Google in a blog post.
It's not simply changing expectations that Google and other ad companies are worried about. It's that competing browser makers began blocking third-party cookies by default and regulators made it clear they want online privacy improvements.
Third-party cookies – sent to a web browser by a website other than the one visited – pose various privacy problems. For example, they may allow individuals to be personally identified and tracked across different websites. After other browser makers like Apple, Brave, Microsoft, and Mozilla all took steps to block third-party cookies, Google last year committed to getting rid of third-party cookies by 2022.
But ad companies have not lost their interest in tracking internet users, in order to serve them ads tailored to their supposed interests. That's where Chromium's Privacy Sandbox comes in.
UK watchdog sniffs around Google Chrome's Privacy Sandbox as it may give Choc Factory all the sweetiesREAD MORE
Google's cookie banishment plan followed shortly after its Privacy Sandbox announcement, a set of proposals since augmented with suggestions from other ad tech firms – there have been about 30 of them to date – that redefine how online ads get auctioned and how behavioral ad targeting can work without the privacy risks.
Chrome 89 will trial one such Privacy Sandbox scheme, Google's Federated Learning of Cohorts (FloC) algorithm. This can be enabled in a so-called origin trial in the browser, requiring an explicit opt-in to try it out. FloC is a way of grouping people together in interest groups – so ads related to those interests can be served. It's an alternative to tracking individuals and deriving interest data from their specific online interactions. And in Q2 2021, FloC cohorts, or interest groups, will be available for testing with Google Ads.
Google has evaluated FloC and believes it can deliver 95 per cent of the ad revenue available through the use of third-party cookies. Such cookies, according to Google, generate 52 per cent more revenue [PDF] for publishers than ads served without cookie-based targeting, though academic researchers contend [PDF] the revenue premium is more like four per cent.
FloC is intended to be used in conjunction with another Privacy Sandbox proposal, FLEDGE proposal, which stands for the First Locally-Executed Decision over Groups Experiment. FLEDGE, for which there's expected to be an origin trial later this year, is an expansion on TURTLEDOVE, a mechanism for auctioning online ad space mostly within the browser but also with a trusted third-party server.
As the FLEDGE GitHub repo points out, privacy remains a work-in-progress. "This still lacks some features that are important for web advertising, and lacks some privacy protections that are important for preventing cross-site tracking," the documentation explains.
If Google continues to share user data haphazardly before and after auctions ... Google will soon be facing not only fines and investigations in Europe, but before too long, those same investigations will be underway in the US
The Privacy Sandbox does actually contain some potential privacy improvements, such as a scheme to combat browser fingerprinting called Gnatcatcher that hides people's IP addresses from advertisers while maintaining its availability for online abuse prevention.
Other implementations of Privacy Sandbox technologies are also on their way, including Chrome 89 origin trials for First Party Sets and Trust Tokens. Google's plan for providing less information in the browser User-Agent string, dubbed User-Agent Client Hints, is expected in the Chrome stable channel shortly.
To its credit, Google plans to provide Chrome users with tools to configure Privacy Sandbox tech, at least to some extent. "With the Chrome 90 release in April, we’ll be releasing the first controls for the Privacy Sandbox (first, a simple on/off), and we plan to expand on these controls in future Chrome releases, as more proposals reach the origin trial stage, and we receive more feedback from end users and industry," said Justin Schuh, director of Chrome engineering, in a blog post.
Zach Edwards, co-founder of web analytics biz Victory Medium, told The Register that Google's goal at the moment is to prepare for January 1, 2023, which is when the California Privacy Rights Act of 2020 (CPRA) takes effect, and for any similar state or federal data privacy laws that implement GDPR-style consent for any data controllers to share user data with data processors. The CPRA expands upon the California Consumer Privacy Act (CCPA), which took effect in 2020, and makes the state's privacy regime more like Europe's.
"If Google ignores their data controller requirements in their advertising auctions, and continues to share user data haphazardly before and after auctions with a wide variety of companies in their Authorized Buyers ecosystem, then Google will soon be facing not only fines and investigations in Europe, but before too long, those same investigations will be underway in the US as new protections for sharing user data come online," said Edwards.
As browser rivals block third-party tracking, Google pitches 'Privacy Sandbox' peace planREAD MORE
At the same time, the Privacy Sandbox is bigger than Google or its Chrome browser; it extends to other Chromium-based browsers and it will affect all the ad tech companies engaged with the web ecosystem.
"Chromium is an open source data controller – the largest data controller in the world," Edwards argued, pointing to competing browsers based on Chromium code like Microsoft Edge and Brave.
While Microsoft has not come out publicly in support of FloC or other Privacy Sandbox tech, Edwards argues the Windows biz is already on-board because FloC has been baked into the Chromium codebase.
A developer familiar with Microsoft's plans told The Register that the Windows giant is watching the technology closely and in general agrees that there are ways to improve user privacy while also supporting the monetization model that keeps content from being squirreled away in paywalled gardens.
Edwards dismissed concerns about the antitrust implications of the Privacy Sandbox. "Certain groups of ad tech just want to keep access to an unsafe form of cross site user data, and are hoping that their lobbying in the press and weak regional pressure in the UK will somehow affect that change," he said.
There are publishers, he said, who believe they can generate more money using current illegal data flows, where user data gets traded in defiance of privacy laws. But he argues they're "merely putting a dead horse in front of their cart" because their shady data supply chain will harm the products they hope to sell and increase the chance of legal consequences.
"I support any advertising sandboxes that break 1:1 user tracking in favor of safe group cohorts, as long as that effort honestly and openly looks at side channel exfiltration risks from both Google/data controllers, and also the data processors ingesting data via that system," Edwards said. ®