Google's first report on Privacy Sandbox hits UK watchdog's inbox
No 'reportable concerns' yet plenty of concerned feedback
As Google's self-imposed "late 2023" deadline to kill all third party cookies in its Chrome browser looms, the giant has handed in its first quarterly Privacy Sandbox report to the UK's competition regulator.
As a reminder, the Competition Market's Authority (CMA) took exception to Google's Privacy Sandbox cookie cull amid worries on several fronts that the project might shut out competing ad companies in favor of the search giant.
Against a backdrop of added scrutiny from lawmakers and regulators in the US, Europe, and the UK at a time when Google faces broad antitrust scrutiny and litigation, the search giant made a number of commitments to the UK's CMA, one of which was a regular report on progress with its Privacy Sandbox proposals.
The first quarterly report covering February 11 to May 16 was published this week, and says ING Bank, the Monitoring Trustee, "has not identified any reportable concerns to the CMA."
Google's compliance commitments relate to its use of data, discrimination, and circumvention.
- Google's FLoC flopped, boffins claim, because it failed to provide promised privacy
- Google starts testing fenced frames to guard its Privacy Sandbox
- Google resumes shoveling stuff into its 'Privacy Sandbox'
- Google expands Privacy Sandbox to Android
The report, a 20-page PDF, details how Google is taking account of third-party observations, provides timing updates, and summarizes interactions between the CMA and Google.
The timeline for Q1 2022 includes the addition of the Topics API. As for observations, discussions between the Chrome team and interested parties included questions around API availability for testing and traffic levels.
The testing theme continued into a section headed "Google's Interactions with the CMA". In this the CMA noted stakeholder concerns and a potential lack of understanding regarding functional testing of APIs and a suggestion that Google's Ads business might: "benefit from internal testing on the impact of the Privacy Sandbox tools before these are announced to the market."
Awkward. At Chrome summit, developer asks: Why should anyone trust Google?READ MORE
There are plenty of concerns raised from third parties in the doc, including at least five from stakeholders around First Party Sets (FPS), a proposal where multiple domains owned by the same entity – eg google.com, google.co.uk, and youtube.com – would be grouped into sets which "allow related domain names to declare themselves as the same first-party."
The report shows Google is complying with the commitments made to the CMA around its Privacy Sandbox. The next report is due in July (along with another from ING Bank) and the CMA remains keen for third parties concerned about the proposals to get in touch. ®