As time goes on, consumers are becoming even more skeptical about how their personal information is collected and used. In a recent KPMG survey, 86% of respondents said they feel a growing concern about data privacy, while 78% expressed fears about the amount of data collected.
Yet, user privacy concerns are nothing new. Over the past decade, the number of data breaches in the U.S. has skyrocketed. As a result, businesses are taking steps to protect user privacy. That’s one reason Google decided to eliminate third-party cookies and introduce Privacy Sandbox. Let’s look at what Privacy Sandbox is and how it impacts your business.
- In response to concerns regarding user privacy, Google created Privacy Sandbox.
- Google’s goals for Privacy Sandbox aim to build new technology for keeping user data private.
- Google is considering TURTLEDOVE, SPARROW, and Dovekey, among others, as potential solutions.
What is Privacy Sandbox?
Privacy Sandbox is a project led by Google to create web standards that allow access to user information without compromising privacy. Privacy Sandbox proposals are based on advertising through cohorts rather than individuals. They place the web browser in control of user privacy and move some data collection and processing that supports advertising onto the user’s device. By putting boundaries around how advertisers interact with and utilize data, Privacy Sandbox is designed to keep user data more secure.
What are the goals of Privacy Sandbox?
The goal of Privacy Sandbox is to develop a set of open standards to enhance privacy on the web. In addition, third-party cookies are replaced by multiple application programming interfaces (APIs). Instead of leaving the users’ devices, these APIs will process and store data at the browser level. This solution provides more security and privacy to users but still allows advertisers to utilize a more controlled environment for targeting and measurement.
Ultimately, Google hopes to:
- Build new technology to keep user data private
- Allow developers and publishers to keep online content free
- Team up with the industry to build new internet privacy standards
Potential Privacy Sandbox solutions
Here is a summary of the potential solutions Google is considering as part of the Privacy Sandbox:
Federated Learning of Cohorts (FLoC)
Federated Learning of Cohorts is a way for browsers to continue allowing interest-based advertising on the web. Instead of observing users’ browsing behavior, companies observe the behavior of a cohort of similar people. In January of 2022, Google withdrew the FLoC proposal following strong criticism from privacy and antitrust advocates and was replaced with Google’s Topics API proposal.
“TURTLEDOVE” stands for Two Uncorrelated Requests, Then Locally-Executed Decision On Victory. It’s one of the solutions that can make retargeting possible after the third-party cookie is phased out. However, while it seems to solve some key privacy-related issues, it fails to provide a clear idea around how it would address frequency capping, A/B testing, or brand safety. As a result, TURTLEDOVE eventually evolved into the FLEDGE proposal.
FLEDGE stands for First Locally-Executed Decision over Groups Experiment. An evolution of TURTLEDOVE, this solution supports retargeting. The purpose is to allow remarketing to specific cohorts of users without allowing third parties to track browsing behavior across sites. Google opened initial trials for FLEDGE on March 31, 2022.
Given the limitations with TURTLEDOVE, Criteo, a French ad tech company, created another proposal. It’s called SPARROW, which stands for Secure Private Advertising Remotely Run On Webserver. This solution builds on TURTLEDOVE while introducing additional capabilities to protect users and ensure advertisers function more freely and transparently. SPARROW is currently being considered as an alternative to FLEDGE.
The Google Ads team responded to SPARROW with DOVEKEY. DOVEKEY addresses many of the same use cases as SPARROW while also alleviating the need for the ad tech industry to re-implement bidding models and auction logic into another server. DOVEKEY is being considered an alternative to SPARROW.
PARRROT stands for Publisher Auction Responsibility Retention Revision of TurtleDove. It aims to uphold the privacy goals of TURTLEDOVE while moving the auction decisioning back to the publisher side. In simple terms, PARRROT is an attempt to re-create header bidding under the framework of the Privacy Sandbox. This solution would be an alternative to FLEDGE.
PeLICAn stands for Private Learning and Interference for Causal Attribution. Rather than provide a fully-baked solution, the initial purpose of PeLICAn is to raise awareness around what a privacy-safe multi-touch analytics system could look like for Chrome without being able to use third-party cookies. This proposal is still being considered.
Privacy Sandbox goes mobile
Privacy Sandbox isn’t just focusing on desktop environments. Recently, Google announced an initiative to build the Privacy Sandbox on Android. The goal is to offer new, more private advertising solutions that limit sharing user data with third parties. It also operates without cross-app identifiers, including advertising ID. Google is also exploring solutions that reduce the potential for covert data collection, including safer ways for apps to integrate with advertising software development kits.
Concerns with Privacy Sandbox
Privacy Sandbox has sparked antitrust and anti-competitive concerns across the ad tech ecosystem. In a bold move, U.S. state attorneys general filed a complaint against Google, claiming that the Privacy Sandbox attempts to disadvantage ad competitors by eliminating access to detailed information about consumer web-behavior. The overarching concern is that Google uses privacy to take control of all identifiers and cut off third-party participants.
While many Privacy Sandbox proposals are being evaluated, the initiative is ongoing. According to Google, over 30 different proposals have been introduced, with many more to come. Now that we are moving to a future without third-party cookies, it’s critical to create a sustainable first-party data strategy.
Cardlytics can help you gain a competitive advantage because user privacy has always been central to our DNA. And, through our partnerships with banks, we have insight into actual transaction data for over 175M consumers. Contact us today to learn more.