Google’s Privacy Sandbox - DATA SECURE



As the world is moving towards new privacy reorder, coupled with big techs’ initiatives against infamous third-party cookies, Google found itself cornered and left with no alternatives but to tag along with the rest and announce phasing out third-party cookies by the end of 2023. As the death of browser trackers is certain, the company has been working towards developing a new set of APIs for browsers to enable advertising. The Privacy Sandbo is a part of the privacy-protective initiative which Google foresees as the gold standard for advertisement technology.

Google’s Privacy Sandbox

What is Google’s Privacy Sandbox ?

First announced in August 2019, the Privacy Sandbox is an initiative led by Google to replace third-party cookies with new standards for websites to access user data and facilitate online advertising without hampering the privacy of users.

At the cru of Google’s Privacy Sandbox lies three main initiatives: replacing the functionality of cross-site tracking, eliminating third-party cookies, and mitigating the risk of device fingerprinting.

At its heart, Privacy Sandbox is a series of proposals landscaped around satisfying cross-site use cases without the involvement of third-party cookies or other tracking mechanisms. The objective behind rejecting many proposed ideas so far, post announcement of phasing out third-party cookies, and to give Privacy Sandbo a try is to create a thriving web ecosystem that is respectful of users and private by default.

The goal is to build a more private and trusted web with transparent standards, encompassing:

  • Ad targeting
  • Measurement
  • Fraud prevention

The most significant part about Google’s Privacy Sandbox is that all user data will be stored and processed on the user’s browser. It means that data stays on the user’s device and, therefore, is privacy compliant. Privacy Sandbo consists of five browser APIs which work locally, on the user’s device, to protect the user’s personally identifiable information as one navigates the web. APIs (Application Programming Interfaces) will replace cookies and track data like conversions and attribution.

Trust Token API

Advertisers face a tough time distinguishing between malicious bots and authentic users. Anti-fraud detection becomes crucial to get the accurate ad performance measurements, which if left uncured, prompts less spending by advertisers and damage to the site publishers’ revenue generation for that matter.

This API proposes the formation of a per-origin storage area for “Privacy Pass” style cryptographic tokens accessible in third-party conte ts. To ward oI frauds and filter legitimate users from spammers and bots, Trust Token API will request users to fill out a form to receive cryptographic tokens. This form-filling method is as same as CAPTCHA but with a cryptic twist that will prevent site owners from tracking users.

A user’s browser is issued a batch of tokens by the origin in conte ts user is found trustworthy. These tokens can later be spent in conte ts where the user would otherwise be unknown or less trusted.

Aggregated Reporting API

This API facilitates performance-related information such as reach, views, impressions, and more bundled in a single, privacy-preserving report, without cross-site tracking of the user.

The proposed idea around Aggregated Reporting API is that the user information or the data aggregated to report to the tech provider’s reporter endpoint will be kept on-browser only. The data   will   be   reported   using   a   server-side   aggregation service only when su ciently aggregated across the user’s browser.

The proposal is to limit the amount of data a website can collect. It may work in the way that each website would have an allocated budget. When the website e ceeds the allocated budget, the browser (Chrome) would cut e cess.

This API uses a write-only per-origin data store that only after reaching the threshold set by clients flushes data to a reporting endpoint. It preserves privacy by providing a viable alternative for ad measurement (including critical functionality to measure the reach of a particular ad campaign) without needing to use consistent cross-site identifiers like third-party cookies.

Converstion Measurement API

With its mechanism designed similar to Apple’s SKAdNetwork, Conversion Measurement API will allow advertisers to deduce whether users got converted either by clicking an advert or directly buying the advertised products. Much like Apple’s SKAdNetwork, this API as well doesn’t rely on any tracking mechanisms, including third-party cookies, that hamper privacy. Its eIectiveness can be best seen in conjugation with the Trust API as advertisers can mark their ads with metadata (i.e. Destination URL, Report URL, additional impression data) to obtain information about the conversion rate of the displayed adverts.

Federated Learning of Cohorts

Federated Learning of Cohorts follows a machine learning approach that makes it possible for browsers to form a centralised network and work together without actually e changing data.

It is the method of grouping together users with similar interests or browsing behaviour and establishing shared meaning in order to serve non-personalised ads in which a group e hibits common interest. As the formation of cohorts is done to hide users’ identity and devise anonymity, no actual user data is shared and the privacy of users remains unaltered.

With FLoC it is possible to determine users’ interests based on their data, whereas keeping their identities concealed. Ad targeting is done based on what group a person falls into. FLoC tracks browsing patterns and generate similar groups or cohorts which then after is assigned into groups where each user would be matched with a unique group identifier.

We have covered a detailed overview of Google’s FLoC and its impact on privacy. READ HERE.

In January 2022, Google announced its decision to retire FLoC API and replace it with Topics API instead. The underlying reason stated by e perts conducting tests was that fingerprinting was still possible with FLoC, and it failed to provide su cient anonymity for users. Topics API will allow Chrome to choose up to a ma imum of five topics that represent a user’s top interest for a certain time period (three weeks), based on the website users visit. Websites will have to opt-in and have data tracked for their site. Subsequently, advertisers will then have to decide which user interest topics align with their target audience and adjust their ad strategy to serve them.


TURTLEDOVE (Two Uncorrelated Requests, Then Locally E ecuted Decision on Victory), which is supposedly the successor of Private Interest Groups Including Noise (PIGIN) — one of the first attempts into privacy-preserving targeted advertising by Google — is Google’s proposed alternative for replacing cookies. This method proposes to serve ads based on interests shared by multiple people.

It’s a non-server-dependent API to track the placing of people in specific groups or cohorts. This API enables sites to ask the browser to join a particular interest group for a specific period of time. With this API, the browser belonging to a user retains the information, not the advertiser.

TURTLEDOVE is an enhancement in the privacy-preserving sphere with new approaches that address some key privacy advances:

  • The browser instead of the advertiser stores the information about a person’s interests;
  • Besides serving ads based on interest, advertisers cannot combine that interest with other information for any intended purposes, such as profiling;
  • Neither the websites the person visits nor the ad networks those sites use can learn anything about the visitor’s ad interests.

What does this mean for advertisers?

Google has been postponing time and again phasing out third-party cookies for the key questions remain unsolved, including what mechanisms websites can use to fund content by third parties ads and measure ad performance and how advertisers and site owners can evaluate the authenticity of a user without having to turn to dark practices like device fingerprinting.

The death of third-party cookies means a reckoning change for the advertising industry. In the dearth of third-party cookies, marketers and ad agencies will find themselves in dark about behavourial and demographic insights that help them create target audiences and segments. Businesses will solely be driven by little or no first-party data as the advent of GDPR, CCPA and DPB have only empowered people across the globe to control and own their personal data.

The transition from the old way of tracking to a cookie-free world has left the entire advertisement industry dwindling on the tip of a needle. With third-party cookies departed from other browsers such as Safari and Firefo , publishers and advertisers have been relying upon an array of non-standard third-party solutions that only append their technical debt, code comple ity, and data risk. For the developers, publishers, and advertisers to be sure of protecting user privacy choices, it’s paramount to discover a new thriving advertisement method that is respectful of users and privacy by default.

In the absence of tracking mechanisms like third-party cookies, Privacy Sandbo is a step towards developing a business model that funds the open web and preserves privacy at the same time. The five APIs are likely to become key to open web standards. Inclusion of the World Wide Web Consortium (the standards organization) in the project signals that the end goal for the five APIs is to become standard and consistent across all browsers, including Firefo and Safari.

If these APIs become the new industry standard, it would provide advertisers with a more stable view of users across browsers, and a cookie-free way of monetisation for publishers.

Advertisers and publishers should anticipate an increase in the value of first-party data and a decrease in third-party data sourced through data brokers and partners who do not share a direct relationship with users.

Anti-competitive and antitrust concerns

Google Chrome currently accounts for 63% of all internet tra c. As Google has been sued in the past for anti-competitive marketing practices, with Sandbo coming into the shape it needs to make sure other advertising companies can still profit. Before Privacy Sandbo gets formally accepted by various authorities across diIerent regions of the world, Google needs  to  develop  Privacy  Sandbo        proposals transparently and publish test results beforehand.

Privacy Sandbox good or bad?

Google wants all industry stakeholders to benefit from its Privacy Sandbox. Open to working with advertisers and Chrome users, the company is currently seeking feedback regarding the following key points:

  • Concerns about the types of information collected about users
  • Insights about the best way to let users see what is being collected about them

Still in its infancy, the Privacy Sandbox no matter has excited the users,  the digital marketers and advertisers alike with many proposed features, but so far no actual platform or code exists for marketers to properly assess its performance and eIectiveness in the real world.

We at Data Secure (DATA SECURE – Privacy Automation Solution) can help you to understand Privacy and Trust while dealing with personal data and provide Privacy Training and Awareness sessions in order to increase the privacy quotient of the organisation.

We can design and implement RoPA, DPIA and PIA assessments for meeting compliance and mitigating risks as per the requirement of legal and regulatory frameworks on privacy regulations across the globe especially conforming to India PDPB 2019. For more details, kindly visit DPO India – Your outsourced DPO service (

For any demo/presentation of solutions on Data Privacy and Privacy Management as per EU GDPR, CCPA, CPRA or Draft India PDPB 2019 and Secure Email transmission, kindly write to us at or

For downloading various Global Privacy Laws kindly visit the Resources page in DATA SECURE – Privacy Automation Solution

For solutions on Schrems II or Lawful Borderless Data Transfer solutions, kindly visit our website

Kindly write to us at for six steps solution for Lawful Borderless Data Transfer Solution