Skip to main content

15 min read

Google Privacy Sandbox Explained

By Shreya November 6, 2024

Google Privacy Sandbox Explained

Google shook up the advertising industry by announcing the phase-out of third-party cookies from Chrome. However, after several pushbacks, the tech giant is revisiting its plan. Initially, Google Privacy Sandbox was designed to replace third-party cookies. Now, Chrome will introduce a new setting that allows users to make informed privacy choices and adjust them at any time. Privacy Sandbox APIs will continue to provide privacy-preserving alternatives, especially for developers. This initiative aims to reduce intrusive user tracking while still supporting the digital advertising ecosystem.

What is the Google Privacy Sandbox initiative?

Google’s Privacy Sandbox aims to boost online privacy by providing alternatives to third-party cookies and implementing new privacy-focused technologies. This initiative aspires to offer a more secure and private internet experience while ensuring the continued functionality of web services and supporting the digital advertising industry.

Check out the Privacy Sandbox website.

Why did Google initiate the Privacy Sandbox?

Google launched the Privacy Sandbox to achieve several key objectives centered around enhancing user privacy while sustaining the viability of online content and services. Third-party cookies have long been integral to online tracking and advertising, allowing advertisers to monitor users across different sites and collect extensive data about their browsing habits. However, this practice raises significant privacy concerns, leading to invasive tracking and potential misuse of personal information. By removing these cookies, Google aims to foster a more transparent and privacy-centric web environment.

The main goals of the Privacy Sandbox are:

  • Enhancing user privacy: The Privacy Sandbox is designed to eliminate intrusive tracking mechanisms that gather personal information without users’ consent. By developing new technologies, Google aims to make outdated tracking methods, like third-party cookies and fingerprinting, obsolete. This ensures that users can browse and use apps without concerns about who is collecting their data and how it’s being used.
  • Supporting publishers and developers: Many websites and apps depend on advertising revenue to provide free content to users. The Privacy Sandbox seeks to provide privacy-preserving alternatives that allow publishers and developers to deliver relevant ads and content without invasive tracking practices. This balance helps sustain the free flow of information and services that billions of people rely on.
  • Establishing new privacy standards: Understanding the global significance of the internet for information and economic growth, Google is inviting industry stakeholders, including publishers, developers, and advertisers, to collaborate in establishing new privacy standards. These standards aim to enhance privacy across the Web and Android, creating a more secure and trustworthy digital ecosystem.

What are the Privacy Sandbox proposals?

There are over 30 proposals to date initiated by Chrome and other stakeholders to create web standards for websites to access user information without compromising privacy. Here are the key proposals under the Privacy Sandbox:

Fight spam and fraud on the web

Private State Tokens

Private State Tokens enable websites to distinguish genuine users from bots or malicious attackers without identifying individuals. These tokens are issued based on user behavior and are encrypted to ensure privacy. For example, a website can issue a private state token to a user who regularly signs into their account, verifying that the user is not a bot. Other sites can then check this token to confirm the user’s legitimacy without accessing personal information.

Read more about Private State Tokens

Show relevant content and ads

Topics API

The Topics API categorizes browsing behavior into topics. These topics represent recognizable categories inferred by the browser based on the pages a user visits. For instance, if a user frequently visits websites about fashion, their browser might categorize this interest under a “Fashion” topic. Users can view, remove, or disable topics in their browser settings, giving them greater control over their privacy while still allowing personalized content and ads.

Read more about Topics API

Protected Audience API

This API helps with remarketing—showing users ads for products or sites they’ve shown interest in before—without relying on third-party cookies. As users browse the web, advertisers can inform the browser about the future ads they want to show. The browser then uses this info and an algorithm to decide which ads to display, keeping user privacy intact.

Read more about Protected Audience API

Measure digital ads

Attribution Reporting API

To measure the effectiveness of digital ads without compromising privacy, the Attribution Reporting API uses privacy-preserving tools instead of traditional tracking methods. It allows advertisers to collect data on how users interact with ads and their subsequent actions (like making a purchase) without identifying users across different sites. This ensures ad performance is accurately measured while protecting user privacy.

Strengthen cross-site privacy boundaries

CHIPS

Cookies Having Independent Partitioned State (CHIPS), also known as Partitioned cookies, allow developers to opt for a cookie in partitioned storage, with a separate cookie jar per top-level site.

Third-party cookies can track and connect user information across different websites without cookie partitioning. Partitioned cookies are double-keyed and can only be read within the site where they were set, helping to block cross-site tracking while still enabling legitimate uses of third-party cookies.

Read more about CHIPS

Related Website Sets

Websites can use Related Website Sets to control cookie access between sites. Website owners submit their domains to a set, and the connected domains can be of different types and used for various purposes.

Read more about Related Website Sets

Shared Storage API

Shared Storage lets you use data from different sites to make smart choices without revealing any personal user information or sending data to your own servers.

Read more about Shared Storage API

Fenced Frames API

Fenced Frames are HTML elements that embed advertising content into publishers’ digital properties while restricting communication between the embedded content and the embedding environment. In simpler terms, they create a barrier between the embedded advertising creative and the publisher’s website/app.

Read more about Fenced Frames API

Federated Credential Management

The FedCM approach helps protect user privacy when using sign-in services by allowing them to log into websites without sharing their personal information.

Read more about FedCM

Limit Covert Tracking

User-Agent Reduction and Client Hints

The User-Agent string provides details about the browser and device used by a user, which can be exploited for passive fingerprinting. The User-Agent Reduction initiative aims to minimize the identifying information shared in this string. The Client Hints API allows websites to request specific information directly, reducing the need to share extensive user details and enhancing privacy.

DNS-over-HTTPS

DNS-over-HTTPS (DoH) encrypts DNS queries, preventing attackers from observing which sites users visit or redirecting them to malicious sites.

Read more about DNS-over-HTTPS

IP Protection

IP Protection aims to hide users’ IP addresses from third parties, preventing tracking across different sites.

Read more about IP Protection

Storage Partitioning

Storage Partitioning ensures that data from one site cannot be accessed by another, enhancing privacy while maintaining compatibility with existing web standards.

Read more about Storage Partitioning

Network State Partitioning

Network State Partitioning ensures that network resources are not shared across different sites, protecting user privacy by preventing metadata sharing.

Read more about Network State Partitioning

Bounce Tracking Mitigations

Bounce tracking uses redirects to track users across sites. The Bounce Tracking Mitigations prevent this by blocking these redirects from identifying users while still allowing legitimate redirects to function.

Read more about Bounce Tracking Mitigations

Third-party cookies vs Google Privacy Sandbox (Infographic)

Third-party cookies vs privacy sandbox

How to enable Privacy Sandbox in Chrome?

To enable Privacy Sandbox in Chrome:

  • Go to the Three-dot icon ()
  • Then tap Settings, then Privacy and security
  • Tap on Ad privacy

There are three components: topics, site-suggested ads, and ads measurement, which users can turn on.

google privacy sandbox chrome setting

What is the impact of Privacy Sandbox on digital advertising?

The Privacy Sandbox aims to balance the need for privacy with the requirements of the digital advertising industry. Advertisers must adapt to new methods of targeting and measuring ads by introducing new privacy-preserving technologies. 

  • Loss of tracking accuracy: Privacy Sandbox aims to limit third-party cookie tracking. This means less precise targeting, potentially making ads less relevant to specific users.
  • More transparency for users: Users will have more control over their data and its advertising use. This is a plus for privacy. However, advertisers might have less insight into user behavior, making campaign measurement and optimization more challenging.
  • First-party data strategy becomes more important: With less reliance on third-party data, publishers and advertisers must focus on strengthening their own data collection (first-party data) to understand their audiences.
  • Effect on ad costs: The impact on ad costs is still unclear. Some predict it could rise due to less targeted advertising and increased competition for available data. Others believe it might force innovation in ad tech, leading to more efficient spending.
  • Effect on ad tech vendors: Third-party cookie-based ad tech might decline. However, the Privacy Sandbox proposes alternative solutions that compliant ad tech vendors can adapt to, which could lead to a shift in the ad tech landscape.

Challenges in Privacy Sandbox API Integrations

Integrating Privacy Sandbox APIs poses several challenges, including:

  • Technical implementation: Adapting existing systems to new APIs requires significant technical changes and development resources.
  • Data accuracy and measurement: Ensuring the new privacy-preserving methods provide accurate and reliable ad targeting and measurement data.
  • Industry adoption: Achieving widespread adoption across the digital advertising ecosystem and ensuring interoperability with various platforms and services.
  • Regulatory compliance: Navigating regulatory requirements and ensuring compliance with privacy laws and regulations.

Implement a Google-certified
cookie banner for free!

Try for free

14-day free trialCancel anytime

FAQ on Google Privacy Sandbox

What does Google Privacy Sandbox do?

Google Privacy Sandbox is an initiative that aims to balance user privacy with the needs of businesses online. 
It aims to limit how websites and apps track users across the internet. This means websites couldn’t easily profile user interests and browsing habits.
It also proposes alternative methods for advertisers and publishers to show relevant ads and measure their effectiveness, which helps keep many online services free.

How does the Privacy Sandbox enhance user privacy?

The Privacy Sandbox enhances user privacy by reducing cross-site tracking and introducing privacy-preserving APIs that limit the amount of personal information shared online.

Should the Privacy Sandbox be on or off?

Privacy Sandbox is an initiative to provide a better alternative to third-party cookies and still support digital advertising by introducing privacy-preserving technologies for data access. However, it still tracks users in some capacity. Users may turn off the Chrome feature.

How do I turn the Privacy Sandbox on or off in Chrome?

Go to the Three-dot icon () > Settings > Privacy and security > Ad privacy. Here, you will find three components that you can choose to turn on/off.

How can users control their privacy settings in Chrome with the Privacy Sandbox?

Users can control their privacy settings by viewing, removing, or disabling topics in their browser settings and opting out of Privacy Sandbox relevance and measurement technologies at any time.

Photo of Shreya

Shreya

Shreya is the Senior Content Writer at CookieYes, focused on creating engaging, audience-driven blog posts and related content. Off the clock, you’ll find her happily lost in the world of fiction.

Keep reading

Featured image of 7 Steps to Enhance Compliance Management for Your Business

Privacy Laws

7 Steps to Enhance Compliance Management for Your Business

Have you thought about compliance as a growth driver? For most businesses, it is just …

Read more
Featured image of Cookiebot vs OneTrust vs CookieYes: Which One Is The Best?

Consent

Cookiebot vs OneTrust vs CookieYes: Which One Is The Best?

Our detailed comparison will explore features, pricing, and privacy compliance functionality, guiding you through the nuances of Cookiebot, Onetrust and CookieYes to find the one that best suits your business's consent management needs.

Read more
Featured image of Iubenda vs Osano vs CookieYes: Which One Is The Best?

Iubenda vs Osano vs CookieYes: Which One Is The Best?

Our detailed comparison will explore features, pricing, and privacy compliance functionality, guiding you through the nuances of Cookiebot, Iubenda, and CookieYes to find the one that best suits your business's consent management needs.

Read more

Show all articles