Skip to content

Google’s Privacy Sandbox Explained

Google has announced that it’s phasing out support for third-party cookies in Chrome by 2022. The company is working towards a new set of APIs for browsers to enable advertising and their Privacy Sandbox is part of the plan.

The demise of third-party cookies has been the hottest conversation topic for publishers for months and it’s something to keep an eye on for the next couple of years. 

In this article, we discuss Google’s Privacy Sandbox and the effect that it’s likely to have on the future of online advertising.

What is Google’s Privacy Sandbox?

Google’s plans to kill off third-party cookies sent waves of shocks through the world of online publishers and for good reason. Many publishers fear that this is the end of online advertising, or at least advertising as we know it. 

There are multiple reasons behind Google’s move to phase out support for third-party cookies, and the biggest of them is the fact that these cookies can lead to a misuse of personal data and infringe on the user’s privacy. 

The rising awareness of privacy among users is another reason behind the decision. More and more users have become concerned with the way third-party vendors are collecting their data, which has led to privacy laws such as GDPR, LGPD, and CCPA.

But Google has a plan, so in the absence of third-party cookies with the Chrome browser, the company intends to launch its own tools as an alternative for advertisers to use Google’s first-party data.

Google’s Privacy Sandbox launched in the summer of 2020 to mixed reactions. While this is basically an initiative that’s aimed to make the web more private for users while also allowing advertisers to carry out measurement and tracking, many are concerned with the way Google continues to assert their dominance over the World Wide Web. 

Why is Privacy Sandbox Needed?

More and more internet users are moving towards cookie-less browsers — unlike Chrome, which still supports the third-party cookie even though competitors Safari and Firefox have withdrawn support. Despite the move towards cookie-less browsers, Google continues to maintain its majority browser market share.

But in order to be able to continue to run its advertising business smoothly, Google needed to come up with an alternative. The Privacy Sandbox is the response to the cookie-less future and its purpose is to provide anonymity to the user data, while at the same time using browser APIs to continue to allow advertisers to use behavioral targeting. 

Google claims that the Privacy Sandbox solution will protect user privacy while also helping content remain freely available, all without using third-party cookies. The company believes that their changes — even though they’re agitating publishers — will improve choice, transparency, and control for users in the long run.

What’s in Google’s Privacy Sandbox?

Even though the project is not yet definitive and there’s still a lot of speculation about the way it will actually work, we know that Google’s Privacy Sandbox consists of five browser APIs.

These APIs will replace cookies as we know them today, and be the solution for advertisers to receive aggregated data about conversion and attribution. The end result envisioned by Google is set to rely on anonymized signals instead of cookies within the browser to get access to the browsing habits of its users.

Here’s a breakdown of each of the five APIs for Google’s Privacy Sandbox.

Trust Token API

This API will allow publishers to differentiate between human users and bots. It will request that users fill out a form to receive cryptographic tokens, with the purpose of preventing fraud. The Trust Token API is actually an alternative to CAPTCHA and due to its cryptic nature, sites won’t be able to track users. 

Google released a Chrome extension in 2020 based on the Trust Token API that shows how many ads are loaded on any given page, what user data has been used to show personalized ads, and what advertisers are present on said page. The Ads Transparency Spotlight makes it easier for users to understand how ads are shown on the pages they visit. 

Aggregated Reporting API

The Aggregated Reporting API will allow performance-related information without cross-site tracking of the user. The information will include reach, views, impressions and more, and it will all be condensed in a single report. 

The API will make it possible to store reporting data in the browser and send a report to an ad tech provider’s reporting endpoint. With the help of this API, a larger percent of the user information will be kept on-device only. 

Conversion Measurement API

This API will allow advertisers to find out whether users were converted either by clicking on the ad or by buying the product that was advertised. This is similar to Apple’s SKAdNetwork and will basically signal that a conversion took place without actually revealing any of the user’s personal information.  

However, since Google acknowledges that it’s not possible for a single API to support all ad-related conversion measurement cases, this proposal is likely to be the jumping-off point for multiple APIs related to conversion. 

Federated Learning of Cohorts

Federated learning is a machine learning technique that makes it possible for browsers to form a centralized model and work together without actually exchanging data. The Federated Learning of Cohorts (FLoC) proposed by Google refers to the process of grouping different sets of users by their browsing habits and trying to establish shared meaning. 

This is all done anonymously, so no actual user data is shared. By creating FLoCs, the personal identities of users will be concealed, but it will still be possible to use data from a user’s browsing history to determine their interests. 


The TURTLEDOVE proposal (which stands for Two Uncorrelated Requests, Then Locally-Executed Decision On Victory), is Google’s solution to retargeting that is currently done via cookies. Ad networks will be able to add users to segment groups in the browser based on certain actions. For example, advertisers will be able to serve ads based on interest groups to users who abandoned a shopping cart with a specific item in it. 

TURTLEDOVE is supposed to be the successor of Private Interest Groups Including Noise (PIGIN), which was Google’s first attempt to target advertising that protects user privacy. However, PIGIN was removed because of privacy concerns. The current theory is that TURTLEDOVE has improved privacy guarantees, achieved by removing ad auction logic from servers to having the auction occur in-browser. 

This is currently a framework, not a stable API, so it’s rather difficult to determine whether it would work as expected and what exactly it will change.

What Does Google’s Privacy Sandbox Mean for Publishers and Ad Networks?

Since Google said they’re open to work with Chrome users and advertisers in order to make sure the Privacy Sandbox benefits everyone — from users to industry stakeholders — publishers are welcome to offer feedback on each of the five APIs.   

The APIs are likely to become open web standards in the future, with Google no doubt hoping for them to be adopted by other browsers as well (including Firefox and Safari). The World Wide Web Consortium (the standards organization) has been involved in the Privacy Sandbox project, which signalled to many industry players that the end goal is for the five APIs to become standard and consistent across all browsers.

If the APIs become an industry standard, it could mean that advertisers may be able to get a more stable view of users across all browsers, and publishers will be able to monetize their sites without cookies. While Google hasn’t explicitly stated that the five APIs are a precursor for a Google universal identifier, the general consensus in the industry is that a universal identifier is indeed the endgame for Google.

What are some of the main concerns for advertisers?

Because Google’s Privacy Sandbox is still a work in progress, it remains to be seen what effects it will truly have on the remaining industry players. Advertisers haven’t yet figured out whether this initiative is the way to level the playing field between Google and the industry’s other players. 

Since Google has dedicated teams for advertising, industry insiders wonder whether those particular teams will have the same, or greater, access to data in the Privacy Sandbox than what is made available to publishers, advertisers, and ad tech vendors. It is definitely possible that Google may make exceptions for its own teams, thus tipping the scales in its favour. 

Google’s proposal is a comprehensive one, which means that it brings with it lots of challenges. To be successful, Google will have to win over not only advertisers, but also publishers and other browser companies. The implementation process is likely to take a long time, and the collaborative development process might take years to complete. 

Final thoughts

Google’s Privacy Sandbox is still in its infancy, but Google claims that it has received positive feedback for the mechanisms on which the sandbox is used. One of the largest concerns in the industry is that the advent of Google’s walled sandbox will make the tech giant even more powerful, as ad networks will have to rely on Google’s first-party logged-in data, without being able to gain access to any real data directly from their audiences. 

If Google’s goals behind the Privacy Sandbox are achieved, its implementation shouldn’t signal a decrease in revenue for publishers, and it will still be possible for advertisers to use targeting. According to Google, users would be happy to have the ability to control their privacy settings and thus be less likely to use ad blockers. 

Once the Privacy Sandbox is tested and released, publishers will lose access to third-party data and the browser will instead play a vital role. Since ad networks and publishers will rely on browsers for targeting, tracking, and measuring results, it’s a good idea to be fully prepared for the future Google is envisioning.