Home Data Privacy Roundup Adventures Abroad In The Privacy Sandbox

Adventures Abroad In The Privacy Sandbox

Cookie caption contest (we've got until 2024, folks)

Apologies to the gentleman sitting beside me minding his own business and quietly reading a book in the departure lounge last week near gate B15 at Nice Côte d’Azur Airport.

I may have startled him when I suddenly exclaimed, “Well, would you look at that!”

This is what I was reacting to: While waiting for my flight home from Cannes, I was browsing the internet on my laptop, as one does, when a Chrome Privacy Sandbox consent modal popped up on my screen:

Privacy Sandbox consent screenMost normal people wouldn’t get excited about seeing a consent modal in the wild, but I’m no longer a normal person. My brain is broken after more than four years of writing about third-party cookie deprecation.

These prompts first started appearing for people in Q3 2023 when the Privacy Sandbox APIs were made generally available to the majority of Chrome users.

The thing is, I don’t recall ever seeing one at the time. Yet, I must have opted in at some point, because when I checked the ad privacy section of my Chrome settings, all three Sandbox features were already turned on: ad topics, site-suggested ads and ad measurement.

The reason I was shown the pop-up again is likely because I was in Europe, which has its own stringent consent requirements under GDPR.

I can’t explain why I only saw the pop-up on my final day of an eight-day trip during which I used the Chrome browser umpteen times, but that’s not the first question that came to my mind.

What I immediately wondered was: What would a regular person think when presented with this consent screen?

To give Google its due, the language used to describe the privacy features is relatively concise and not overly jargony.

For example, “Your ad topics are based on your recent browsing history, a list of sites you’ve visited using Chrome on this device,” is pretty easy to grok. And “Chrome auto-deletes topics that are older than 4 weeks” is self-explanatory.


AdExchanger Daily

Get our editors’ roundup delivered to your inbox every weekday.

People can click dropdowns for more information, and there are two buttons at the bottom of the consent screen, one that says, “No thanks,” and another that says, “Turn it on.”

But some parties consider the supposed simplicity of this choice to be a dark pattern in and of itself.

Just a few weeks ago, NOYB, the advocacy nonprofit led by well-known privacy activist Max Schrems, filed a complaint with Austria’s data protection authority. The complaint alleges that the Privacy Sandbox consent pop-up is problematic under GDPR because although it’s “presented as a privacy feature … when users enable it, they are unknowingly consenting to online tracking.”

Under GDPR, consent must be “specific, informed and unambiguous.”

I’ll say it: The Privacy Sandbox consent screens don’t bother me. Putting aside all of the Sturm und Drang about whether the APIs are viable (or ever will be), the UX of these pop-ups and the explanations are less confusing than they could be.

My concern is something a little different. Yes, people need to know what they’re opting into, but beyond that, do people even realize when they’ve opted in?

I’m an ad tech journalist who by this point can’t even look at a Thin Mint without thinking about the Privacy Sandbox, and yet I somehow managed to opt in without even realizing it.

🙏 Thanks for reading! And here’s some live footage of Google trying to deprecate third-party cookies in Chrome. As always, feel free to drop me a line at [email protected] with any comments or feedback.

✉️ If you’d like to get these nerdy little missives direct to your inbox, click here to subscribe to the Data Privacy Round-Up.

Must Read

Comic: What's your pick?

Google Says It Won't Deprecate Cookies In Chrome After All (?!)

You read that headline right: Google is seriously considering scrapping its plans to deprecate third-party cookies in Chrome. Instead, it’s proposing some kind of TBD opt-out tool for third-party cookies.

Comic: An ID Bridge Too Far?

Programmatic Companies Wrestle With ID Bridging And What Counts As Fraud

In January, the Chrome browser removed third-party cookies for 1% of users, to facilitate testing of the Privacy Sandbox –  and a new controversy was born.

It’s Open Season On SaaS As Brands Confront Their Own Subscription Fatigue

For CFOs and CEOs, we’ve entered a kind of open hunting season on martech SaaS.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters

Brian Lesser Is The New Global CEO Of GroupM

If you were wondering whether Brian Lesser was planning to take some time off after handing the CEO reins of InfoSum to Lauren Wetzel last week – here’s your answer.

Comic: S.P. O'Middleman's

TripleLift CEO Dave Clark Abruptly Exits After Setting The SSP On A New Trajectory

Dave Clark, who’s led TripleLift for the past two years, is stepping down, effective immediately, and is being replaced by a coterie of TripleLifters.

shopping cart

Moloco Invests In Its Competitor Topsort As The Retail Media Stakes Go Up

Topsort can lean into Moloco’s algorithmic personalization, while Moloco benefits from Topsort’s footprint with local retailers in the US and in Latin America.