What’s In Google’s Privacy Sandbox? Nothing, For Now

Google plans to phase out third-party cookies by 2022.

What will replace them? The answer lies in Google’s Privacy Sandbox, a proposed set of web standards designed to protect privacy while still giving advertisers the ability to target and measure campaigns.

In other words, the standards are web browser APIs that will eventually serve as privacy-preserving technical alternatives to third-party cookies.

But the operative word is “eventually.” There aren’t any tangible tools inside the Privacy Sandbox, at least not yet.

“It’s pretty much just a number of proposals, what you might call explainers, for browser APIs,” said Ratko Vidakovic, founder of ad tech consultancy AdProfs. “I think it’s fair to call them conversation starters.”

Chrome’s purpose here is to trigger an information exchange among advertisers, developers, ad tech vendors, publishers, other browsers, trade groups – anyone that relies on the web to do business. All are invited to experiment with the proposed mechanisms, share feedback and introduce ideas of their own via GitHub.

There’s probably not a single product manager in ad tech who isn’t glued to Chrome’s proposals on GitHub right now, Vidakovic said.

It makes sense for Chrome to take this approach. Browser sandboxing is a common analysis environment used by developers and researchers to test plug-ins, features and root out potential vulnerabilities.

But, more importantly, the offer of collaboration – rather than unilateral action by Google – will help it circumvent accusations of anticompetitive behavior that would have arisen if Google had pulled the third-party cookie rug out from under the ad industry at once.

The first two issues Google will try to address through the sandbox are conversion measurement and interest-based advertising. Trials for click-based conversion measurement sans third-party cookies will start by the end of the year.

Chrome’s move to kill third-party cookies is clearly far more cautious than other browsers – Safari and Firefox both block third-party cookies by default – but it’s clear evidence that browser APIs are the future.

“It’s not the Wild West anymore, and browsers, smart routers such as Amazon’s Eero, satellite internet projects such as Elon Musk’s Starlink and other new tech, have the ability to filter everything,” said Zach Edwards, founder of analytics firm Victory Medium. “Upstream user data filtering and privacy-as-a-service are clearly where things are going in general.”

Although they’ll obviously morph and change over the next two years, the API proposals in Google’s Privacy Sandbox offer a peek into the future of data sharing on the web.

Here’s what’s in there, so far (and click here for the full set of entries):

Conversion measurement

A conversion measurement API proposal would allow advertisers to measure and report on ad click conversions and ad performance without using cross-site trackers.

The Chrome team acknowledges, however, that one API can’t support all of the ad-related conversion measurement use cases out there. What if there are multiple touches for the same conversion, for example, or what if an advertiser wants to send reports to multiple reporting partners at the same time? The vision here would be to use this proposal as a jumping off point for multiple conversion-related APIs.

This isn’t the first proposal of its kind. Apple released an experimental attribution API for Safari in May 2019 that enables a limited form of click-to-conversion tracking that’s built directly into the browser and doesn’t rely on cookies. Brave also has a related protocol.


Federated learning of cohorts (FLoC) would use on-device machine learning to observe the behavior of cohorts or “flocks” – see what you did there, Chrome – to enable interest-based advertising, rather than tracking the browsing behavior of individuals. In other words, bye-bye one-to-one marketing, we hardly knew ye.

Each flock would be comprised of thousands of people with similar browsing histories and referred to by a short, alphanumeric name. This, some privacy advocates say, represents a major loophole. A flock name would essentially serve as an identifier or “behavioral credit score” of a user’s preferences, purchases and movements, thereby defeating the purpose, according to the Electronic Frontier Foundation.


A related proposal dubbed PIGIN (or private interest groups, including noise) would enable the browser, rather than the advertiser, to track what people are interested in and place them into so-called “interest groups” that could be used for targeting. The size of a group couldn’t fall below a set threshold so that the API itself doesn’t become a mechanism to enable microtargeting.

Aggregating reporting

An aggregated reporting API would collapse information into a “single privacy-preserving report” that enables ad measurement without relying on cross-site identifiers. The browser API could measure a campaign’s reach or manage frequency capping, and the data would only be reported back if it’s “sufficiently” aggregated across users.

Privacy budget

Websites would be given a privacy budget that limits how much information they can access about an individual to prevent fingerprinting. Sites that exceed their allotted “budget” would lose access to the APIs. Google first announced its intention to crack down on browser fingerprinting in Chrome last spring.

Privacy model for the web

Next up is a “potential privacy model for the web” that aims to answer two questions. First, across what range of web activities should a browser let websites treat a person as having a single identity? And two, how can information move across identity boundaries without compromising that separation?

The proposal available on GitHub is amorphous, but the gist appears to be that the browser should be able to treat third parties as first parties, depending on the circumstance. If an unidentified user visits a site, for example, certain verified third parties would be given the right to recognize the user while others would not.

Trust token

A trust token API would help publishers detect and prevent fraud by separating users into two groups: trusted and untrusted. Nonpersonalized cryptographic tokens, or “privacy passes,” could be issued to trusted users. The tokens would be indistinguishable from each other so that sites couldn’t use them for tracking.

Willful blindness

The willful blindness API would provide a mechanism for HTTP applications to prevent themselves from being able to see IP address or other identifying network info, but without interfering with the normal operations of servers that use IP address to help with bot, DoS and spam detection.

First-party sets

Lastly, a first-party sets API would enable related domain names owned by the same entity – google.com, google.co.uk and youtube.com, for example – to declare themselves as the same first party.

The takeaway

It’s still really early in this process, but it’s up to ad tech vendors to actively share feedback and contribute to the sandbox proposals if there’s any chance of a solution that’s “extensible across the industry,” said Jessica Berman, principal product manager at SpotX.

“The overarching message from Google is that they want to create tools that will increase transparency of data use and enable users to have more control over their privacy, which includes eliminating ‘opaque’ tracking mechanisms, like fingerprinting,” Berman said. “As an ad business, Google has a vested interest to ensure the privacy features will still allow programmatic advertising to continue, which ultimately funds free internet content.”

Google claims it’s already received “positive feedback” on the mechanisms that underlie the privacy sandbox from people involved with the World Wide Web Consortium, an international group that develops standards and protocols for the web.

Enjoying this content?

Sign up to be an AdExchanger Member today and get unlimited access to articles like this, plus proprietary data and research, conference discounts, on-demand access to event content, and more!

Join Today!