The Privacy Sandbox initiative is a desire on the part of Google to combine two elements that seem to be antinomic, namely privacy protection on the one hand and personalization of the Web experience and ad targeting on the other. This new approach aims at providing tools to companies to allow them to do without third-party cookies. Google has announced that they will be removed from Chrome in the near future.
However, this removal worries many advertisers. Especially since many marketers have not yet fully understood how Privacy Sandbox works. In order to meet this need for information and clarification, we would like to explain this new approach so that everyone can continue to develop effective advertising campaigns on the Web.
The problem of third-party cookies today
The Web is a very complex space. There are millions of interdependent elements. It is this specificity that makes it unavoidable. Indeed, it only takes a few seconds to move from one site to another while enjoying a qualitative and personalized experience.
However, this ability to provide relevant answers and adapted advertisements is not the result of chance. Within this complexity, we find personal data, which is essential to providing large-scale services that deliver tailored experiences.
First party cookies are not really a problem. These are stored by the website visited and allow access to personalization on that same site. Third party cookies are much more problematic for the Internet user. This is because they are created and stored by third parties who are not necessarily the owners of the visited site. In practice, personal data can be collected on the entire web browsing of the user.
For this reason, third-party cookies contribute to the mistrust of Internet users. It is to meet this need for clarification and protection of users that certain organizations such as the CNIL (Commission Nationale de l’Informatique et des Libertés) ensure compliance with the regulations. In particular, article 82 of the French Data Protection Act requires that consent be obtained for the installation of third-party cookies.
As a result, there can be a conflict of interest between advertisers who want to offer personalized ads and regulators who want to preserve consumers’ privacy.
What is the Privacy Sandbox?
Google is launching its Privacy Sandbox project in 2021 to address this gap. From the outset, the motivation was to propose a third way that would allow these seemingly contradictory wishes to coincide.
Thus, Google states that:
“The Privacy Sandbox initiative aims to create Web technologies that both protect people’s privacy online and give businesses and developers the tools to build successful digital businesses to keep the Web open and accessible to all. “
In practical terms, the idea is to allow for a combined effort to steer the evolution of the Web in the right direction. This collaborative initiative is open source. Indeed, Google has consistently asked the different actors involved (web browsers, advertisers, developers, online publishers and advertising technology companies) to get involved in this project to ultimately establish new web standards more respectful of privacy.
The goals of the Privacy Sandbox approach are clearly provided by Google:
To allow Internet users to enjoy the Web without having to worry about the collection of personal data
To give companies and advertisers the opportunity to grow their business and reach their audience through targeted ads
Preserve the open nature of the Web and the personalization of the browsing experience
As we can see, these goals are ambitious. However, it is an initiative that cannot be ignored to preserve the vitality of the Web as we know it today. For Google, it is possible to remove third-party cookies while allowing professionals to establish statistics relevant to their business.
What are the concrete applications of Privacy Sandbox?
To achieve its goals, Google has put online a set of proposals to move the lines:
Restrict web tracking
Fighting fraud and spam
Delivering relevant ads
Measuring digital ads
These echo some of the Privacy Sandbox goals mentioned above. However, the Privacy Sandbox approach is not just a statement of intent. Google has already detailed several use cases that allow companies to change the way they use and collect information.
The fight against fraud
To fight online fraud, for example, Google wants to implement what it calls “trust tokens” through the Trust Token API. Depending on online behavior, such as regularly logging into an account on the Internet, a trust token can be deposited on the browser of an Internet user. As the user browses, different sites can then verify this trust. This ensures that the user is indeed a human. Note that these trust tokens are encrypted. Therefore, they cannot be traced back to the identity of the user.
Targeting by centers of interest
Secondly, Google wants companies to be able to continue to offer targeted advertising. Simply because users themselves are looking for a personalized experience. However, this must be done without the use of third-party cookies and by limiting the data collected. For this purpose, Privacy Sandbox introduces the principle of FLoC or Federated Cohort Learning. In concrete terms, the Internet user will no longer be targeted individually. His behaviors will be anonymous, as he joins a group or cohort of users with similar interests. The group thus created is large enough that the user is not identified, but sufficiently precise and made up of similar profiles to guarantee relevant targeting.
Privacy Sandbox also offers an alternative to the usual retargeting. Following a user’s visit, sites will be able to inform the browser of their desire to serve personalized ads. The information provided to the browser can include the type of ad the user wants to see and the maximum amount of money they want to spend to display those ads. When the user visits a third-party site that has ad space, the browser’s algorithm can then serve those ads.
Measuring the effectiveness of digital campaigns
After deploying online advertising campaigns, it is essential to be able to analyze them in detail in order to optimize them continuously. The measurement of conversions via the Attribution Reporting API in particular will no longer analyze buyers, but purchases. This will allow for the anonymization of individuals. Following a conversion, the browser will associate an action with an ad to which the user has previously been subjected. This global data will allow to set up a conversion analysis while preserving privacy.
The evolution of Privacy Sanbox
Google wants to co-build its initiative with many actors. For this reason, the deployment of the Privacy Sandbox approach and the disappearance of third-party cookies will undergo several essential steps. These steps will allow to change habits step by step and without rushing the different stakeholders. Advertisers and publishers will thus be able to prepare for the arrival of these changes with peace of mind.
All the actors of this consultation have so far submitted no less than thirty proposals. These will be studied and then implemented gradually. The development process set up by Google is rigorous and includes several essential phases of discussions and testing in which forums such as GitHub or groups such as the W3C participate. In doing so, the process is similar to the development techniques of open APIs and web technologies.
As for the key features of the initiative, they will be deployed by 2022. This will allow the developer community to begin to pick up these new tools and adopt them en masse. Google will not begin Phase 1 until the end of 2022, once testing is complete and APIs are deployed in Chrome. The disappearance of third-party cookies will then be phased out over three months between mid-2023 and the end of that same year.
How can you prepare now for the Web of tomorrow?
The evolution and deployment of Privacy Sandbox will be smooth. On the one hand, the deployment is very gradual. On the other hand, Google will take care of most of the effort since the tools will be added directly to the Chrome browser. However, the best thing to do is to prepare today by adopting the necessary good practices.
First, you’ll need to learn how to do without third-party cookies. For this reason, first-party cookies must be given a specific strategy. They will allow you to collect very relevant data via your website. In order to deploy such a strategy, it is necessary to improve the relationship you have with your customer base. In addition, it is important to be able to use an appropriate tagging infrastructure, but also to collect the informed consent of your customers or prospects.
You should also take advantage of new automation and machine learning solutions. These will allow you to perform highly relevant modeling of the data you have previously collected.
If these actions seem complex to you, you can call upon experts in digital strategy. They will be able to help you to make the transition to Privacy Sandbox by setting up a powerful tagging infrastructure. It is obvious that this transition to a web without third-party cookies is not easy. However, it is essential to guarantee the durability of an open Web and the respect of the concerns of all Internet actors.