Google Privacy Sandbox: How Chrome’s ongoing updates will transform online advertising for businesses and users

Published June 25, 2021

Google's bold move: Saying goodbye to cookies and hello to Privacy Sandbox


Data privacy is one of the largest issues facing internet users today. And knowing how and where it’s collected and distributed isn’t always guaranteed. In a move to make handling browsing data more secure and transparent, Google is changing how its Chrome users’ information is collected—and this will undoubtedly change the way businesses advertise online.

The goal is to minimize infringement on private users’ browsing data, but the changes have caused a stir among online advertisers (including businesses of all sizes) that depend on this data for getting their ads in front of the right eyes. In response, Google plans to launch its own set of tools—dubbed the “Privacy Sandbox”—that advertisers can use to direct their ads towards people who are more likely to be interested in them.

Google’s Privacy Sandbox seeks to protect its users from third-party cookies while keeping digital advertising intact through the use of AI. It’s a big move and will take some getting used to, but it’s also a win-win for users and businesses that use Google’s platforms.

Related: How augmented reality technology is shaping the future of retail, banking and hospitality

Third-party cookies will be phased out to protect browsing data


Third-party cookies are small fragments of code that are added to a device while browsing a website. Currently, just about every website viewed using Chrome (currently the most popular web browser globally) uses cookies to track browsing data. As a pivotal component of its Privacy Sandbox, Google plans to phase these out.

Third-party cookies have long been a point of contention—beneficial for advertisers but invasive to users—so Google intends to phase third-party cookies out over the next year or so as part of its new privacy initiative. The controversy comes from the fact that third-party cookies operate in the background. They also send information to separate domains other than the website being viewed. GDPR compliance (and equivalent regional laws) requires websites to make visitors aware of cookies, but many people consider it unsettling how vague the use of their data is beyond that point.

Required announcement of tracking conditions and cookie use.

Third-party cookies are extremely useful to businesses that advertise online; they are the reason those Airpods you checked out last week have been popping up on every website you visit. Without the use of cookies, it would be a lot more difficult to display an ad that’s relevant for products you’ve previously viewed. If someone visits a product page, they’re more likely to buy that item, so it’s less effective to show the same ad arbitrarily to another user who may have no interest in the product.

Google is in the delicate position of trying to satisfy both ends of the spectrum. It wants to give its Chrome users peace of mind in how their browsing history is tracked, while it doesn’t want to hinder advertising efforts made by businesses using its platform. Google plans to release its proprietary Privacy Sandbox suite incrementally throughout 2021, equipping businesses with alternative advertising methods that are more in line with data privacy trends and requirements.

AI will use web history to build market segments


Google plans to use its “Federated Learning of Cohorts (FLoC)” AI system to group users who have opted to share their activity. Browsing data is still collected, but it’s kept by Google—and not shared with any other domains—for the purpose of building segments advertisers can use for targeting.

“Federated Learning of Cohorts (FLoC) proposes a new way for businesses to reach people with relevant content and ads by clustering large groups of people with similar interests.”

The AI, an integral part of the overall Privacy Sandbox, is designed to monitor and collect web history, and instead of distributing it to shady data brokers, use the information to build groups of people with similar interests within Google’s ecosystem. Users also have more control over what they opt in to. According to GitHub, the following conditions must be met before Google’s AI can sync users’ browsing data:

1.     The user is logged into a Google account and opted to sync history data with Chrome

2.     The user does not block third-party cookies (soon to be irrelevant)

3.     The user’s Google Activity Controls have the following enabled:

a.      “Web & App Activity”

b.     “Include Chrome history and activity from sites, apps, and devices that use Google services”

4.     The user’s Google Ad Settings have the following enabled:

a.      “Ad Personalization”

b.     “Also use your activity & information from Google services to personalize ads on websites and apps that partner with Google to show ads”

Segments, or groups, will be composed of individuals who share similar interests, purchasing and browsing behavior. This information is compiled so advertisers can select from these groups for their targeted ads in lieu of third-party cookies. The result is vastly increased control for the user (and Google as well) alongside simplified but focused advertising options for businesses. 

Google claims that “Federated Learning of Cohorts (FLoC) proposes a new way for businesses to reach people with relevant content and ads by clustering large groups of people with similar interests. This approach effectively hides individuals ‘in the crowd’ and uses on-device processing to keep a person’s web history private on the browser."

Related: Cybersecurity for small businesses: How to stay protected in a digital-first world

New APIs will help advertisers bridge the gap and maintain performance


The Privacy Sandbox doesn’t aim to leave businesses in the dark. When fully rolled out, it will include a collection of tools (APIs) created to assist advertisers in keeping their ads performing after third-party cookies are a thing of the past.

These tools will include programs that:

  • Assign trust tokens to distinguish between humans and bots, enhancing fraud detection and user protection
  • Build reports based on cross-site ad performance tracking (impressions, views, reach, conversions, etc.)
  • Allow advertisers to combine multiple-owned domains as a singular first-party site
  • Limit the amount of information collected, so only necessary user data is shared

In their “Is Google Privacy Sandbox Future of the Targeted Ads?” article, Automatad says it best:

“In a nutshell, all the user data will sit safely in the Chrome browsers of the individual users. The interests of the users will be discovered on the basis of their browsing history. The users with similar interests will be grouped together. Only Chrome will know about the group to which a user belongs. The API will signal only the groups of the users and the buyers will be targeting those groups. The remaining APIs will help in all the supporting activities like reporting, fraud detection, conversion tracking, etc.”

These APIs will work in tandem to optimize the advertising efforts of Google Ads customers. The standard of targeted online advertising is upheld, while user data isn’t spread to mysterious or unsavory sources. This is the essence of Google’s Privacy Sandbox.

Google’s Privacy Sandbox is the future of online advertising, and that’s a good thing


As with any major change, there will be a period of acclimation. Businesses with advertising strategies entrenched in cookie use will undoubtedly be inconvenienced at first, but the Privacy Sandbox is designed to protect and assist everyone. 

Google has demonstrated they’re aware of the issues and willing to deliver solutions for users and businesses alike. The Privacy Sandbox will give internet users confidence in where their information is going and give businesses confidence in who they’re pitching their products to. The combination is poised to make the internet a more secure and effective machine for browsing and selling. Stay tuned!

Need more information?