Google’s New Privacy Strategy: The Privacy Sandbox

Google has announced a fresh initiative called “Privacy Sandbox.” This new project develops a number of open standards to enhance privacy of users from open advertisements on the internet while allowing publishers to deliver relevant ads. In Google’s view, this will be a win-win – a more private web for the users and more advertising revenue for publishers.

The current and common technique applied for online advertising is device fingerprinting, that allows the users’ device to be uniquely identified based on the details of what kind of hardware, software versions, and installed fonts used. This technique undermines users’ privacy as it will gather enough information that essentially results in no more anonymity. Some browsers implement a mass blocking of cookies to prevent such fingerprinting. Google argues such blanket blocking has reduced publishers revenue by 52%.[1]

The Privacy Sandbox initiative is introduced to provide a way to show the users targeted (and more profitable) ads, without resorting to device fingerprinting. The idea is to engineer a solution that allows a browser to make API calls to gather sufficient information about the users for purposes of targeting, conversion, and force prevention, but do so as a larger group instead of as an individual. On the other hand, Google also plans to provide more visibility to cookie settings and improve cookie classifications,and implement a more aggressive form of fingerprinting blocking. Google’s aim is to stamp out the most invasive types of web monitoring but at the same time, embrace a model of online advertising that still participates in some user monitoring but is fully transparent in an aggregate way.

The initiative centers around 3 standards: (1) transparency, where users will be able to look and understand how their data is collected and applied for advertising; (2) choice, which gives users greater control around “how they experience the web”; and (3) control, where users can tweak data collection and application processes, including when it comes to ad personalization. The proposed standards would make it difficult for advertisers to follow the users’ search history, and they would give the users more discretion over what types of data are distributed to marketers. Multiple opportunities would also be available to the users to essentially opt out.

At this point, the Privacy Sandbox is just a concept. Google is actively reviewing feedback from browser developers, privacy advocates, publishers, and advertisers for their own perusal on the subject.

It’s always interesting to see what tech giants, such as Google, are doing when it comes to privacy. But privacy strategy should not belong only to big companies. Any companies in any shape, size, or form needs to be mindful of data privacy and have a privacy program in place to adhere to the fast-evolving laws and operate under sound data privacy principles.