Introduction
In 2019, Google announced the end of third-party cookies on Chromium for 2022. Google has since delayed their removal several times. In a statement published in April 2024, Google indicated that their removal would rather take place in early 2025. However, since January 1, 2024, 1% of Chrome browsers no longer have any third-party cookies. To recap, there are different types of cookies.
- Technical cookies that allow for audience measurement, consent tracking, performance optimisation, connection, etc.
- First-party advertising cookies that allow the publisher to analyse the user’s behaviour on their website to create segments and personalise their advertising experience.
- Third-party advertising cookies that allow a third party to analyse the user’s behaviour across different websites to personalise the advertising experience or to retarget.
The end of third-party cookies on Google Chrome reduces the amount of information collected by advertising platforms. Advertisers find it increasingly difficult to target users with personalised ads. Online marketing professionals need to rethink tracking, analytics, etc.
In the absence of these cookies, how can we display ads tailored to the interests of users based on the websites they visit? How can we know if people who interact with our ads on the Web then take action on our website? Depending on the environment, there are different solutions to the end of third-party cookies, such as using first-party data, Server-side tracking, or Google’s Privacy Sandbox.
What is Google’s Privacy Sandbox?
In computing, a ‘Sandbox’ is a controlled and restricted environment where it is possible to isolate data to reduce the risks of misuse.
Definition: Privacy Sandbox
The Privacy Sandbox is an initiative aimed at creating technologies that protect users’ privacy on the web and on Android while allowing marketers to create campaigns that are just as relevant. In August 2019, Google announced the launch of its Privacy Sandbox project, a sort of safe designed to offer a series of technical solutions to retain advertising functionalities that currently require cookies. Its goal is to gradually eliminate third-party cookies while guiding marketers towards new practices to maintain their performance. ‘The Privacy Sandbox is a set of APIs designed to support the use of advertising cases without relying on cross-site or cross-application identifiers while improving data privacy’ according to Google.
State of Progress
Privacy Sandbox technologies are still in development. To know the progress (and the proposed features), consult Google’s resources directly: developer.chrome.com and developer.android.com.
What Is the Purpose of the Privacy Sandbox?
Google’s main objective with the Privacy Sandbox is to maintain online advertising without compromising data privacy for users. The aim is to reconcile the web’s economic model, largely based on targeted advertising, with privacy protection by promoting tools that are supposed to be more virtuous and less intrusive than third-party cookies. The Privacy Sandbox consists of a set of Google interfaces (APIs). These interfaces allow publishers to continue offering targeted advertising while avoiding technical constraints that could emerge.
How Does the Privacy Sandbox Work?
The 3 APIs of the Privacy Sandbox
Three APIs were launched in May 2023 for targeting (Topics, Protected Audiences) and measurement (Attribution):
- Topics API: Themes assigned to each browser based on recent browsing.
- Protected Audience API: Groups of browsers with a common characteristic (interest or behaviour) defined by the user.
- Attribution API: Measures ‘conversion’ following clicks or views (post click/view).
Decoupling User Identities
The Attribution Reporting API attributes a conversion event, like a purchase, to an advertising interaction, like a click or a view. Its goal is to make it difficult to link a user’s identity between two websites. For example, if a user sees an ad on an application and makes a purchase on the corresponding website, the API attributes that purchase to the ad. Measuring conversions requires cross-site data, as the user sees an ad on one app and converts on another.
Adding Noise
In the Privacy Sandbox, adding noise to aggregated data protects users’ privacy while providing useful information to brands. This technique introduces random data into the aggregated data before transmission, making the data less precise and harder to link to individuals. Thus, users’ anonymity is preserved, and advertisers can still gain significant insights for their campaigns.
How Does the Privacy Sandbox Replace Third-Party Cookies?
‘Early use cases show the relevance of the Privacy Sandbox, particularly with the Topics API: CPC & CPA similar to the third-party cookie model after a few weeks’ supports Etienne Besème, Head of Analytics at Eskimoz.
Displaying Relevant Ads
Third-party cookies allow tracking of the websites a person has visited to determine their interests. With the Privacy Sandbox, a web browser will automatically be included in a group (or cohort) of thousands of other browsers used by people with similar browsing habits. A person’s specific browsing information is stored on their device and remains private.
Re-Engaging Visitors
Third-party cookies allow a business to reach a specific audience, like previous visitors to its website. With the Privacy Sandbox, when people visit a business’s website, it can tag their browser if they take an interesting action like viewing a product. Later, when these users browse other websites with advertising space, their browser helps determine which ad to display without revealing their web activity.
Measuring Conversions
Third-party cookies allow associating a conversion on an advertiser’s website with an ad clicked by a person. With the Privacy Sandbox, when a user converts on the advertiser’s website, their browser associates this action with an ad the person clicked. It will not transmit any information revealing the user’s identity. It generates aggregate data and limits the amount of information shared on each conversion.
What Are the Limits of the Privacy Sandbox?
The IAB Tech Lab, the global technical standards organisation for digital advertising, published a comprehensive analysis highlighting the challenges related to the industry’s adoption of Google’s Privacy Sandbox.
Essential Event-Based Metrics
Counting impressions and clicks based on events is temporarily supported before moving to aggregated reports. Auction loss analysis is impossible, making revenue reconciliation and troubleshooting extremely difficult.
Creating and Managing Audiences
The ability of brands and their agencies to create, manage, and activate audiences is severely degraded. The absence of exclusion targeting and look-alike models limits campaign effectiveness and increases costs.
Technical and Innovation Challenges
Google’s implementation of an ad exchange and ad server within the Chrome browser requires significant retooling of the programmatic advertising ecosystem. This affects addressability, reporting mechanisms, ad rendering processes, bid decision-making capabilities, and concerns related to the scale of the Privacy Sandbox as it develops, posing innovation challenges to publishers and advertisers within these limits. ’Freedom does not exclude control. Third-party cookies were abandoned due to too many abuses by advertisers or solution providers. Validate these changes with your DPO, document as much as possible, all in compliance with the legal framework of GDPR and ePrivacy,’ reminds Etienne Besème.
Conclusion
As third-party cookies are expected to disappear gradually by 2025, it is essential to use the available time to conduct tests and prepare as best as possible for this upheaval in the digital marketing world. ‘Now is the best time to try alternatives, whether it’s the Privacy Sandbox, common identifiers, Server-Side, probabilistic approaches… Embrace this technological change as an opportunity’ advises Etienne Besème, Head of Analytics at Eskimoz. ‘The Privacy Sandbox seems to be the best, if not the only alternative for the end of third-party cookies on Google Chrome. In fact, even other browsers like Firefox or Safari, which implemented ITP and ETP before 2020, are looking into this type of solution,’ concludes Etienne Besème.