The Privacy Sandbox News
Working Together to Build a More Private Internet
Apr 06, 2023
I've spent the last several months leading product management
for the Privacy Sandbox — a set of technologies designed
to both enhance user privacy and ensure a free and vibrant
internet.
The opportunity to connect with people from
across the industry on how we navigate the transition to a more
private internet has been inspiring. The energy and innovation
from organizations who are leaning into this challenge has been
impressive, and I encourage more to join them as the deadline
approaches for phasing out third-party cookies in Chrome next
year.
Hearing different perspectives on the best path
forward has been invaluable. An open and healthy dialogue
is essential to advancing progress, and I want to thank everyone
who has shared feedback — including criticisms
—about Privacy Sandbox. We may not agree on all points,
but having a collective discussion and debate is important.
To
that end, I wanted to share four core tenets that I believe we
must strive for as an industry, and share how these guide our
Privacy Sandbox efforts. Consider this an open letter to
everyone who wants to help build a more private internet.
1) Privacy and access to information should be universal
People are increasingly concerned about their privacy online,
especially how their activities are tracked across sites and
apps for digital advertising. Some major platforms have
attempted to address these privacy concerns with changes that
disrupt how the internet works today, and which make it harder
for publishers to support their businesses through digital
advertising. Such changes risk turning broad access to quality
online content from “free” to “fee.”
Without effective ads, content will migrate behind paywalls or
disappear altogether, disenfranchising billions of people who
rely on this information in their daily lives.
We
believe that free content – whether it’s news, a
how-to-guide, or a fun video – should be available for
everyone, regardless of their income, location, or any other
factor. At the same time, people should have the assurance that
information about their online activities is protected.
As
an industry, we must transition to new, more private solutions
that don’t rely on cross-site tracking and provide
publishers and marketers with the capabilities they need to
succeed online. We believe that consumer platforms –
browsers and mobile operating systems – have a
responsibility to support this transition by building new tools
for the ecosystem. That’s why we’re developing the
Privacy Sandbox and launching these technologies in Chrome and
Android.
The stakes are high. If we fail to take
decisive action, we risk reducing access to information for all
users of the Internet. I’m gratified that many companies
are rallying to tackle this challenge. By continuing to work
together across industry, I’m confident we will create an
internet that is more private for everyone, without compromising
their access to information.
2) Viable alternatives are a prerequisite for real and durable privacy
Improving user privacy requires building privacy-preserving
alternatives that support the critical needs of the digital
ecosystem. Some browsers and operating systems have attempted to
improve privacy by restricting existing user identifiers, like
third-party cookies, without having such alternatives in place.
This approach not only hurts content creators and marketers
– it also backfires on protecting people’s
privacy.
When platforms have attempted these blunt
approaches to improve privacy,
researchers have noted
that more covert forms of cross-site tracking have proliferated.
Tracking and profiling users with techniques like browser
fingerprinting or identifiers based on user PII (such as email addresses) means less privacy, control, and transparency. This is a bad
outcome for users and the internet as a whole.
Advancing
privacy while continuing to support an open internet is a
difficult task. It requires technology innovation to build new,
privacy-preserving solutions that support the needs of marketers
and publishers. It’s a mistake to think that simply
restricting one form of tracking won’t lead to others that
are even worse for user privacy.
3) Solutions need to provide technical protections for privacy
Providing information about how data is being used, and controls
to manage that usage, are important steps in addressing people's
concerns about online privacy. However, this isn’t
sufficient on its own to address the challenge of limiting
cross-site user tracking. We believe that users shouldn’t
have to understand complicated data usage policies across
different sites and apps to keep their activities private.
Instead we need to provide users with online experiences that
are “private-by-default,” based on solutions that
provide technical privacy guarantees.
Unlike many
existing solutions, the Privacy Sandbox APIs don’t rely on
user-level tracking identifiers. These APIs protect privacy
using technical privacy-preserving approaches, like data
aggregation, data noising, and processing sensitive data
on-device or in
trusted cloud execution environments. Because of this, the Privacy Sandbox APIs improve privacy
significantly over third-party cookies and other cross-site
tracking techniques, like fingerprinting and PII-based
identifiers. And they provide a durable foundation that the
ecosystem can build on, further strengthening data protections
and industry capabilities over time.
We have heard
criticisms of the Privacy Sandbox designs coming from two
opposing points of view. Some suggest that the Privacy Sandbox
APIs are insufficiently private and should restrict data usage
further than they already do. Others push back on the Privacy
Sandbox for not replicating the tracking capabilities of
cross-party identifiers. We respectfully disagree with both of
these viewpoints, because they don’t recognize the need
for balanced solutions that both advance user privacy and
support a healthy ecosystem. We’ll continue to remain open
to concrete, practical proposals that address both of these
requirements, because they’re essential to make real
progress on privacy and maintain open access to information for
everyone.
4) Solutions must be built in the open, in partnership with the industry
Transitioning the internet to more private solutions is a big,
collective undertaking – one that requires participation
from organizations across the ecosystem. Changes should be
discussed and debated openly – whether those are
introducing new technologies or phasing out existing ones
– so that everyone is aware and can provide feedback.
For
Privacy Sandbox, we’ve made it a priority to provide
clear visibility
into our proposals and plans, with multiple channels for
ecosystem feedback. This process includes active participation
in industry forums like the W3C, which includes platform and
browser companies who’ve chosen to take a different
approach to privacy and supporting the open internet. It's worth
noting that in several cases, those companies have made
disruptive changes without following a comparable process for
public consultation and feedback.
Further to work
carried out by the UK’s Competition and Markets Authority,
we have entered into a set of
Commitments
also involving the Information Commissioner's Office, to ensure
that our platform changes take into account privacy outcomes and
potential impacts on competition, publishers, advertisers and
user choice. We maintain an open communication channel with
governments in many countries around the world to inform our
approach.
I want to thank everyone who has
shared feedback on Privacy Sandbox. Your input has played a key
role in making the Privacy Sandbox APIs better for users and
businesses. For example, last year we
introduced Topics, based on feedback we received about our earlier FLoC
proposal. We did the same when we
expanded on TURTLEDOVE to create FLEDGE, based on productive conversations with the ecosystem.
As
we’ve developed Privacy Sandbox, we’ve heard from
many organizations who support our approach and agree that the
industry needs new technologies that both advance privacy and
support the open internet.
"Delivering greater privacy for consumers online is a fundamental priority for the digital ad industry and, by extension, the long-term sustainability of the open web. This is no simple task. Questions such as how advertisers ensure relevant targeting, avoid bombardment, and measure effectiveness are all prevalent. Solving them is reliant on our ability to collaborate and - by engaging with cross-industry efforts to test, interrogate and feedback on proposed solutions - all IAB members have a hugely important role to play in establishing what’s working and where more work is needed. We value how Google is working with the wider ecosystem on this via Privacy Sandbox.”
Jon Mew
CEO
IAB UK
I am optimistic about that future that we’re building
together. Yes, change is hard – especially when
transitioning from technologies that we’ve relied on for
decades. And yes, not everyone will agree on such a contentious,
complex, and important subject. And while we strive to build
alignment, we’ll continue to move forward – because
the history of technology has shown that progress can’t
always wait on consensus.
In 2023, we’ll make
Privacy Sandbox available to more users and work with the
industry to test and adopt these new technologies at a greater
scale than ever. And in 2024, we’ll be ready to phase out
third-party cookies in Chrome. Along the way we’ll
continue to welcome collaboration, dialogue, and debate as we
work together to build a more private internet.