Google’s “Privacy Sandbox” API is ready
Google has finalized the programming interface for its privacy sandbox. From the Chrome version appearing in July 2023, websites can address the interfaces integrated in the browser. For real-size tests, Chrome will automatically block third-party cookies for one percent of users as early as the first quarter of 2024. Website operators should start incorporating the new APIs into their website code very soon in order not to lose all advertising revenue in 2024.
The privacy sandbox is a zoo of different technologies that Google is building into its Chrome browser: they are designed to prevent user tracking so that advertisers can still display personalized advertising to their target groups. Google started the initiative as the provider of the largest platform for online advertising, after users had increasingly taken action against third-party cookies with plug-ins and data protectionists increasingly criticized the tracking practice of the advertising industry. Operators of advertising platforms such as Google and Facebook can use third-party cookies to monitor the surfing behavior of users. They currently use this to automatically auction ads. Many websites live from the share of this auction revenue that the advertising platforms allow them.
The big problem for users with third-party cookies is that users are assigned to the appropriate advertising on the servers of the advertising networks. This means that users have no influence whatsoever on a possible incorrect assignment. The privacy sandbox tries to move the assignment from the foreign server to the browser of each user. This allows users to influence the personalized advertising – at least within the framework of the settings that Google makes available in Chrome.
user interests
Chrome now tracks user behavior internally. The browser logs which websites users visit and from this information distills three topics that a user has been interested in in the last three weeks. Websites can use the Topics API to retrieve these three topics and transmit the information to an advertising network in order to display tailored and therefore more expensive advertising. Users can add and delete themes in Chrome settings.
Retargeting
Shopping websites can also use the Protected Audience API (renamed “FLEDGE”) to tell the browser that they would like to serve ads to that user in the future. For example, if a user surfs the website of a shoe manufacturer but does not (yet) make a purchase, this website can tell the browser that it would like to belong to the AdInterestGroup. Another website can then start an auction for an ad that Chrome automatically evaluates after the browser has automatically asked all interested advertisers to bid. Such retargeting can be worthwhile for merchants, although they have to outperform general advertisements because they already know that the user might be interested. Retargeting is often annoying for users because they are being tracked across the web by a single product. Such tracking will also remain possible without third-party cookies in the future.
ad fraud
Since online advertising is based on fully automated ads, fraudsters keep coming up with the idea of faking advertising traffic in order to generate advertising revenue without users. Until now, advertising networks have prevented this by analyzing the traffic associated with certain cookies. The scammers’ robots then behaved conspicuously and the advertising networks simply didn’t pay anything. This analysis of usage behavior is no longer possible with the Topics and Protected Audience API.
As a replacement, Google builds the Trust Token API into websites. Websites that are sure they have interacted with a person can use this to leave a notice in the browser. The browser can pass this information on to advertisers in such a way that no conclusion can be drawn as to who originally placed the information. Real users thus automatically verify that they are human, and advertisers have protection against having put their money into fraudulent ad auctions.
Browser-Fingerprinting
Some websites reacted to the fact that some users automatically deleted third-party cookies with browser fingerprinting. The term refers to techniques that use computer-specific differences such as slightly differently processed images by different graphics cards to recognize users against their will. Most of the time, information such as the user agent specified in HTTP requests, the IP address, the screen resolution and details when drawing on canvas elements were combined for this purpose.
The Privacy Sandbox contains a whole range of measures to ensure that Chrome provides less information of this type in the future. In the future, Chrome will formulate the user agent very sparingly, isolate data stored by websites from each other, use DNS over HTTPS, hide the IP and separate information on network connections for each website. There is a clear summary for the techniques on privacysandbox.com. It can be expected that Google will make further efforts to prevent browser fingerprinting in the future.
Google presents itself as the advocate of users whose privacy needs have been trampled on by the evil advertising industry. The company does not mention that Google with AdSense itself is responsible for most of the current situation. With the Chrome browser, Google has by far the greatest leverage to influence the advertising market and can easily ensure that the privacy sandbox does not lead to disadvantages in its own income. Competitors like Meta (Facebook) don’t have this power and are watching developments critically.
The move away from third-party cookies should still be good for users. Tracking via cookies has completely disenfranchised users and any change should be an improvement. In addition, Google is right that browser fingerprinting cannot be in the interests of users. But there is also an ideology behind it to some extent: According to Google, information should never be hidden behind paywalls. What sounds like a fair fight for free information is actually selfish: Google never earned any of the revenue related to paywalls.
(pmk)
To home page
