A vital principle of the Privacy Sandbox

bunpa paning459
5 min readApr 16, 2021


There has been a lot of buzz about privacy these days, especially concerning browsers. Recently there was a huge uproar when Whatsapp announced that it would start sharing user data with its parent company, Facebook. According to Wired, Whatsapp has been sharing our data with Facebook for several years. This uproar sparked the debate for using user data for advertising services.

You might simply say that your own personal data should not be shared with Facebook to make the advertisements more catered towards. But I believe that if this process is done with proper legal measures, it brings us more benefits than problems. Imagine an instance where you chat with your friend about a mobile device on WhatsApp, and the next moment, you see an advertisement for that same product on Facebook. Your initial reaction would be to freak out, but if not for these personalized advertisements, you wouldn’t have known about this particular store selling the phone you wanted to buy, at an awesome price.

Due to these numerous benefits for both users and companies, there have been proposals to change the way ads work. The Privacy Sandbox is an initiative of Google that contains such proposals to make the web a better place and still allow companies to earn revenue via advertising.


What is Privacy Sandbox?
The Privacy Sandbox is an initiative by Google that intends to “Create a thriving web ecosystem that is respectful of users and private by default”. This proposes a set of privacy-preserving APIs to support business models to earn revenue without the need for tracking solutions like 3rd party cookies. In this cookieless scenario, Google wants targeted ads, conversion measurements, and fraud prevention to happen according to the standards set by Privacy Sandbox. In this scenario, cookies will be replaced by the privacy-preserving APIs mentioned above.

In software engineering terms, the word sandbox refers to a protected environment. In this Privacy Sandbox initiative, your data is kept protected in a secure local environment, within your device browser. Advertisers will only be able to access the necessary information via the provided APIs. These APIs reveal only the information needed by the advertisers and nothing more than what’s necessary.

A vital principle of the Privacy Sandbox is that a user’s personal information should be protected and not shared in a way that lets the user be identified across sites.

Let’s have a look at how Privacy Sandbox can change the way we surf the web without third-party cookies.


Interest-based Advertising
One of the proposals that were intended to replace third-party cookies in targeted advertising is Federated Learning of Cohorts (FLoC). This proposes a change in the way users are tracked, where rather than observing the browsing behavior of individuals, we observe the behavior of a cohort of similar people. This new way enables businesses to reach individuals with targeted ads by clustering groups of people with similar interests. This novel approach hides individuals “in the crowd” and uses on-device processing to keep their data safe locally.

Google’s ads team was able to successfully test this proposal and found out that advertisers can expect to see at least 95% of the conversions per dollar spent when compared to cookie-based advertising. This finding proves that FLoC is the path of the future with priority for privacy.

The Chrome team expects to start public testing of FLoC by March 2021. You can read more about FLoC over here.


Creating Audience
One of the essentials of a successful advertising campaign is the creation of audiences. Privacy Sandbox includes proposals on how marketers and advertisers can create their own audiences without the need for third-party cookies. The Chrome team published a new proposal called FLEDGE which is based on a previous Chrome proposal called TURTLEDOVE. This new proposal takes into account the industry feedback given for TURTLEDOVE and integrates features like “trusted server”. The trusted server is used to store information about a campaign’s bids and budgets.

FLEDGE is essentially Google’s option for advertisers who want to reach prior visitors to their website via remarketing. FLEDGE is expected to hit trials later this year. You can read more about FLEDGE over here.

Measuring Conversion
Google has proposed several methods that would allow marketers to measure conversion. These proposals make sure that the privacy of users is kept protected while supporting key advertiser requirements. Techniques such as event-level reporting and aggregate-level reporting will be used to measure conversion. These reporting techniques allow bidding models to recognize patterns in data and deliver accurate measurements over clustered groups of consumers.

Google also plans to use techniques like aggregating information, adding noise, and limiting the amount of data sent out from your device to preserve the privacy of consumers. Due to this, advertisers will have to prioritize the conversions which are important for their reporting and access only them. But the company is still calling for wide feedback and a measurement prototype is yet to be built.


Ad Fraud Prevention
The well-being of the advertising-supported web model depends on the ability to distinguish traffic from actual users and fraudulent traffic. Google plans to verify this with the help of a feature called Trust Tokens API. Trust Tokens is a new API to help combat fraud and distinguish bots from real humans, without passive tracking. This feature allows an origin to issue cryptographic tokens to a user it trusts. These tokens are stored in the user browser and can evaluate the user’s authenticity in other contexts.

Google expects to start trials by March this year with the launch of their next release that supports an updated version of Trust Tokens. You can read more about Trust Tokens here.