Interactive Advertising Bureau

About Privacy Sandbox

Dec 18,2023
Helen Mussard

Privacy Sandbox is a Chrome and Android initiative for developing new technologies for modern, privacy focused web and Android ecosystems. The Privacy Sandbox reduces cross-site and cross-app tracking, while helping to keep online content and services accessible for all. The  Web and Android efforts share a common vision, and several of the web proposals will be developed for Android as well.  However, the web and mobile apps rely on fundamentally different technologies which puts them on separate timelines - even though some phases may line up. This section focuses on Privacy Sandbox for the Web.

Privacy Sandbox for the Web will phase out third-party cookies  by using the latest privacy techniques, like differential privacy,  k-anonymity,  and on-device processing. It also helps to limit other forms of tracking, like fingerprinting, by restricting the amount of information sites can access so that a user’s information stays private, safe, and secure.

The proposals are being developed in public forums, in collaboration with members of the industry. Chrome also continues to work with the UK's Competition and Markets Authority in line with the commitments they offered for Privacy Sandbox for the web. We encourage participation through the many public feedback channels that inform development of the proposals. Stakeholders can also use this form to share feedback directly with Chrome.

Timeline

The Privacy Sandbox proposals are in various stages of the development process. According to a blog post on May 18th, Chrome plans to deprecate third-party cookies for one percent of Chrome users in Q1’24 and is working towards deprecating third-party cookies in Chrome in the second half of 2024 (depending on approval from the CMA). 

You can find the latest timeline on the privacysandbox.com website which will be updated once per month.

API Proposals

Chrome and other ecosystem stakeholders have offered more than 20 proposals to date, which can be found in the public resources of W3C groups. These proposals cover a wide variety of use cases and requirements.

Topics API

Topics is a proposal in the Privacy Sandbox designed to preserve privacy while showing relevant content and ads. The browser will infer a handful of recognizable, interest-based categories based on recent browsing history to help sites serve relevant ads. With Topics, the specific sites you’ve visited are no longer shared across the web, like they might have been with third-party cookies. 

How it works: There are two main parts to Topics. First, the API labels each website from a set of recognizable, high-level topics. For example, the browser would match a sports website with the topic "Sports". Then, the browser collects a few of the most frequent topics associated with the websites you’ve visited. These topics are then shared (one new topic per week) with the sites a user visits to help advertisers show more relevant ads, without needing to know the specific sites a user visited.

The browser will use a limited set of topics selected from a human-curated, publicly visible list. The updated list contains around 469 topics - we limit the taxonomy’s size to reduce the risk of fingerprinting. Additionally, Chrome aims to maintain a topics list that does not include sensitive categories (i.e. race, sexual orientation, religion, etc.).

Users will be able to see the topics and remove any a user doesn't like, or disable them completely in Chrome  under their respective ads privacy settings

Learn more

Demo: https://topics-demo.glitch.me/

Tester list: Topics 

Office hours: https://github.com/patcg-individual-drafts/topics/issues/115

Protected Audiences API

Protected Audience API (fka FLEDGE) is a new way to address remarketing, ie. reminding you of sites and products you’ve been interested in, without relying on third-party cookies. As a user moves across the web, the sites of advertisers a user has visited can inform the browser that they would like a chance to show this user ads in the future. They can also directly share information with a user’s browser including the specific ads they'd like to show and how much they'd be willing to pay to show this user an ad. Then, when a user visits a website with ad space, an algorithm in the browser helps inform what ad might appear.

Learn more

Office hours: https://github.com/WICG/turtledove/issues/88

Tester list: Protected Audience

Attribution Reporting API

Today, ad conversion measurement often relies on third-party cookies. Browsers are restricting access to third-party cookies because these can be used to track users across sites and hinder user privacy.

The Attribution Reporting API enables those measurements in a privacy-preserving way, without third-party cookies. Imagine you’re browsing the morning news and you see an ad for a pair of headphones that are on sale. You click on the ad to take a closer look. An adtech company can use Attribution Reporting to let an advertiser know that a purchase occurred, but keeps your individual browsing or app activity private – using methods like encryption, time delays, secure servers, and data aggregation and randomization.

This API enables advertisers and ad tech providers to measure conversions in the following cases:

  • Ad clicks and views.
  • Ads in a third-party iframe, such as ads on a publisher site that uses a third-party ad tech provider.
  • Ads in a first-party context, such as ads on a social network or a search engine results page, or a publisher serving their own ads.

Learn more

Public Handbook: [public] Handbook (Experiment with Attribution Reporting)

Demo: https://arapi-home.web.app/

Tester list: Attribution Reporting

Office hours: https://github.com/WICG/attribution-reporting-api/issues/80

How to get started with testing

If you are interested in testing the Privacy Sandbox APIs, the “Get started” section on https://developer.chrome.com/docs/privacy-sandbox/ is a good place to start. For the Topics API (Interest Based Ads) and Protected Audience API (Remarketing and Custom Audiences) you can also check out the integration guides below:

You can also get in touch with Chrome directly by joining the publicly available office hours:

Topics Office Hours

Protected Audience Office Hours

Attribution Reporting Office Hours

You can also share your feedback directly via the Privacy Sandbox feedback form.

JOIN IAB EUROPE

Shape the future of digital marketing & advertising

Join today
GET IN TOUCH

IAB Europe is the European-level association for the digital marketing and advertising ecosystem

IAB Europe
Rond-Point Robert
Schuman 11
1040 Brussels
Belgium
Sign up for our newsletter
chevron-leftchevron-right linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram