Google announced this week that it will begin removing third-party cookies for some users of its Chrome browser starting in the first quarter of 2024 as part of its Privacy Sandbox initiative. This initiative aims to replace third-party cookies, which are used to track Internet users across the Internet and offer them targeted advertising, with solutions that better respect privacy and security.
Third-party cookies are files created by a website other than the one you are visiting that allow that website or advertising networks or social networks to collect information about the preferences, interests and behavior of Internet users. This information is then used to personalize the content or advertisements displayed on the websites you visit. Third-party cookies are generally perceived as a nuisance because they affect the privacy and transparency of Internet users.
Google proposes to replace third-party cookies with APIs (programming interfaces) that are part of the Privacy Sandbox. These APIs allow websites to request from Chrome a list of Internet users’ interests based on their browsing history and serve them relevant content or advertising. Instead of using third-party cookies to track people across the web, websites and advertising networks can simply ask the browser directly.
If your website uses third-party cookies, it’s time to act as we get closer to phasing them out. Chrome plans to disable third-party cookies for 1% of users starting in the first quarter of 2024 to facilitate testing, then moving to 100% of users starting in the third quarter of 2024. The increase to 100% of users is subject to the resolution of possible issues. Remaining competition from the UK Competition and Markets Authority (CMA).
Our goal with Privacy Sandbox is to reduce cross-site tracking while enabling features that ensure online content and services remain freely accessible to everyone. The challenge is to reject and remove third-party cookies as they enable important functionality around login, fraud protection, advertising and generally the ability to embed rich third-party content into your websites. also the main factors for cross-site monitoring.
Google notes that its Privacy Sandbox has been available since early September and has already conducted limited testing with certain developers and advertisers. It has also received positive feedback from some players in the online advertising market who say they are ready to test the solutions offered by the Privacy Sandbox on a larger scale.
Google therefore plans to remove third-party cookies for 1% of Chrome users in the first quarter of 2024, which is around 26.5 million users, considering that Chrome dominates the web browser market with more than 3 billion users. This removal allows developers to test the performance and effectiveness of their products in a real-world environment without cookies.
Prior to this removal, Google will allow developers to simulate cookie removal for a configurable percentage of their users in Q4 2023 to test higher traffic levels. The full removal of third-party cookies in Chrome is still planned for the second half of 2024.
Google’s removal of third-party cookies is part of a broader trend aimed at strengthening the privacy and security of Internet users. Other browsers such as Safari or Firefox have already blocked or restricted the use of third-party cookies. Additionally, Google still needs to seek approval from regulators, particularly in the UK, where its privacy sandbox is the subject of an abuse of dominance investigation.
Privacy Sandbox APIs
Privacy Sandbox APIs are application programming interfaces (APIs) that enable web browsers to play a new role. Rather than working with limited tools and protections, APIs enable a user’s browser to act on their behalf (locally, on their device) to protect their personal information while browsing the web. This is a change of direction for browsers. The future vision of the Privacy Sandbox is for browsers to provide specific tools to meet specific use cases while maintaining user privacy.
Among the Privacy Sandbox APIs we can name the following:
- FLoC (Federated Learning of Cohorts): an API that allows advertisers to target groups of users with similar interests without needing to know their individual browsing history.
- FLEDGE (First locally run group decision experiment): an API that allows advertisers and publishers to create and run advertising campaigns based on user interests without sharing their personal data with third parties.
- TURTLEDOVE (Two unrelated requests, then locally executed decision to win): an API that allows advertisers and publishers to serve personalized ads based on users’ interests without revealing those interests to anyone.
- Dovekey (demand-side optimization with verifiable events and retainable encryption): an API that combines the functionality of FLEDGE and TURTLEDOVE, providing advertisers the ability to use a third-party server to optimize their ad bids.
- PARAKEET (Private and anonymized ad requests that maintain effectiveness and increase transparency): An API that allows advertisers and publishers to serve relevant ads to users without sharing their personal information with third parties using a proxy service managed by a trusted third party.
- SPARROW (Secure private advertising running remotely on a web server): An API that allows advertisers and publishers to serve relevant ads to users through a publisher-managed server without sharing their personal information with third parties.
- AGGREGATE REPORTING API: an API that allows advertisers and publishers to measure the effectiveness of their advertising campaigns without revealing individual user data using secure calculation and data aggregation techniques.
- MEASURING API CONVERSION: An API that allows advertisers and publishers to measure conversions (e.g. purchases or sign-ups) generated by their ads without revealing individual user data, using encryption and noise reduction techniques.
- EVENT LEVEL API: An API that allows advertisers and publishers to measure events (e.g. clicks or impressions) related to their ads without revealing individual user data, using encryption and noise reduction techniques.
When a user visits a website that uses the Topics API for advertising, the browser shares three of their interests with the website and its advertising partners, selecting one interest from the last three weeks. According to the Topics API GitHub page, there are currently around 350 topics available in its advertising taxonomy (although Google plans to add a few hundred to thousands over time). Google says the topics do not include sensitive categories such as gender or ethnicity. And if you use Chrome, the company plans to develop tools that will let you view and delete topics, as well as disable the feature.
Google’s Project FLoC was a form of interest-based tracking that identified you based on your cohort, a group of users with similar interests. Privacy critics such as the Electronic Frontier Foundation (EFF) have argued that this system poses additional privacy risks, such as: B. facilitating the identification of users through browser fingerprinting, a tool that allows websites to obtain specific information about your device and browser. and may also reveal information about your demographics, which may result in targeted discriminatory advertising. Because of these concerns, browsers like Brave, Vivaldi, Edge, and Mozilla have all refused to use it.
Google’s initiative has been sharply criticized
The argument here is that Google plans to disable third-party tracking cookies in Chrome in 2024 and that the new advertising platform, which has some limitations, is better. The fact is that third-party cookies typically only affect Chrome users. Both Apple and Firefox have been blocking third-party cookies for years and will not implement Google’s new advertising system: only Chromium browsers still allow them.
That’s exactly what started this whole process: Apple dealt a major blow to Google’s main source of revenue by blocking third-party cookies in Safari in 2020. Although it was a victory in terms of confidentiality, Google did not follow suit until it could ensure the security of its advertising activities. Cohort fdr learning and now the Topics API are part of a plan to provide an alternative tracking platform, and Google argues that there must be an alternative tracking platform: you just can’t be a spy. The Electronic Frontier Foundation also confirmed this when they called Google’s FLoC a terrible idea in the comments [de Google] are based on the false assumption that we have to choose between the “old tracking system” and the “new tracking system”. It is neither one nor the other. Instead of reinventing the tracking wheel, let’s imagine a better world without the myriad problems of targeted advertising.
And you ?
What do you think of Google’s Privacy Sandbox initiative? Is this a push to protect privacy or a strategy to strengthen market dominance?
What are the advantages and disadvantages of third-party cookies for Internet users, websites and advertisers?
How do you feel about third parties tracking your online activities? Does that bother you or are you indifferent?
What alternatives are there to third-party cookies to personalize online content and advertising? What impact do they have on the performance, security and transparency of the web?
How do you think removing third-party cookies will impact the online advertising ecosystem? Who are the actors who will benefit or suffer from this?