Over the course of my 20-year career in digital advertising, I’ve mostly considered Google’s advertising business to be a threat to independent media.
You might expect that I would be very critical of Google Chrome’s impending deprecation of the third-party cookie, and that I would see the emerging Privacy Sandbox APIs as an attempt by a monopolist to unfairly squash what remains of the competition.
Actually, I see a lot more good than bad in Google’s Privacy Sandbox. Here’s why some of the current criticisms around Google’s cookie alternative don’t hold water.
Everyone is deprecating third-party cookies
A popular narrative is that Google’s internal units are conspiring to strengthen Google Ads’ dominance in the advertising industry.
But all other major browsers, including Apple Safari and Mozilla Firefox, have already deprecated support for third-party cookies and implemented tracking protection technologies. Besides, Google is also no longer the only company with both a browser platform and a thriving ads business.
Browser privacy tech is a platform trend – one that Chrome is actually very late to follow.
Consumers care about data privacy. What happens to end-user software when the majority of its users no longer get what they want? It gets replaced by software that does what the majority of users want. This explains why Google is moving forward with cookie deprecation and is developing a privacy-safe alternative in spite of its dependence on easy access to user data across third-party publisher websites.
Privacy regulations make platform changes unnecessary
Some critics say there’s no need for complex technical controls enabling privacy-safe advertising when organizational conformance to data privacy regulations (such as GDPR) already ensures that user privacy is protected.
But legal frameworks and technology can work in tandem.
Privacy-enhancing technologies (PETs), such as those used in the Google Privacy Sandbox and in data collaboration and clean room platforms, reduce the number of organizations that need to be trusted with the safekeeping of user data. This lowers the risks inherent in personal data processing. While PETs and technical controls are not a rubber stamp for compliance to data and privacy regulations, they greatly strengthen the implementation of many of the data privacy principles stipulated by global regulations.
PETs and technical controls enable us to go from a high-trust model of enforcement (i.e., “trust everyone by default and sue when that trust is broken”) to a low-trust model where participants can more easily impose limitations on the extent and purposes of user data processing, not just in contracts and promises, but also in code.
Competition vs. parity
Two questions for the critics: Are you upset about Chrome doing what every single one of its competitors has already done? Or are you complaining about Chrome developing an alternative that does not have complete feature parity to third-party cookies?
If the former, the chief complaint is not regarding Google being anti-competitive but on Google trying to be competitive. It’s angst regarding the final deprecation of an increasingly eroded cross-site tracking technology, not criticism of the Privacy Sandbox APIs themselves.
Third-party cookies, in spite of their utility, have also enabled an incredible amount of harm to this industry, enabling widespread data sharing, opaque data marketplaces and the commoditization of reputable publishers.
And Chrome is currently the only major browser platform offering a complete alternative to enable privacy-safe and relevant internet advertising on the open web. It’s a herculean effort that, if it were not undertaken, would ironically disproportionately and adversely impact non-Google ad tech vendors.
Google’s ads business also operates large-scale media platforms like YouTube and therefore benefits from the direct user data exhaust that a mainstream consumer platform generates.
That means Google’s advertising capabilities need neither third-party cookies nor the Privacy Sandbox alternative to have a competitive advantage. The industry is better off supporting and improving the Privacy Sandbox development effort instead of fighting to block or delay it.
Proprietary vs. open
It would be a problem if the design and implementation of the Privacy Sandbox APIs were closed and proprietary, because that would prevent third-party auditability of the underlying mechanisms. But the Privacy Sandbox is an open-source technology in both design and implementation.
Back in August 2019, Google’s Chrome Engineering team publicly announced its initiative to develop a set of open standards to fundamentally enhance privacy on the web. The initiative has since been under development, with proposals and related discussion occurring in the public domain. Evidence of design discussions can be found in various W3C working, community and business groups and across a number of GitHub repositories. Many participants from independent ad tech have tested and contributed questions, constructive criticisms and suggestions.
Today, the Privacy Sandbox APIs operate according to their public open-source specifications and are implemented in the public open-source Chromium codebase. They are just like any other web API implemented by Chrome and used by ad tech, including third-party cookies.
There is no doubt that the Privacy Sandbox APIs and related technologies are complex. A lot of effort is required to track and participate in their evolution. But that is the price of working in the open: There is nowhere to hide the mess that comes with proposal false starts, revamps and overhauls.
In spite of the complexity, designing in the open demonstrates Google’s commitment to build APIs that may eventually become standards for other platforms.
Further delays hurt innovation
The UK Competition and Markets Authority, which is tasked with analyzing the competitive impact of the Privacy Sandbox, should understand that further delays to large-scale industry deployment of the Privacy Sandbox would disproportionately hurt advertising technology vendors that are innovating new opportunities for publishers and advertisers in the post-cookie era.
Ironically, this would punish innovators that are adopting privacy-safe alternatives while benefiting laggards.
Fair competition is the real issue
Finally, some criticisms of the Privacy Sandbox have incorrectly conflated the design and implementation of privacy-safe advertising APIs with a far more critical issue: whether and how Google’s advertising business uses its market dominance in ad-serving technologies to give its own ad exchange a competitive edge.
Competition is a key issue. But it predates the emergence of both the Privacy Sandbox and third-party cookie deprecation. Incorrectly conflating these issues risks delaying what are ultimately fair mechanisms in the Privacy Sandbox.
Therefore, as the US Justice Department takes action on competition issues, it’s critical to not throw Chrome’s third-party cookie deprecation and real adoption of the Privacy Sandbox APIs into the same bag. However imperfect from a strictly advertising utility standpoint, the APIs enable open competition in digital advertising to continue after the third-party cookie is long gone.
“Data-Driven Thinking” is written by members of the media community and contains fresh ideas on the digital revolution in media.
Follow Optable and AdExchanger on LinkedIn.
For more articles featuring Bosko Milekic, click here.
