The world developed a vaccine for COVID-19 faster than Google has been able to get rid of third-party cookies from Chrome.
Google will make the targeting and measurement APIs in its Chrome Privacy Sandbox generally available for all users in July so developers can do scaled testing before the phaseout of third-party cookies begins next year, as planned.
Developers will have access to a mechanism that simulates third-party-cookie-free traffic for testing purposes. Then, the third-party cookie will finally begin its gradual shuffle off this mortal coil.
In Q1 2024, Chrome will deprecate cookies for 1% of a randomly selected group of Chrome users and slowly expand deprecation to more users throughout the year.
It’s been a long journey to get here.
But there have been countervailing forces standing in Google’s way, including an investigation in 2021 by the Competition and Markets Authority (CMA), the UK’s top antitrust regulator. The CMA started poking around the Privacy Sandbox following complaints that Google’s plan to eliminate third-party cookies in its browser would give it an unfair advantage in the digital ad market.
Google eventually committed to ongoing CMA supervision over the design and development of the APIs in the Chrome Privacy Sandbox to make sure it doesn’t distort competition. Google also files quarterly reports with the CMA detailing its progress.
In a recent report of its own published in April, the CMA said it’s “keen to ensure there are no further delays” in the timeline for removing third-party cookies, so long as its competition concerns are addressed before the APIs are deployed.
Google will continue working “in close consultation” with the CMA as it extends third-party cookie deprecation beyond the 1% mark, said Victor Wong, senior director of product management at Google.
The time is now
Antitrust concerns haven’t been the only roadblock.
The sandbox testing process led Google back to the drawing board on some of its APIs. Based on feedback gathered during the first set of FLoC origin trials in 2021, Google ended up replacing FLoC with the Topics API.
Criteo, for example, had noted during its testing that it was still possible to use FLoC IDs to do cross-site tracking by monitoring browsing habits and cohort assignments over time. It wasn’t the best look for a purportedly privacy-preserving third-party cookie replacement.
Only a small handful of ad tech companies – pretty much just Criteo and RTB House – have been actively involved in the Privacy Sandbox origin trials. Adoption has been slow, in part due to Google’s multiple deadline delays.
And both companies have noted a lack of adoption across the industry, which has made it difficult to run meaningful tests.
That will likely change with general availability (GA) this summer, Wong said.
Going GA “is a big step to expand testing and adoption,” he said, “and should be a strong signal to companies that now is the time to begin integrating the APIs if they have not started already.”
For those keeping track, the APIs include:
- Topics, such as interest-based advertising sans third-party cookies.
- Protected Audience, which is the rebranded FLEDGE.
- Shared Storage and Private Aggregation for securely sharing cross-site data and generating reports.
- Fenced Frames for embedding content onto a page without data sharing.
- Attribution Reporting, which is self-explanatory.
This is (and is not) a test
Even with general availability, there is a question in the industry about whether the Privacy Sandbox APIs will be ready for primetime, as in, whether antitrust concerns will be fully addressed and whether the APIs will be as effective as what they’re replacing (not that third-party cookies are all that great).
Although Google is adamant the deprecation deadline won’t get pushed again, that would seem to be the only possible contingency plan.
In April, Google Ads published the results of an experiment comparing the performance of campaigns using third-party cookies with campaigns using the Topics API, first-party publisher IDs and contextual data.
The TL;DR on the findings is that the Privacy Sandbox performed worse than third-party cookies, albeit only by a bit. The number of conversions per dollar spent were between 1% and 3% lower using Privacy Sandbox solutions than third-party cookies.
But Wong said Google is “certain the APIs are ready.”
“The coming quarters will provide time for companies to continue testing APIs, giving feedback and fully adopting them at scale across a range of use cases,” he said. “We then expect Privacy Sandbox to continue innovating and improving even after third-party cookies are gone.”