The timeline linked below provides a cautionary tale for regulators, underscoring the urgent need to protect the open and interoperable standards that underpin the health of the world wide web more rapidly.
Both Apple and Google have repeatedly used pretextual “privacy improvement” claims to steer consumers and businesses away from open standards and toward their own closed platforms and APIs. Regulators should continue to dismiss these unsubstantiated justifications, which operating system and browser vendors have been wielding to shield their illegal, anticompetitive conduct.
Apple’s ITP launched in 2017 and ATT launched in 2021 were designed to:
- ITP caused the migration from the open web to Apple’s proprietary app stores and APIs by removing support for third-party cookies (3PCs).
- Advertisers were caused to migrate spend away from mobile browser (Safari) to in-app impressions, where Apple conveniently provided a superior match key (MAIDs), and which enabled Apple to impose excessive app store fees.
- By undermining web-based monetization, Apple also pressured open web publishers to migrate their communication with visitors into mobile apps, enabling Apple to further command excessive app store fees.
- ATT caused rival media owners to shift their business models from ad-funded access to paywalls.
- Apple used its ATT to limit MAIDs in iOS and further reduce the effectiveness of ad-funded models for rival publishers, steering them toward subscription access, which again enabled Apple’s to charge even more excessive app store fees.
In the meantime, Apple was sharing search data with Google as agreed under the Information Sharing Agreement in exchange for 36% of Google’s search text ad revenue derived from Apple’s search access points. Further, the ATT restrictions do not apply to either Google or Apple.
Google’s Sandbox proposals introduced in 2019 were designed to:
- Remove open-standard local storage (third-party cookies), undermining rival, independent attribution solutions, fraud detection, media buying and ad exchanges.
- Restrict rivals’ use of real-time linking technology (link decoration), while Google’s own services continue to benefit from it.
- Limit the number of publishers (via its Related Websites API) which rival attribution providers could measure marketer outcomes across these media owner properties.
Notably, after introducing ITP, ATT and Sandbox APIs, neither Google nor Apple ever ceased collecting and processing digital activity for either their own consumer or business services by relying on consistent, cross-context device-specific identifiers. Indeed, most so called “ID-less” Privacy Enhancing Technology (PET) providers similarly rely on match key identifiers, essential for their software to function—reserving the “ID-less” label for only their outputs and what rivals can access. Both Big Tech and PET providers add latency, cost and complexity to communication, often using unilaterally dictated policies (such as App Store rules) to restrict normal B2B operations that compete with their own services. We recognize PET providers may offer B2B customers improved confidentiality with their data sharing. However, given consumers cannot be meaningfully informed of B2B decisions, we should stop conflating pretextual “privacy” claims with the need for open web standards that support continuous, high-quality, real-time communication, when organizations have adopted reasonable risk mitigation measures. Not all data is personal data.
When the UK’s Competition and Markets Authority (CMA) accepted Google’s Commitments to address concerns its Sandbox initiative would distort digital markets, the CMA counted on Google’s sincerity in promising to reform. Yet, despite repeated antitrust judgements, Google’s track record instead reveals a consistent pattern of malicious compliance. As illustrated below, both Apple and Google have repeatedly used their dominant consumer-facing services to unfairly exclude rival business-facing solution providers, distorting digital markets.
Google’s decision to no longer remove third-party cookies (3PCs) from Chrome does not remove the active threat it poses to distorting competition in digital markets. These same concerns remain, especially as Google may use its dominant Android OS to continue pushing its Sandbox and related “Confidential Computing” to exclude rivals, further protecting and entrenching its dominance. Ideally the antitrust rulings against Google’s Search, Ad Tech, as well as upcoming rulings on its restrictive App Store will align with the Apple rulings that are designed to restore interoperability, transparency and competition across digital markets.
In conclusion, the timeline below should serve as a wake-up call to regulators to act faster than the six-year Sandbox saga to prevent dominant Big Tech giants from imposing their ongoing announcements harm and distraction taxes on rivals, to the detriment of the open web.