Privacy Sandbox is the name given to the collection of changes Google intends to make to the web. Despite the name Privacy Sandbox does not improve anyone’s privacy, it merely restricts the number of organisations that know even more about individuals.
Google’s web site – privacysandbox.com – indicates when each element of Privacy Sandbox will be implemented and when you must have altered your digital services. should Movement for an Open Web not be successful in changing the approach.
The following table explains each of the components in non-engineering terms, list non technology sectors that are impacted, and links to more information maintained at prebid.org.
| Name | Summary | Impact | Link |
| Third Party Cookie Removal | Removes the ability for different registerable domains (e.g. bbc.co.uk or bbc.com) to share information with one another even when they have peoples consent to do so. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| Trust Tokens API | Enables one party to inform another party that a person is genuine (not a robot) without disclosing the personal details of the individual. The party receiving the trust token must trust the party sending it to have performed the verification. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| FLoC API | Web browsers will be assigned to one of 32,000 numeric identifiers based on browsing history. Advertisers will need to work out the interest the group the numeric identifier relates to and determine if they want to displaying advertising. | Advertising, Publishing | More |
| FLEDGE API | |||
| Core Attribution API | Advertising, Publishing | ||
| Attribution Reporting API | Advertising, Publishing | ||
| Cross-Environment Attribution API | Advertising, Publishing | ||
| Aggregation Service Reference | Advertising, Publishing | ||
| First-Party Sets API | Some businesses operate registerable domain names (e.g. google.com and youtube.com). When third party cookies are removed, they want a way to continue to operate as if they were a single domain. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| Shared Storage API | Prompts the user to decide if data can be shared between different registerable domain names (e.g. yourdomain.com and analytics-tool.com). | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| CHIPS API | |||
| Storage Partitioning | |||
| Fenced Frames API | Elements of a web page can be displayed to the user without having any knowledge about the page they are contained within. Likely to replace iFrames that are a building block of the modern web. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| Network State
Partitioning |
|||
| SameSite Cookies | Prevents data that is written to a specific URL (e.g. example.com/news) from being read by another (e.g. www.example.com/articles) despite both URLs relating to a single registerable domain name. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| User-Agent Client Hints API | Communicate browser, platform and device model information between websites and web browsers by requiring the website to explicitly request the information rather than being provided with it by default. Place restrictions on such requests to suppliers to web site operators. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| HTTP Cache Partitioning | Prevents data that was retrieved by one registerable domain from being available to another without being fetched again. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| DNS-over-HTTPS | When a domain name (e.g. example.com) is converted into an IP address to enable data to flow between the web browser and the web site the web browser will no longer use the directory that contains this mapping provided by the Internet Service Provider it will instead use a service that it has chosen. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| WebID API | Sign in and services will be required to use features controlled by the web browser to facilitate login. Existing login services will be considered legacy in time therefore requiring all websites with login capability to adopt WebID. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| User-Agent Reduction | Remove the existing standard for transferring information associated with the device, platform and browser thus breaking all analytics, fraud, optimisation, performance and security solutions that don’t migrate to the inferior User-Agent Client Hints. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| Gnatcatcher | Prevent a web site operator knowing the IP address of the device that someone is using by routing all web traffic via Google’s data centres. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities | |
| Origin-Bound Cookies | |||
| Privacy Budget | Place the web browser in the position of deciding whether a website is trust worthy enough to be allowed access to information that is removed via the other items. | Advertising, Automotive, Charities, Retailers, Finance, Government, Publishing, Telecoms, Travel, Utilities |
Many of these changes are a work in progress. You can influence their development by joining the W3C and providing feedback to Google, or Movement for an Open Web.
Almost all of these changes do not impact Google. Google’s control of the web browser and other essential services such as search, maps, mobile, email and advertising means they have alternatives available only to themselves.
Copyright © Movement For An Open Web Limited (12888602). All Rights Reserved. Terms | Privacy Policy | Logos