Skip to content

Google’s proposed Privacy Sandbox faces privacy concerns

  • by
  • 3 min read

Photo: In Green / Shutterstock.com

Google’s initiative to replace traditional cookies with its Privacy Sandbox technology has been intensely scrutinized by the United Kingdom’s privacy regulator, the Information Commissioner’s Office (ICO), which expressed significant concerns about potential privacy vulnerabilities.

In a draft report reviewed by WSJ, the ICO has raised alarm bells regarding Google’s proposed Privacy Sandbox as a replacement for cookies in online advertising. The draft report points out critical gaps in the technology that could be exploited, compromising user privacy and anonymity.

According to the ICO’s findings, while aiming to enhance privacy, Google’s Privacy Sandbox falls short in certain areas, leaving loopholes that could allow for user tracking across different websites. This systemic industry noncompliance raises concerns about the effectiveness of Google’s approach to safeguarding user data.

The ICO’s draft report highlights these gaps and emphasises the likelihood of companies leveraging these vulnerabilities to continue tracking user behaviour for targeted advertising. This revelation is pivotal as Google seeks regulatory approval from the UK’s Competition and Markets Authority (CMA) to roll out its Privacy Sandbox globally.

“The Privacy Sandbox APIs require web browsers to take on a new role. Rather than working with limited tools and protections, the APIs allow a user’s browser to act on the user’s behalf—locally, on their device—to protect the user’s identifying information as they navigate the web,” Google explains.

The CMA, which oversees Google’s efforts to eliminate cookies from its Chrome browser, has pledged to seriously consider the ICO’s recommendations. This development could delay Google’s timeline for phasing out cookies if adjustments to Privacy Sandbox technologies are deemed necessary.

What are browser cookies? Why are they needed? Types of Cookies
While cookies are not exactly a privacy-focused invention, they are quite useful for advertisers and ad-tech companies.

“Privacy Sandbox technologies are designed to deliver meaningful privacy improvements and provide the industry with privacy-preserving alternatives to cross-site tracking,” said a Google spokesperson. 

The company is also working closely with government authorities on this matter. However, critics, including the Electronic Frontier Foundation (EFF), argue that the Privacy Sandbox, though a step forward, still poses privacy risks for users.

“Even if it’s better than third-party cookies, the Privacy Sandbox is still tracking. It’s just done by the company that makes your browser instead of the company that runs the ads,” said Thorin Klosowski, a security and privacy activist at EFF.

Phasing out cookies will massively affect the multi-billion dollar advertisement industry. While acknowledging the need for enhanced privacy, ad-tech companies have expressed apprehensions about the impact of cookie depreciation on their data-dependent business models.

As discussions between Google, regulators, and industry stakeholders continue, the outcome will impact Google’s advertising practices and set precedents for privacy standards in the digital age. Privacy Sandbox technologies’ evolution and adoption across the industry remain key focal points amid ongoing privacy debates.

In the News: Crypto miners stockpile $3 billion in Bitcoin ahead of halving

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>