Guide to Google’s Privacy Sandbox

At the beginning of 2020, when Google announced they were giving a two-year notice before removing third-party cookie support from Chrome, they also announced new proposals for replacing cookie functionality for advertising purposes. My 8-year old suggests that Google replace...

By Paul Bannister

At the beginning of 2020, when Google announced they were giving a two-year notice before removing third-party cookie support from Chrome, they also announced new proposals for replacing cookie functionality for advertising purposes.

My 8-year old suggests that Google replace “cookies” with “cupcakes”, but sadly, that’s not to be.

Instead, Google is reimagining digital advertising via the “Privacy Sandbox.”

5 key takeaways:

  • Google’s Privacy Sandbox is a group of proposals about rebuilding advertising without third-party cookies.
  • That’s a lot of ground to cover, so the Privacy Sandbox is not just one solution — it’s over two dozen proposals.
  • You can think of the Privacy Sandbox as covering four main areas: ad targeting, ad delivery, ad performance reporting, and most importantly, user privacy.
  • The Privacy Sandbox is far from done — it’s just now entering the testing and experimentation phase.
  • Google is using the W3C and Github for feedback and discussion, and the CafeMedia team is very involved every step of the way!

You’ll walk away from this post with a full context for Google’s Privacy Sandbox, where Privacy Sandbox work stands today, and how our team is helping make sure these proposals result in an end state that is good for publishers and advertisers.

What is the Privacy Sandbox?

In developer-speak, a “sandbox” is an isolation environment — a safe place for testing that can’t affect anything outside of it. 

Similar to setting up a sandbox for children to play in, where they can dig and build freely within a set area, Google’s Privacy Sandbox is about putting boundaries around how companies can interact with and “play” with data in the Chrome browser. 

The Privacy Sandbox is not just one proposal or solution. It’s a massive attempt to radically re-engineer how digital advertising works today.

And it’s made up of over two dozen different proposals designed to meet specific needs across the advertising industry.

How is CafeMedia involved with the Privacy Sandbox?

Google shares Privacy Sandbox proposals and receives input in two key places:

  1. W3C: Google uses the World Wide Web Consortium (W3C) as the forum to discuss all of these topics. 
  2. Github: They also use the popular developer platform Github as a place to discuss each proposal in minute detail. 

We believe it’s vital for our team to represent the CafeMedia community within these discussions — sharing feedback, suggestions, and demonstrating alternatives that can make the Privacy Sandbox a great option for independent publishers.

Through our participation in organizations like the W3C, CafeMedia/ team members including myself, Don Marti, and many others have spent hundreds of hours over the last year in countless meetings to give CafeMedia publishers a voice in Google’s work.

We regularly discuss Privacy Sandbox proposals with engineers at all of the major browsers (Chrome, Firefox, Safari, etc.), as well as representatives from advertising technology companies, large publishers, global advertisers, and other key players in the ecosystem!

Your guide to the Privacy Sandbox proposals

I like to break the Privacy Sandbox into four overarching buckets:

  1. Ad targeting
  2. Ad delivery
  3. Ad performance reporting
  4. And most importantly, user privacy!

1. Ad targeting: how do advertisers reach the right customers?

The first problem the Privacy Sandbox aims to solve is how advertisers can reach the right customers through ad targeting.

Advertisers want to be able to see users on their own websites (or the websites of companies that sell their products) and reach those users with ads later on. They also want to be able to find new customers that might be interested in their products.

FLoC and TURTLEDOVE (both of which are actually acronyms) are two Privacy Sandbox proposals designed to solve these problems.


TURTLEDOVE stands for “Two Uncorrelated Requests, Then Locally-Executed Decision On Victory.”

Clear as day, right? 

Well, here’s the plain English explanation of how TURTLEDOVE works.

This proposal is designed to help advertisers retarget customers, solving the problem of how advertisers can reach people they KNOW are interested in their product because they’ve been looking into it already.

This handles simple cases like when you’re looking at sneakers on a shoe sales website and then see ads for the same sneakers while browsing the web later on. 

It can also handle more complex cases where an advertiser might build a detailed model of the types of users browsing their site (e.g., “Interested in buying a Luxury SUV in the next 30 days”) and then target them elsewhere. 

TURTLEDOVE accomplishes retargeting in a privacy-preserving way by grouping users into “cohorts” of hundreds (or thousands) of users, so no single user can ever be individually identified. 

With TURTLEDOVE, all of the targeting data is stored in the browser and not sent back to ad servers where users’ data could be stitched together, giving companies too much information on a given user. 

If you’re interested in learning more about TURTLEDOVE, I made a 12-minute explainer video with industry magazine AdExchanger that you can watch right here:

What is FLoC?

FLoC stands for “Federated Learning of Cohorts.” It uses an advanced machine learning technology known as “federated learning” to allow advertisers to reach new audiences. 

With FLoC, web browsers (like Chrome and Firefox) talk to each other and, based on a user’s browsing habits, find other similar users and group them together into cohorts. 

This also works well to maintain user privacy, as there’s no need to work with servers. The browser can store all the required information and never let any other party know any data that might compromise the user’s privacy.

P.S. Google made a great comic (yep, a comic!) that explains how federated learning works.

2. Ad delivery: how do advertisers serve ads on the page?

Once an advertiser is able to reach users (or rely on the browser to do it for them), the next step is to actually get the right ads to those users! 

Delivering the ad to a webpage is another point-in-time where a user’s privacy can be compromised. 

The Privacy Sandbox introduces a piece of technology called Fenced Frames to address this. 

What are Fenced Frames?

If you’re somewhat familiar with HTML, you’ve likely heard about IFrames. An IFrame (or “inline frame”) is a way to embed one webpage into another webpage, and most of digital advertising today is delivered onto the page through IFrames.

Fenced Frames work in a similar way — they hold content that is embedded into a page — but they are totally separate from everything else on the page. You can still embed ads on the page in the normal way, but advertisers’ ability to learn information about the user is shut off, significantly increasing user privacy.

The Trust Token API

Today, third-party cookies and other tracking technologies are very handy for detecting advertising fraud — where advertisers are misled into spending money to show ads to bots or on sketchy websites or to groups of users who are lower-value than they believe they’re paying for.

It’s critical that advertisers keep trusting digital media as a great channel, and without third-party cookies, there’s no established way to maintain this trust.

The Trust Token API helps authenticate real users without using any tracking technology to do that. 

It segments users into trusted and untrusted groups using a non-personalized browser token which means the individual user can’t be tracked — they’re just identified as being part of Group A or Group B.

For example, if you logged into your Yahoo Mail account, Yahoo could drop a Trust Token in your browser (because Yahoo knows you are a real user). When you visit other sites, that site could access that Trust Token and feel comfortable you are a real person and not a bot, without knowing any more information about you.

3. Ad performance: how do advertisers get accurate reporting?

Once ads are shown to users, advertisers need to be able to understand how effective the ads were. 

This is critical for proving return on investment and planning future spending. Advertisers have to know that digital advertising works well to continue investing in this channel.

Today, understanding ad performance relies on third-party cookies. To rebuild this important part of advertising, the Chrome team is proposing a few new standards, including the Aggregated Reporting API and the Conversion Measurement API. 

The Aggregated Reporting API and the Conversion Measurement API

The Aggregated Reporting API gives advertisers a privacy-conscious way to measure how many users saw a specific ad campaign. It turns information gathered across different websites into a single report.

The Conversion Measurement API proposes a new way to measure ad click conversions — how many users took an action based on an ad, whether that was buying a product, signing up for an email newsletter, or anything else the advertiser cares about.

Effectively, the browser itself stores information about which ads caused the user to do something. So if a user sees an ad for a pair of sneakers, and then buys those sneakers, the browser stores that information. After a time delay, the browser reports that information back to the advertiser (or their ad tech partners), but in a very limited form to mask who the user was.

4. User privacy: how do we keep user privacy at the center of it all?

Of course beyond advertising, the Privacy Sandbox is most importantly about user privacy! 

And in this bucket, we finally arrive at the actual, technical way to identify and remove third-party cookies.

The SameSite attribute

You might be surprised to learn that browsers actually struggle to tell the difference between a first-party cookie and a third-party cookie.

There isn’t currently a clear way for the browser to understand which type of cookie will be affected by all of these changes and which won’t!

Chrome’s SameSite attribute proposal addresses this gap, giving browsers the information they need to easily turn off the correct cookies. Website developers and ad companies will be required to mark third-party cookies with the attribute “SameSite=None”.

With this foundation in place, browsers will be able to effectively police cookie usage.

The Privacy Budget

Beyond third-party cookies, there are many other ways that companies can track users across sites right now. 

Browsers can reveal information like the IP address of the user, what fonts the browser supports, the version number of the browser, and more. Companies can stitch that data together into a “fingerprint” that can identify the user fairly well — and in an even more privacy-invading way than cookies! 

Chrome is developing a number of anti-fingerprinting technologies like the Privacy Budget that will get rid of these other tracking mechanisms.

The Privacy Budget puts a number around how identifiable a user is based on the information that gets shared with third parties and sets a maximum tolerance (or “budget”) for how much info is allowed. 

And Chrome is exploring ways to enforce this budget to minimize identifiable info that can be gathered and used to track individuals across the web.

Where do things stand today with the Privacy Sandbox?

It’s critical to note that all of the Privacy Sandbox proposals are a work-in-progress. 

Nothing is set in stone yet and as of now, there is no single working solution for replacing third-party cookies. 

Google has said repeatedly (like here and here) that they don’t plan to remove third-party cookies until they have an acceptable replacement. But what Google defines as “acceptable” may be very different from what the rest of the ad industry considers a success.

That’s why the pivotal next step is testing and experimentation. 

Google is setting up live tests for all of the Privacy Sandbox proposals:

  • The Trust Token API is currently in testing in Chrome, with some of our ad tech partners working with the browser team on ways to mitigate ad fraud. 
  • FLoC will be tested in Chrome v89, which is slated to release in March 2021.
  • The Chrome team has published FLEDGE (the first experiment of TURTLEDOVE), and testing for that will also start soon. 

Our ad tech partners are building out frameworks to measure the impact of these changes and independently confirm if the Privacy Sandbox proposals are successful or not.

And we’re working with both groups to test and provide crucial real-world feedback on how the Privacy Sandbox works — not just for massive corporations, major browser companies, or large ad tech firms — but for all digital publishers who create content consumers love..


Privacy Sandbox proposals have changed significantly over the past year and we expect them to continue to change in the future. Google appears to be taking feedback from the industry and adapting proposals based on that feedback and their own progressing research. 

Currently, we’re optimistic that the Privacy Sandbox ideas are strong and the technologies have the potential to work for advertisers and for publishers, but there’s still a long road ahead.

As Google rolls out more experiments and tests, we’ll be at the forefront making sure that they work for publishers and advertisers, and support the open web.