Google’s Chrome team on Thursday proposed a “privacy sandbox” that’s designed to give us the best of both worlds: ads that publishers can target toward our interests but that don’t infringe our privacy. It’s a major development in an area where Chrome, the dominant browser, has lagged competitors.
Browsers already include security sandboxes, restrictions designed to confine malware and limit its possible damage. Google’s proposed privacy sandbox would similarly restrict tracking technology, according to proposal details Google published.
The privacy sandbox is “a secure environment for personalization that also protects user privacy,” said Justin Schuh, a director of Chrome engineering focused on security matters, in a privacy sandbox blog post. “Our goal is to create a set of standards that is more consistent with users’ expectations of privacy.”
For example, Chrome would restrict some private data to the browser — an approach that rival Brave Software has taken with its privacy-focused rival web browser. And it could restrict sharing personal data until it’s shared across a large group of people using technologies called differential privacy and federated learning.
Privacy is a major concern among tech giants, with Apple leading the charge in many ways. The debate has proved challenging for Google, which offers useful, free services like search and Gmail that show ads. It’s also one of the biggest companies other website and app publishers use to show ads. The issue has been especially pointed for Chrome, where protecting our privacy is at odds with its ad business.
The privacy sandbox, the result of months of work by Google researchers, is a major step that, if it works and is accepted by websites and advertisers, could help Google out of its privacy pickle.
Targeted ads — those that are customized according to preferences websites and advertisers infer from our online behavior — are worth more to publishers. Google also released study figures that say publishers’ ad revenue drops 52% when browsers block the text files called cookies used to track our behavior target ads.
It’s good to hear Google talking seriously about privacy, said Brave Chief Executive Brendan Eich, who previously led Mozilla’s Firefox browser. But he also voiced skepticism about how successful Google’s effort will be.
“This looks like weak sauce in a misleading ‘privacy matters’ bottle,” Eich tweeted. Google is “the last entity to trust to forge a compromise.”
Tracker blocking becomes commonplace
Blocking cookies that track us across sites is becoming common. Apple’s Safari is the highest-profile browser that does so, with technology called intelligent tracking prevention. Firefox has begun blocking tracking by default, too, and Brave has done so since its launch in 2016. Microsoft’s new Chromium-powered Edge also will block tracking.
Another problem with blocking tracking cookies is that websites and advertisers continue to track us using technology called fingerprinting, which can identify us by particular browser details. All major browsers are working on approaches to block fingerprinting.
“Unlike cookies, users cannot clear their fingerprint, and therefore cannot control how their information is collected. We think this subverts user choice and is wrong,” Schuh said.
Online advertising has acquired a stigma because of privacy concerns. If you aren’t buying a product, you are the product, a popular saying goes. Translation: Free, ad-supported sites and apps survive by selling your personal data to advertisers.
But simply making everybody pay for everything brings other problems. News publishers are increasingly relying on paywalls that restrict free articles, but that also restricts their readership and means wealthier people have an easier time protecting their privacy.
“Blocking cookies without another way to deliver relevant ads significantly reduces publishers’ primary means of funding, which jeopardizes the future of the vibrant web,” Schuh said.
First published 7:20 a.m. PT.
Update, 9:49 a.m.: Adds comment from Brave.