Programmatic of Tomorrow or a DSP Utopia: Privacy Sandbox Explained

Like in a very cheap Hollywood B movie, third-party cookies have escaped the execution and are here to stay for a dozen sequels. Does that mean that gazillions of dollars spent on the Privacy Sandbox were pointless? Not quite.

In July this year, the rehabilitation of third-party cookies became a cold shower for the whole industry. Many assumed that the main reason is Google’s initiative to create a more user-private web with the Privacy Sandbox simply failed.

And while the Sandbox is very far from being perfect (even from being complete), it’s never that simple in ad tech. Today, let’s dig into the Privacy Sandbox. What is it? How does it work? What are its flaws and pros? And most importantly, how do our beloved DSPs fit into the picture?

What Is a Privacy Sandbox?

In simple words, Privacy Sandbox is a project launched by Google to solve issues related to Internet advertising, such as ad irrelevancy, lack of user privacy, and cross-platform tracking.

In more complex terms, Privacy Sandbox is a project designed to create new, privacy-focused methods for delivering targeted ads and measuring the success of ad campaigns.

How exactly? We’ll discuss all the protocols in detail a bit later. For now, you need to know that Google uses a set of privacy-preserving standards. These include differential privacy (adding noise to data to protect individual identities) and on-device processing (data is analyzed directly on the user's device instead of being sent to external servers).

The Story Behind the Privacy Sandbox

The tale of the Privacy Sandbox begins in 2018. Let’s have a short look at history.

Why Google Created the Privacy Sandbox

There are two major reasons for the birth of the Privacy Sandbox, and they are deeply connected.

The first is, of course, third-party cookies. You probably know what those are, but here’s a short course for the uninitiated.

Third-party cookies are basically HTTP trackers generated by your device and tracked by websites you’re not currently using. Unlike first-party cookies, which work only with websites you’re on and store your language preferences, shopping cart, or movie timecode, their primary purpose is advertising.

Obviously, having files that store your data to sell it later is quite creepy. But believe it or not, consumer privacy isn’t the only pitfall of third-party cookies.

Namely, cookies are limited to a single device and are often irrelevant to what the user actually searches for. So, instead of getting relevant ads, the user gets only irritation.

But let’s be honest: Google would never consider phasing out cookies without “external intermission.” The GDPR regulation introduced in 2018 strongly highlighted the major concerns above and recommended search providers to do something about it (or else!).

Safari and Firefox took action immediately, while Chrome, being responsible for 60% of the world’s digital ad spend, promised to change, but not right now. And so began the cycle of false promises.

The Timeline of Privacy Sandbox Development

We’re not an Internet archive, so let’s be quick with the events.

2019: Google announces the Privacy Sandbox, outlining plans to create a set of open standards to enhance privacy on the web. Google also promises to kill cookies sometime in the future.

2020: Introduction of Federated Learning of Cohorts (FLoC), a proposal to group users based on similar browsing behaviors instead of creating creepy profiles on each.

2021: Due to how badly it performed on tests, FLoC is replaced by the Topics API, focusing on user interests without detailed tracking.

2022: Google delays the phase-out of third-party cookies to 2024, citing the need for more time to develop and test alternatives. Privacy Sandbox is very far from release.

2023: Another delay is announced, pushing the deprecation of third-party cookies to 2025.

July 2024: Cliffhanger! Google reverses its decision, opting to retain third-party cookies and allow users to enable or disable them. According to IAB, “88% of industry professionals feel Google’s decision to reverse the phase-out of third-party cookies has caused major confusion in digital advertising.”

So, there we have it – one huge pile of mess. The cookies are here and aren’t going to leave anytime soon. The Sandbox is in development, although it literally contradicts its purposes. And surprisingly enough, Google has not even sued for gaslighting the industry since 2019, but they already have enough monopoly lawsuits on their hands.

What Does the Privacy Sandbox Consist of?

Our beast is all about APIs. Privacy Sandbox has seven faithful samurai APIs that determine the way it works. Trust us, almost each of these deserves its own article, but today, let’s make it quick.

1. Topics API

Topics is a literal replacement for third-party cookies. In theory, it’s like switching from Cola and starting drinking water. Instead of tracking the user’s journey across different sites and creating individual profiles, Topics gathers your interests in broader categories.

In practice, instead of “Steven visited toaster-lovers.com on Monday at 12 pm and spent 15 minutes there”, the advertiser gets “Steven is interested in Toasters.” The data about Steven is only stored for 3 weeks.

2. Protected Audience / FLEDGE (First Locally-Executed Decision over Groups Experiment)

In theory, the goal of Protected Audience is “to change how remarketing works.” In practice, it redefines how programmatic auctions happen.

We’ll dwell on the details in the next section, but for now, ad auctions run on the user’s device. Third-party tracking is prevented.

Here’s how it happens:

• The website uses the Protected Audience API to add the user to a remarketing audience stored on their device.
• When the user visits another website, the browser matches them with an ad from the brand (e.g., "20% off the toasters you viewed").
• The entire auction and decision-making process happens locally in the browser, preventing third-party tracking.

3. Attribution Reporting

Attribution Reporting is yet another antidote against third-party cookies. Its main mission is to allow ad businesses to track conversions without being data creeps.

To be more precise, this API lets measure conversions in the following ways:

• Ad clicks and views;
• Ads in a third-party iframe (ads on a publisher site that uses a third-party ad tech provider);
• Ads in a first-party context (ads on a social network or a search engine results page, or a publisher serving their own ads).

What does it look like? Very similar to Topics. Instead of “Steven bought three toasters at 12 pm on toaster-lovers.com,” the advertiser and publisher get “user, 10 clicks, 3 purchases.”

4. Shared Storage

As we’ve mentioned, the auction in Privacy Sandbox happens between the browser and the advertiser. Basically, it stores the data of this communication to later serve relevant ads.

It does the same thing as third-party cookies, but differently. The data is saved in a sandboxed storage area, which is much more strict. Advertisers cannot access or extract data directly; it’s only used for rendering decisions.

For example, a user interacts with a product configurator on Porsche’s website. The browser stores the custom configuration (e.g., leather seats, twin-turbo engine) in shared storage. This information is later used to display an ad showing their configured car on another site.

5. Private Aggregation

You won’t believe it, but the main point of Private Aggregation is to aggregate data in a private way.

How is it different from Attribution Reporting? Firstly, Private Aggregation isn’t limited to conversions; its scope is broad advertising metrics like reach and impressions. Secondly, it doesn’t focus on specific user actions; Private Aggregation’s main goal is wide campaign analysis.

In short:

• Attribution Reporting – measuring specific ad effectiveness;
• Private Aggregation – overall campaign analysis.

6. Privacy Budget

To be honest, its name doesn’t make much sense. The purpose of the Privacy Budget is to limit the identifiable information that can be collected about the user. Yes, just like most of the other Privacy Sandbox APIs.

But that’s actually the main goal. Privacy Budget limits the queries to ensure non-unique data like screen size and language settings can be accessed, preventing fingerprinting.

7. Private State Tokens

Last but not least is Private State Tokens. It’s the paladin of the Privacy Sandbox ecosystem.

Private State Tokens prevent fraud and bot activity. How does it work? A user logs into a trusted website, which issues a crypto token to their browser. Later, when the user visits an ad-supported site, the token verifies they are a real person and not a bot.

How Does the Privacy Sandbox Work with a Third-Party DSP?

Let’s keep it clear: there is no working (at least public) version of the Privacy Sandbox. Even Google’s own DV360 works just as it used to in the past. Still, the combination of APIs from above gives us a somewhat clear image of how it’s going to work.

Step # 1. User Visits a Website

The user clicks on a publisher's website. With Topics API, the browser determines the user’s interests (e.g., "Tech" or "Toasters") based on the user's recent browsing history. Privacy Budget prevents any other info from being collected.

Step # 2. Ad Request to the SSP

The publisher’s website sends an ad request to its SSP (Supply-Side Platform). Contextual page info and aggregated user interests (via Topics API) are included in the request. No user-identifiable data (like cookies) is shared! (at least, in theory)

Step # 3. SSP Forwards Request to DSPs

The SSP forwards the request to multiple demand-side platforms, including the third-party DSPs bidding for the inventory. Protected Audience API enables remarketing or audience targeting using on-device data (e.g., a shopping cart item stored locally).

Step # 4. DSPs Analyze the Data

DSPs evaluate the bid request using:

• Interest signals (from Topics API);
• Retargeting audiences (from Protected Audience API);
• Contextual page data.

The DSP calculates a bid amount based on relevance and campaign parameters.

Step # 5. Browser Runs the Auction

The browser (via Protected Audience API) conducts the final auction, locally combining bids from multiple DSPs.

Step # 6. Winning Ad is Served

The highest bidder’s ad creative is displayed to the user on the publisher’s site. Shared Storage API temporarily stores creative elements and some user data. Attribution Reporting API tracks clicks and conversions. Privacy State Tokens ensure that the deal goes securely.

Step # 7. Post-Auction Reporting

Advertisers receive campaign performance reports. Attribution Reporting API measures ad conversions (e.g., purchases). Private Aggregation API provides insights (e.g., "10,000 impressions, 1,000 clicks").

How Will DSPs Change?

As you can see, the basics of open programmatic auction are similar to what we have now, but the devil is in the details. The ways of data storage, targeting, and even analytics are completely different and will most likely require our beloved DSPs to change.

Once again, nobody tells us what exactly these changes should be or when they should happen. All we can do is to deduce stuff on our own with that little info we have. So, in theory, each DSP provider should:

Integrate all APIs

Obviously, every DSP should integrate each of the APIs above to make everything work. This may sound simple, but in reality, it’s very far from it. While Private Aggregation and Shared Storage aren’t that intimidating, Protected Audience fundamentally changes programmatic advertising, and we can only guess how it will fit in.

Collaborate with Publishers

While Google couldn’t pull the plug off third-party cookies, many other providers already did. The value of first-party data is as high as ever, so advertisers will need to work closely with publishers.

Participate in the Privacy Sandbox Testing

We recommend testing the Privacy Sandbox as soon as early alpha builds become public to get the edge over competitors.

Comply with Regulations

The Privacy Sandbox is a part of a larger trend toward a more private web. Once it’s rolled out, the eyes of all regulatory organizations will be glued towards how it works. So, follow the regulations.

What’s Wrong with Privacy Sandbox?

As you might have noticed, there is no full version of Privacy Sandbox at the moment. But even with what little info we have, Privacy Sandbox is roasted from multiple sides.

Just to name a few quotes:

“In its current form, the Privacy Sandbox may limit the industry's ability to deliver relevant, effective advertising, placing smaller media companies and brands at a significant competitive disadvantage. The stringent requirements could throttle their ability to compete, ultimately impacting the industry's growth.“ – Fit Gap Analysis for Digital Advertising by IAB “The challenge has been that the technical specifications are generally hard to follow, incomplete in places, and lack critical details concerning things like data limits, transmission guarantees, data-size limitations, latency, and how it’s going to perform?” – Anthony Katsur, CEO of IAB Tech Lab

The Future of the Privacy Sandbox

The general consensus is that, in theory, Privacy Sandbox is a great thing, but there are just too many problems and misunderstandings to view it as the future of advertising. Google has probably understood that as well, and thus, prolonged third-party cookies once again.

In any case, we hope that the technology will live to see the light of day. Ad tech needs to change in a better way.

We, for example, are already doing it with our Epom white-label DSP. Custom development and fraud protection ensure that you get the solution that fits the advertising of tomorrow.