Google’s sweeping proposals to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to late 2023, pushing back the project by nearly two years.
“While there’s considerable progress with this initiative, it’s become clear that more time is needed across the ecosystem to get this right,” Chrome’s Privacy Engineering Director, Vinay Goel, said Thursday.
In buying extra time, the search giant said it hopes to arrive at a consensus on the right solutions, while simultaneously engaging with regulators, and enabling publishers and the advertising industry to migrate their services to privacy-preserving technologies that prevent “alternative forms of individual tracking, and discourage the rise of covert approaches like fingerprinting.”
The revised timelines comes close on the heels of a fresh regulatory setback in the European Union, after the European Commission opened a wide-ranging investigation into Google’s digital advertising business to examine its “plans to prohibit the placement of third party ‘cookies’ on Chrome and replace them with the ‘Privacy Sandbox’ set of tools,” and assess its “effects on online display advertising and online display advertising intermediation markets.”
In a similar move, the U.K.’s Competition and Markets Authority (CMA) separately earlier this month announced that it’s taking up a “role in the design and development of Google’s Privacy Sandbox proposals to ensure they do not distort competition.”
Third-party tracking cookies have emerged as a point of privacy concern as the technology enables marketers and ad platforms to monitor user activity online as they hop from one website to the other for purposes of behavioral targeting. Apple’s Safari and Mozilla’s Firefox already block them by default.
Announced in January 2020, Google’s Privacy Sandbox aims to retire support for third-party cookies in Chrome with an alternative tool called Federated Learning of Cohorts (aka FLoC) that combines aggregation, anonymization, on-device processing, and other privacy-preserving technologies to classify users into cohorts based on their interests, which can then be used by the ad tech industry to tailor ads.
But the company’s ad tech overhaul has run into a number of potential concerns, with Mozilla noting that “the current design has a number of privacy properties that could create significant risks if it were to be widely deployed in its current form.” The Electronic Frontier Foundation (EFF) called it a “terrible idea” that creates new privacy risks.
Adding to Google’s woes, no other browser maker has committed to using FLoC, including those that are based on the open-source Chromium codebase such as Brave, Microsoft Edge, Opera, and Vivaldi. What’s more, an analysis from Digiday this month found that Amazon is actively blocking the cookieless tracking system from “gathering valuable data reflecting the products people research” across its namesake website, WholeFoods, Zappos, ShopBop, and Goodreads.
If anything, Google is in an unenviable position of having to balance demands for stronger user-privacy protections vis-à-vis its dominant role in multiple businesses — search, ad tech, and web browser — in the process, pitting these conflicting incentives against one other, and drawing the ire of privacy advocates, regulators, publishers, and advertisers alike.
“We believe that the Privacy Sandbox will provide the best privacy protections for everyone. By ensuring that the ecosystem can support their businesses without tracking individuals across the web, we can all ensure that free access to content continues,” Goel said.
“And because of the importance of this mission, we must take time to evaluate the new technologies, gather feedback and iterate to ensure they meet our goals for both privacy and performance, and give all developers time to follow the best path for privacy,” he added.