wordpress blog stats
Connect with us

Hi, what are you looking for?

Google agrees to more transparency, consultation before rolling out its Privacy Sandbox

Its proposed alternative to third-party cookies had come under fire from online marketers and advertisers.

Google has agreed to multiple commitments involving greater stakeholder consultation, transparency, and slower speed on its Privacy Sandbox project, according to a press release issued by the United Kingdom’s Competition and Markets Authority (CMA).

Privacy Sandbox is a 2019 project by Google that restricts the use of activity-tracking cookies and instead, offers alternative tracking mechanisms outlined in a set of proposals that Google has dubbed ‘Privacy Sandbox’.  Multiple marketers and publishers had criticised the move for being anti-competitive and a complaint was filed with the CMA, which led to an investigation into the matter in January 2021.

After a round of public consultation, Google and CMA have agreed on new commitments that will be open for public consultation till December. Further, the company has said that if accepted by the CMA, these commitments would apply globally as well.

What commitments has Google made?

According to the press release, Google has offered to make the following commitments:

  • CMA-approved trustee: Improve the provisions on reporting and compliance, including by appointing a CMA-approved monitoring trustee.
  • Transparency in communications: Ensure that the CMA’s role and the ongoing CMA process are mentioned in Google’s key public announcements; instruct its staff not to make claims to customers which contradict the commitments; report regularly to the CMA on how Google has taken account of third party views;
  • Address stakeholder concerns: Address concerns about Google removing functionality or information before the full Privacy Sandbox changes, including by delaying enforcement of its Privacy Budget proposal, and offering commitments around the introduction of measures to reduce access to IP addresses.
  • Clarity on Google’s use of Privacy Sandbox: Clarify the internal limits on the data that Google can use and confirm its intent that it will continue to use it, as the third-party advertisers do in the future
  • Allow alternatives: Provide greater certainty to third parties developing alternative technologies
  • Duration of commitments: These commitments could be in place for 6 years, from the date of their acceptance by the CMA.

The CMA’s investigation into Google

In 2019, Google had announced the Sandbox saying that –

  • Targeted advertising was basically infringing on user privacy.
  • Referring to moves taken by ‘other’ browsers, it said large-scale blocking of cookies led to opaque measures of targetted advertising called ‘Fingerprinting’.

“With fingerprinting, developers have found ways to use tiny bits of information that vary between users, such as what device they have or what fonts they have installed to generate a unique identifier which can then be used to match a user across websites,” it said, adding that users cannot clear their ‘fingerprint’ and thus had no control over them.

  • But publisher revenues more than halved without cookies, it found.

Thus, Google said that it would be developing a set of standards “that advance privacy, while continuing to support free access to content” in consultation with the web community – a stance it repeated in early 2021 while welcoming the CMA investigation into the sandbox.

Grievance against the Privacy Sandbox

According to a report by TechCrunch, a complaint filed by a consortium of marketers with the CMA in late 2020 raised the following points:

Advertisement. Scroll to continue reading.

Increasing Google’s control: “Google’s dominant Chrome browser and Chromium developer tools (which together run on about 72% of UK computers) are currently being modified to give Google even greater control over how publishers, advertisers and other digital businesses can operate on the web,” the complaint said, referring to the sandbox. The sandbox would remove login, advertising, and other features from the open web and place them under Google’s control, according to the complaint.

Preferential treatment: “Critics say that despite its name, Google’s new technology has nothing to do with privacy, and everything to do with moving the whole digital advertising industry off the open web, where it supports numerous innovative technology businesses and allows publishers and advertisers to optimise revenue by dealing with the most efficient partners.” the complaint said.

Pausing the sandbox: The complaint wanted that Google’s implementation of the sandbox, initially scheduled to be in 2021, be pushed further to allow regulators to create “long term competitive remedies to mitigate [Google’s dominance]”.

US states object to Google’s Privacy Sandbox in lawsuit

Apart from the UK regulator, there have been issues raised with the sandbox in the US as well. An anti-trust lawsuit against Google, filed by 16 American states, says that the proposal will be applied in a manner that will block third-party cookies, but allow Google to track user activity on Gmail, YouTube, and Google Search; thus, shifting money from smaller advertisers, or non-Google players, to Google.

In September 2021, the Competition Commission of India’s investigation into Google had also reportedly held that Google was guilty of abusing its dominant position in the browser and search markets.

Also read:

Advertisement. Scroll to continue reading.

Have something to add? Post your comment and gift someone a MediaNama subscription.

Written By

I cover health technology for MediaNama but, really, love all things tech policy. Always willing to chat with a reader! Reach me at anushka@medianama.com

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Do we have an enabling system for the National Data Governance Framework Policy (NDGFP) aiming to create a repository of non-personal data?


A viewpoint on why the regulation of cryptocurrencies and crypto exchnages under 2019's E-Commerce Rules puts it in a 'grey area'


India's IT Rules mandate a GAC to address user 'grievances' , but is re-instatement of content removed by a platform a power it should...


There is a need for reconceptualizing personal, non-personal data and the concept of privacy itself for regulators to effectively protect data


Existing consumer protection regulations are not sufficient to cover the extent of protection that a crypto-investor would require.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ