Google has agreed to multiple commitments involving greater stakeholder consultation, transparency, and slower speed on its Privacy Sandbox project, according to a press release issued by the United Kingdom’s Competition and Markets Authority (CMA).
Privacy Sandbox is a 2019 project by Google that restricts the use of activity-tracking cookies and instead, offers alternative tracking mechanisms outlined in a set of proposals that Google has dubbed ‘Privacy Sandbox’. Multiple marketers and publishers had criticised the move for being anti-competitive and a complaint was filed with the CMA, which led to an investigation into the matter in January 2021.
After a round of public consultation, Google and CMA have agreed on new commitments that will be open for public consultation till December. Further, the company has said that if accepted by the CMA, these commitments would apply globally as well.
What commitments has Google made?
According to the press release, Google has offered to make the following commitments:
- CMA-approved trustee: Improve the provisions on reporting and compliance, including by appointing a CMA-approved monitoring trustee.
- Transparency in communications: Ensure that the CMA’s role and the ongoing CMA process are mentioned in Google’s key public announcements; instruct its staff not to make claims to customers which contradict the commitments; report regularly to the CMA on how Google has taken account of third party views;
- Address stakeholder concerns: Address concerns about Google removing functionality or information before the full Privacy Sandbox changes, including by delaying enforcement of its Privacy Budget proposal, and offering commitments around the introduction of measures to reduce access to IP addresses.
- Clarity on Google’s use of Privacy Sandbox: Clarify the internal limits on the data that Google can use and confirm its intent that it will continue to use it, as the third-party advertisers do in the future
- Allow alternatives: Provide greater certainty to third parties developing alternative technologies
- Duration of commitments: These commitments could be in place for 6 years, from the date of their acceptance by the CMA.
The CMA’s investigation into Google
In 2019, Google had announced the Sandbox saying that –
- Targeted advertising was basically infringing on user privacy.
- Referring to moves taken by ‘other’ browsers, it said large-scale blocking of cookies led to opaque measures of targetted advertising called ‘Fingerprinting’.
“With fingerprinting, developers have found ways to use tiny bits of information that vary between users, such as what device they have or what fonts they have installed to generate a unique identifier which can then be used to match a user across websites,” it said, adding that users cannot clear their ‘fingerprint’ and thus had no control over them.
- But publisher revenues more than halved without cookies, it found.
Thus, Google said that it would be developing a set of standards “that advance privacy, while continuing to support free access to content” in consultation with the web community – a stance it repeated in early 2021 while welcoming the CMA investigation into the sandbox.
Grievance against the Privacy Sandbox
According to a report by TechCrunch, a complaint filed by a consortium of marketers with the CMA in late 2020 raised the following points:
Increasing Google’s control: “Google’s dominant Chrome browser and Chromium developer tools (which together run on about 72% of UK computers) are currently being modified to give Google even greater control over how publishers, advertisers and other digital businesses can operate on the web,” the complaint said, referring to the sandbox. The sandbox would remove login, advertising, and other features from the open web and place them under Google’s control, according to the complaint.
Preferential treatment: “Critics say that despite its name, Google’s new technology has nothing to do with privacy, and everything to do with moving the whole digital advertising industry off the open web, where it supports numerous innovative technology businesses and allows publishers and advertisers to optimise revenue by dealing with the most efficient partners.” the complaint said.
Pausing the sandbox: The complaint wanted that Google’s implementation of the sandbox, initially scheduled to be in 2021, be pushed further to allow regulators to create “long term competitive remedies to mitigate [Google’s dominance]”.
US states object to Google’s Privacy Sandbox in lawsuit
Apart from the UK regulator, there have been issues raised with the sandbox in the US as well. An anti-trust lawsuit against Google, filed by 16 American states, says that the proposal will be applied in a manner that will block third-party cookies, but allow Google to track user activity on Gmail, YouTube, and Google Search; thus, shifting money from smaller advertisers, or non-Google players, to Google.
In September 2021, the Competition Commission of India’s investigation into Google had also reportedly held that Google was guilty of abusing its dominant position in the browser and search markets.
Also read:
- Delhi High Court higlights Google’s double standards in its ad policies
- Google’s fine upheld in EU antitrust case about its comparison shopping service
- Google antitrust lawsuit part 4: Why Google’s Privacy Sandbox isn’t just about privacy
Have something to add? Post your comment and gift someone a MediaNama subscription.
