Google’s plan to drop third-party cookies in Chrome crumbles
Google no longer intends to drop support for third-party cookies – the online identifiers used by the ad industry to track people and target them with ads based on their online activities.
In a Monday post, Anthony Chavez, VP of Google’s Privacy Sandbox, revealed that the search and ads giant has come to understand that its five-year effort to build a privacy-preserving ad-tech stack requires a lot of work and has implications for online advertisers – some of whom have been strident in their opposition.
“In light of this, we are proposing an updated approach that elevates user choice,” wrote Chavez. “Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web browsing, and they’d be able to adjust that choice at any time.”
The Privacy Sandbox – a suite of APIs for notionally privacy-protecting online ad delivery and analytics – will co-exist with third-party cookies in Chrome for the foreseeable future.
And instead of phasing out third-party cookie support in the Chrome browser next year – subject to testing that started in January – Google intends to let Chrome users choose whether to play in its Privacy Sandbox, or in the adjacent land of data surveillance where third-party cookies support all manner of information gathering.
It remains to be seen whether Chrome’s interface for choosing between its Privacy Sandbox and traditional third-party cookies will be less confusing than the widely criticized “Enhanced ad privacy in Chrome” popup that heralded the arrival of Privacy Sandbox APIs in Chrome last year.
“This is a clear admission by Google that their plan to enclose the Open Web has failed,” declared James Rosewell, co-founder of Movement for an Open Web (MOW). “Their goal was to remove the interoperability that enabled businesses to work together without interference from monopolists, but a combination of regulatory and industry pressure has put paid to that.”
Google described its goal for the Privacy Sandbox years ago, in different terms: “We want to find a solution that both really protects user privacy and also helps content remain freely accessible on the web,” claimed Justin Schuh, then the director of engineering for Chrome.
But the concern raised by MOW and other ad industry critics was that Google’s Privacy Sandbox, in conjunction with the data signals it gets from signed-in Chrome users, would give it access to ad-relevant information that rivals could not access.
Google began working on its Privacy Sandbox project in 2019, around the time Apple and Mozilla (before it became an ad biz too) committed to protecting users against trackers and began blocking third-party cookies by default.
By 2021, Google’s plan prompted an investigation by the UK’s Competition and Markets Authority (CMA), urged on by foes of the ad industry like MOW. As a result of that investigation, in 2022 Google agreed to a set of commitments to accommodate competition.
To further complicate matters, Google’s initial attempt to do without third-party cookies fell short and failed to provide the promised privacy. Technical setbacks and regulatory pressure led Google to delay its plan to phase out third-party cookies in Chrome.
Now it won’t happen at all.
The UK’s CMA announced it would not publish its quarterly update on Google’s compliance at the end of the month, following the Chocolate Factory’s announcement, and has invited interested parties to submit comments by August 12.
“We intervened and put in place commitments in 2022 because of concerns that Google’s Privacy Sandbox proposals could distort competition by causing advertising spend to become even more concentrated on Google’s ecosystem at the expense of its competitors,” a CMA spokesperson explained.
“We will need to carefully consider Google’s new approach to Privacy Sandbox, working closely with the [Information Commissioner’s Office] in this regard, and welcome views on Google’s revised approach – including possible implications for consumers and market outcomes.”
Lena Cohen, staff technologist for the Electronic Frontier Foundation – an advocacy group that has consistently criticized the Privacy Sandbox proposal – lamented Google’s decision to back away from its deprecation plan.
“This is an extremely disappointing decision that really just highlights Google’s commitment to their own profits over users’ privacy,” Cohen told The Register.
“Safari and Firefox have blocked third-party cookies by default since 2020 and Google has been pledging to do the same since then. So I think that this reversal, after years of delays, is just a consequence of their advertising-driven business model, which relies on pervasive user surveillance.”
Cohen noted that researchers and regulators have already found that Privacy Sandbox failed to meet some of its own privacy goals. “Third-party cookies are an even more invasive form of online tracking than Privacy Sandbox,” Cohen said.
“So the fact that Privacy Sandbox didn’t enable enough online surveillance is pretty alarming. It just shows that this advertising ecosystem incentivizes really invasive collections of user information. This is why EFF has been advocating for years for a ban on behavioral advertising, because this is the sort of surveillance that it incentivizes.”
Separately, Cohen penned an EFF statement on Monday urging Chrome users to install the advocacy group’s Privacy Badger browser extension – to opt-out of Google’s Privacy Sandbox. ®
READ MORE HERE