News of Google’s decision to expand its Privacy Sandbox initiative to Android and its criticism of rival Apple’s privacy efforts on the mobile front has raised eyebrows at other adtech vendors.
The decision to carry through Privacy Sandbox to mobile devices was announced in a blog post on 16 February by Google VP of product management for Android security and privacy, Anthony Chavez. In the post, the executive said Google’s advertising ID approach to improve user privacy last year wasn’t enough and the search giant had decided to go further.
“Today, we’re announcing a multi-year initiative to build the Privacy Sandbox on Android, with the goal of introducing new, more private advertising solutions. Specifically, these solutions will limit sharing of user data with third parties and operate without cross-app identifiers, including advertising ID,” Chavez stated. “We’re also exploring technologies that reduce the potential for covert data collection, including safer ways for apps to integrate with advertising SDKs.”
Chavez used his blog to also take a swipe at Apple’s approach to blocking advertising as part of its privacy efforts, linking back to a study conducted by Lockdown Privacy last year into Apple’s App Tracking Transparency (ATT) and featured in the Washington Post which indicated ATT wasn’t preventing third-party tracking on mobile devices.
“We realise that other platforms have taken a different approach to ads privacy, bluntly restricting existing technologies used by developers and advertisers,” Chavez said. “We believe that – without first providing a privacy-preserving alternative path – such approaches can be ineffective and lead to worse outcomes for user privacy and developer businesses.
“Our goal with the Privacy Sandbox on Android is to develop effective and privacy enhancing advertising solutions, where users know their information is protected, and developers and businesses have the tools to succeed on mobile.”
Specifically, Google is proposing two key solutions in an Android environment in its initial design. One is ‘privacy-preserving’ APIs, which, like its Web solution, will use the concept of interest-based signals (Topics), to work out which ads to serve to relevant users. The vendor is also offering ‘Fledge on Android’ as a way of showing ads based on custom audiences defined by app developers and the interactions with their apps. Information and associated ads are stored locally, ensuring individual identifiers are only shared but not stored by external parties.
There is also a proposal for attribution reporting to measure conversion rate probability and invalid activity detection in order to better report on conversions from advertising that don't employ cross-app or device identifiers.
The other element of Privacy Sandbox for Android is SDK runtime, which proposes to have third-party app SDKs running in a dedicated runtime environment distinct from the app itself, that would incorporate permissions and data access rights to better safeguard data collection and sharing.
This all replaces the existing advertising ID approach, where Google Android users are given a unique identifier which developers can use to target in-app advertising.
Google said it’ll give at least two years’ notice on changes as it works to design, build and test these new solutions and will continue to support existing ads platform features during this period.
The news didn’t go down well with Lotame COO, Mike Woosley, who said it was “interesting” Google was taking credit for a harder stance on privacy and pointing to Apple’s execution as “sloppy” in its announcement.
“Google has been a giant half-step behind Apple on ‘privacy lockdowns every step of the way, whether it be the removal of third-party cookies or the lock-down of the mobile phone’s advertising ID,” Woosley claimed. “With third-party cookies, this latency is more than three years.
“Despite the charges of monopolism widely wielded, Google is still known for innovation. Using this release to say ‘we lockdown better and harder’ feels like a circular firing squad. The privacy positioning, while factitious, is a native part of Apple’s ethos, not Google’s.”
Woosley stressed the ongoing and authenticated relationship Apple and Google have with users continues regardless of third-party advertising and privacy approach taken.
“These companies ever and always know who you are while you are using their products. The need to use identity in marketing, which is critical for nearly all modern marketing, is not an issue for the dominant players,” he said. “These changes primarily effect the rest of the digital media industry: Those minor moons and satellites in orbit. Even Facebook has to go begging in this environment to the tune of US$10 billion in lost revenue.
“Every lockdown framed in privacy functions to further entrench the dominance of these players - and that is the real impact of these changes. The cover of ‘consumer privacy’ when it comes to ID technology, should always be viewed with cynicism and suspicion. Almost all laws and regulations around privacy allow the media and marketing industry to apply identity tools when consumers receive transparency and give consent. The removal of these tools make functional execution impossible, except via use and grace of those same dominant platforms.”
As previously reported by CMO, Google earlier this month revealed plans to abandon its former alternative approach to third-party cookies, called ‘FLoC’, in favour of ‘Topics’. This interest-based approach sees a consumer’s browser history determining their biggest interests in a handful of topics each week, such as ‘Fitness’ or ‘Travel and Transportation’, without intervention from Google servers or external insights. Topics are set to be kept for three weeks then deleted.
“Utilities such as Google ‘Topics’ only emphasise that Google can easily draw data synthesised from independent publisher traffic and avail it across domains,” Woosley continued. “The tools themselves are weak, chaotic in application and provide limited industry complexity or control. Their real impact is to serve as a feckless fig-leaf allowing those same dominant players to make a claim that they’re doing their level best, and that it is actually those industry regulators and overseers who are the real villains.”
LiveRamp senior VP of addressability and ecosystem, Travis Clinger, was less cynical of the pursuit of privacy. For him, Google’s extension of Privacy Sandbox to Android shows what should be evident to everyone in the industry today: There is no workaround when it comes to putting consumers and their privacy first.
As well as removing unauthenticated cross-app identifiers, such as the Android Advertising ID, LiveRamp noted Google is exploring technologies that reduce the potential for covert data collection, such as fingerprinting. LiveRamp expects Google to fully deprecate its AAID.
LiveRamp offers an alternative solution it calls ‘Authenticated Traffic Solution’, providing tools to recognise known users for advertising and retargeting purposes.
“Google continues to double down on its promise to consumers to uphold privacy and transparency,” Clinger commented. “This announcement reinforces the need for the ecosystem to move toward authenticated, first-party identity.”
You can also follow CMO on Twitter: @CMOAustralia, take part in the CMO conversation on LinkedIn: CMO ANZ, follow our regular updates via CMO Australia's Linkedin company page