Google today said it will extend the testing period for its Privacy Sandbox APIs. This means that the elimination of third-party cookies in Chrome will be postponed for the time being. The company is still looking for a way to balance user privacy with the interests of businesses online. More time is needed "to assess and test the new privacy sandbox technologies before eliminating third-party cookies in Chrome," according to the Google blog. Accordingly, the deactivation of these cookies should start in the 2nd half of 2024 at the earliest.
After the European Court of Justice ruled in 2020 that the former Privacy Shield on data protection between the EU and the U.S. was insufficient, it was often no longer possible to use online offers from the U.S. without restrictions for data protection reasons. This affected online trade between the two continents, as companies were not allowed to store the data of Europeans in the USA. This could now soon come to an end. US President Joe Biden and EU Commission President Ursula von der Leyen announced the introduction of a Trans-Atlantic Data Privacy Framework. This is intended to allow the flow of data between the two continents once again. On the one hand, the United States commits to implementing new safeguards to ensure that personal data of EU citizens cannot be read by intelligence agencies unless it is necessary and proportionate to protect national security. In addition, EU citizens will be able to seek redress if they believe they are being unlawfully targeted for intelligence activities, according to a White House statement.
What does this mean for advanced store?
As it stands, our ability to serve ads outside of Europe is limited because there is no regulation between the EU and the US. For example, we cannot use DSPs or SSPs with some advertisers that do not host their data within the EU. In addition, the bureaucracy involved in working with non-EU advertisers is enormous. This means less sales for us and therefore less revenue for us.
That's why we have high hopes for a new edition of a Trans-Atlantic Data Protection Framework. "The Trans-Atlantic Data Privacy Framework is a liberating blow for the European Digital Economy. The current status was characterized by uncertainty and a step backwards for the free Internet, said advanced store CEO Marc Majewski. "We are convinced that the new regulation now accommodates all stakeholders and will be sustainable for the longer term in the future."
The Belgian Data Protection Authority (APD) apparently classifies the Transparency Consent Framework of IAB Europe as insufficient in terms of the GDPR. Because the existing cookie consent banners do not sufficiently inform users about the use of their data and are not transparent enough, the IAB must improve the TCF. It now has two months to do so.
In its decision, APD judges the IAB Europe to be responsible for the registration and co-responsible for the dissemination of TC Strings (digital signals with user preferences) as well as for the subsequent processing of personal data within the TCF. In a factsheet, the IAB comments on the decision of the data protection authority, against which it now intends to take action.
While last year FLoC - a method of storing user behavior in the browser and forming interest groups with similar browser data - was the big thing as a replacement for third-party cookies, Google has now said goodbye to this approach. Instead, the focus is now on developing the Topics API.
As the name suggests, Google uses browsing history to evaluate the topics that seem to be of particular interest to the user. Based on this, the user then receives suggestions and can select topics on which he or she would like to see advertising. All this happens only in the browser of the respective end device, so that the user would have the option to choose different areas of interest on each device. The selection is saved for three weeks. The user can view and edit the selected topics via the browser settings. If he does not select anything, he will be shown random ads.
A spectre is haunting the industry, the evil word "cookiecalypse" keeps popping up. The end of third-party cookies seems inevitable. But it will not come as quickly as initially feared. This gives the industry time to rethink old strategies and develop new ones.
There will be a streamlining of existing technologies and it will open the way for new ones. It is even possible that the end of third-party cookie tracking will be reconsidered, because there is definitely resistance to it. The last word has not yet been spoken in this matter. Therefore, advanced store is optimistic about the future of tracking, because even without third-party cookies, there will still be opportunities to target users with advertising and to deliver campaigns efficiently.
It is true that advertisers are dependent on "global players" like Google. Overall, however, the advertising sector is only one part of the online business. Work is already underway on a wide variety of data protection-compliant solutions for the time after the "cookiecalypse". To paraphrase the words of German chancellor candidate Annalena Baerbock: bans can also be drivers of innovation. A ban on third-party cookie tracking will inevitably lead to the industry having to develop other ways to best reach users and track transactions.
However, we are faced with two problems that need to be approached differently: How do we reach the appropriate target group (audience targeting) and how do we measure the resulting conversions? There are already various solutions for both questions.
There was already a lot of excitement in the run-up to the introduction of TCF 2.0, but the implementation succeeded. advanced store is a recognised "IAB registered vendor" of the framework and supports the standardised solution for processing GDPR-compliant data consent. The IAB Europe is now tightening its measures to control compliance with the TCF agreements. Repeated violations threaten exclusion from the framework.
So now third-party cookies are no longer to be accepted by browsers in order to use, among other things, users' view data for conversion purposes. Google is already working on a solution with the "Privacy Sandbox": "The Privacy Sandbox initiative is developing innovative, privacy-centric alternatives for key online business needs, including serving relevant ads," it says on the Privacy Sandbox website. At Google, they are certain that "relevant advertising and monetisation do not have to be sacrificed in favour of a private and safe web browsing experience". However, the introduction of the Privacy Sandbox has meanwhile been pushed back further. Originally announced for 2022, the end of third-party cookies is now set to be heralded in mid-2023 and will be completed by the end of 2023 after a three-month transition period. "For Chrome specifically, our goal is to have the key technologies ready by the end of 2022 so that the developer:inside community can adopt them then. [...] Chrome could then phase out third-party cookies over a three-month period - mid to late 2023," the Google blog outlook said.
Until major market players like Google provide alternatives, Chrome will continue to allow third-party cookies - as can be seen from the recent deadline shift and the various solutions being pursued by the Web Incubator Community Group (WICG).
Proposed solutions (Google) under development:
When it comes to measuring view and click data, Google is relying on "privacy-focused techniques" such as aggregating information, adding noise and limiting the amount of data when creating the Chrome Conversion API, according to the Google blog. "In the coming months, Google Ads teams will continue to explore how the planned conversion measurement APIs can be used in conjunction with Google's measurement products to support use cases such as reporting view-through conversions, determining incrementality and reach, and attribution."
The most promising development currently, in our view, is that of conversion measurement API and first-party sets. But here, too, an agreement on a uniform standard of the various browser providers is necessary in order not to rely on isolated solutions.
It may come down to a central first-party data strategy solution from Google and its countless services. Google could also win the race in international competition in the measurement of views and clicks with its Chrome Conversion API. However, this would essentially contradict what the EU data protectionists actually want to achieve, as it would give the US corporation the greatest power over the data and its processing. After all, the purpose behind all measures is to protect the user's personal data.
But therein also lies the opportunity to improve the quality of the data collected. If only those users who are willing to receive offers tailored to their interests agree, the likelihood that they will also make a purchase increases. "Black sheep" in the industry who do not want to protect user data would gradually disappear. So instead of banning cookies completely, they could be made more controllable and "white lists" could be created for reputable providers.
"Advertising has always existed and will always exist. The (data protection) regulations separate the wheat from the chaff. Black sheep' in the industry will have a harder time, quality providers will prevail" (advanced store CTO Fabian Hübner).
advanced store is therefore relatively relaxed about the change that will inevitably come. For the time being, there will be no complete shutdown of third-party cookies, so there is still enough time to develop solutions that satisfy both data protection and the interests of advertisers.
Related links to the topic:
Google Privacy Sandbox: https://privacysandbox.com/
Google Blog: https://blog.google/intl/de-de/
IAB Europe: https://iabeurope.eu/
TCF 2.0: https://iabeurope.eu/tcf-2-0/