Google Responds to the IAB Tech Lab’s Scathing Privacy Sandbox Report: “It’s Full of Inaccuracies”

Google’s response to the IAB Tech Lab’s Privacy Sandbox analysis calls out several inaccuracies and the misconception that the Privacy Sandbox is a direct replacement for third-party cookies. 

Last week, the IAB Tech Lab released a comprehensive report detailing the challenges of Google’s Privacy Sandbox. 

IAB Tech Lab CEO Anthony Katsur stated that the Privacy Sandbox analysis report indicates the industry’s lack of readiness and identifies multiple hurdles to implementation due to limitations in achieving key advertising objectives. 

But it’s not like the Big G to stay quiet when industry stakeholders call them out, and understandably so. In response, Google thanked the IAB Tech Lab for showcasing their perspective but asserted that their “analysis contains many misunderstandings and inaccuracies, which we consider important to correct in order to provide accurate information to the ecosystem.” 

The IAB Tech Lab’s Concerns 

As the IAB Tech Lab mentions, embracing Google’s Privacy Sandbox marks a tremendous evolution in the advertising industry, diverging from the industry’s trajectory of the past 25 years. Yet, the advertising tech and standards organization believes the industry needs more time to prepare for these changes. From their point of view, Chrome prioritizes discrete components to support different use cases. Still, the IAB has reservations that Chrome can combine these components into a cohesive framework that offers a sustainable business foundation. 

The analysis revealed several key issues highlighting the challenges media companies, advertisers, and the broader industry face in adapting to Privacy Sandbox-mandated changes. For instance:

  • Essential Event-Based Metrics: Temporary support for essential event-based impression and click counting is followed by a shift to aggregated reporting, hindering bid loss analysis and complicating revenue reconciliation and troubleshooting.
  • Brand Safety Concerns: The new landscape introduces brand safety concerns, requiring advertisers to address potential threats to advertisement integrity and ensure alignment with desired contexts and values.
  • On-Browser Computing Implications: Google’s integration of an ad exchange and server within the Chrome browser necessitates significant re-tooling of the programmatic advertising ecosystem, impacting addressability, reporting mechanisms, ad rendering processes, bidding decisioning capabilities, and scalability challenges for the Privacy Sandbox.
  • Lack of Consideration for Commercial Requirements: Chrome’s active role in financial transactions and ad delivery raises concerns about Privacy Sandbox overlooking legal and business requirements, potentially leading to legal penalties and loss of trust from customers and partners.

Google’s Rebuttal

While Google pointed out the alleged inaccuracies of the IAB Tech Lab’s report, their primary concern was that the report overlooked the main goal of Privacy Sandbox, which is to improve user privacy while still backing efficient digital advertising. 

Google created Privacy Sandbox APIs to support business objectives while safeguarding user privacy. Big G did not intend to directly replace third-party cookies or cross-site identifiers, despite potential misconceptions.  As highlighted in the tech company’s press release, “to enhance user privacy effectively, recreating every current marketing tactic isn’t feasible, but adapting existing methods and innovating new ones can address business goals.” Although Google warns that this shift requires investment, effort, and collaboration, it’s both necessary and achievable.

Some industry stakeholders agree. “Beyond constructive criticism, it’s important to highlight that even though the Privacy Sandbox APIs may not provide a direct replacement for third-party cookies and mobile ad IDs, that should not be the ultimate goal. Instead, ensuring that the technology enables fair competition should be the priority for industry groups and regulators alike,” said Bosko Milekic, Co-Founder and Chief Product Officer at Optable.

The more in-depth Privacy Sandbox’s response to IAB Tech Lab’s analysis focuses on the Technical Assessment section, offering detailed commentary and clarifications across five programmatic advertising categories: Audience Management, Auction Dynamics, Creative Delivery and Rendering, Reporting, and Interoperability. 

The Inaccuracies

The Privacy Sandbox APIs support correcting assumptions or filling gaps in use cases. For instance, the claim in the report about the “Loss of Runtime Data for Brand Safety” is incorrect, according to Google. Unlike current practices, buyers still receive the page URL in ad requests. Moreover, during a Protected Audience auction, they can cross-check the seller-declared URL with the browser-declared URL for an additional brand safety measure. 

Specific use cases, like the assertion that “Interest Groups do not span across devices,” are not covered by third-party cookies, just as the Privacy Sandbox does not cover them. Proposals suggesting methods that could revive cross-site tracking and conflict with privacy objectives, such as the request for passing buyers’ signals to generate identifiable reports, are not aligned with privacy goals. 

Moreover, certain functionalities like “Look-alike modeling” may not be directly supported, but alternative approaches can fulfill similar objectives. For example, leveraging the Private Aggregation API to understand the aggregate behavior of a seed audience can serve the purpose effectively.

Despite both sides taking out their gloves, Chrome is welcoming additional feedback from the IAB and the industry at large to help improve Topics APIs. 

You can read the full report here.