Privacy Sandbox & Universal IDs: Like Oil & Water?

While the technology behind Google’s Privacy Sandbox proposals is complex and constantly evolving, the premise (as we know it today) is simple: move targeting from a third-party cookie to a group (or cohort) of browsers. For much of 2020 these cohort-based approaches appeared to be the future of advertising in Google’s platforms, but in 2021 is that still the case?

Privacy Sandbox Recap

As most of you know, Google announced the Privacy Sandbox, in August 2019, as a set of proposals to replace third-party cookies in three key areas: 1) interest-based targeting, 2) remarketing, and  3) campaign measurement. The Sandbox has generated significant interest because Google Chrome holds a 55% market share of internet browsers. 

Of consequence to publishers from a monetization perspective are FLoC and FLEDGE. The FLoC proposal will replace third-party cookies in interest targeting and FLEDGE is how remarketing will work once third-party cookies are depreciated. 

From Cookies To Cohorts, But Wait…

The key premise of the Privacy Sandbox is it moves identity from Cookies to Cohorts. Some have been rightly concerned that a pivot from one-to-one marketing to one-to-many would impact performance, to assuage these advertiser concerns and keep their publishing clients happy Google said they would continue to support first-party cookies from publishers  (Publisher Provided IDs, or PPIDs for short).  

In January this year, Google stated in a blog post titled Building a more private web that  “Once third-party cookies are phased out, we will not build alternate identifiers to track individuals as they browse across the web, nor will we use them in our products.”

This was consistent with their previous comms and it really appeared that the writing was on the wall for Universal IDs in Google platforms. In March similar comments were made during Google’s EMEA web, although this time specifically with reference specifically to Google’s buy side platforms only.

Then the rumors started to circulate. There was a relatively cryptic Google Ad Manager blog post titled Helping publishers thrive in today’s privacy environment that stated Google would “provide publishers with the option to share encrypted signals with bidders” and that Google “will not be able to read or decrypt the signals” they would act as an intermediary.

Many were not sure what this meant, but the whispers that Google’s stance on external IDs might not be as binary as some had initially thought grew louder. Could it really be that the world’s largest publisher ad server was going to support Universal IDs after all?

Cookies Are Dead. Long Live Universal IDs

A couple of weeks ago, the rumors were addressed in a blog post titled Privacy-First Advertising On The Web by Chetna Bindra, Group Product Manager, User Trust and Privacy, Google. In this post it was confirmed that Google “Are experimenting with tools that enable publishers to share encrypted signals, such as first-party identifiers or third-party identity solutions directly with the partners of their choice.” 

That Google would support first-party identifiers that are typically distinct to a domain was well known, that their platform was testing support for third-party identity solutions (often referred to as Universal IDs) was confirmation of something that is fairly staggering, Google Ad Manager is testing the support of cross-domain tracking that occurs on a 1-2-1 basis. 

But Google did not confirm who they were testing this with, but should this feature be launched it effectively means that 1-2-1 cross-domain tracking is permissible in a Google product (Ad Manager) as long as it does not happen using a third-party cookie.

Cohorts & 1-2-1 IDs: Like Oil & Water?

The big question is, with so much industry change is this stay of execution for Universal IDs a welcome move and does it even make sense to combine cross-domain tracking with Cohorts?  

I think that depends on who you ask. Privacy advocates would likely say cohorts and Universal IDs that work across domains are like oil and water, they just don’t mix. Conversely, advertisers who use these universal IDs and AdTech partners who offer Universal IDs like TTD, iD5, and Criteo will likely welcome this move. I think sentiment amongst publishers will vary based on their scale and the depth of relationships they hold with their customers.

So Is It A Good Thing?

My personal view is cohort and 1-2-1 cross-domain tracking make for strange bedfellows, but equally I understand Google is in a tough spot. From a consumer’s perspective, keeping content free from the publishers they love by allowing advertisers to use either privacy preserving cohorts, or 1-2-1 data from sites they have a relationship with feels like a fairly reasonable compromise, but of course, some AdTech businesses were left out in the cold by this. 

The move to allow Universal IDs to be passed from Google Ad Manager to buying platforms is a better solution for independent AdTech than the one above, but it does feel like it will lead to poorer outcomes from a privacy perspective for end users. Some will see Google mixing cohorts with 1-2-1 cross domain tracking as Google snatching defeat from the jaws of victory.

It is worth noting that in Google’s blog post they said they were experimenting with these features, we have already seen with the Privacy Sandbox that change has been one constant since their announcements in August 2019, so it may well be that this is a feature that never makes it out of beta testing. Either way, the next 12 months are likely to be the most interesting (and at times most challenging) in the last decade.