Google's replacement to third-party cookies "far from being private"

 In this photo illustration, a silhouetted woman holds a smartphone with the Google Chrome logo displayed on the screen.
(Image credit: Photo Illustration by Rafael Henrique/SOPA Images/LightRocket via Getty Images)

In a bid to reduce the use of third-party cookies, last January Google Chrome announced a new advertisement system for minimizing online tracking as part of its Privacy Sandbox initiative.

Google's Protected Audience API now enables on-device auctions by the browser in order to tailor you relevant ads without sharing your information and browsing activities with third parties.

So far so good, on paper at least. According to adblocker and VPN service provider AdGuard, however, this solution is "far from being private" as it will de-facto transform the browser into an ad auction tool instead. Let's see what this means for your privacy.

Half privacy solution

"If you read somewhere that the mere use of Protected Audience API solves any problems and makes behavioral targeting GDPR compliant—that's not true," Andrey Meshkov, AdGuard co-founder and CTO, told me.

Despite recognizing that Google's new mechanism is "somewhat better" in terms of privacy, he thinks that its real capabilities are significantly different from how it has been advertised.

Did you know?

Internet cookies technology graphic with tracking website surfing on screen and cookies on background.

(Image credit: Shutterstock)

A web cookie is a tiny snippet of code that gets stored on your browser every time you access a website. While some are essential to customize your digital profile—like billing address and payment method on ecommerce platforms, for example—others can be way more intrusive with the purpose of spying on your online activities even after leaving the website. Advertisers used the latter type to tailor the ads you see online. Check our explainer on web trackers to know more.

So, how does Google's Protected Audience API promises to protect your online privacy?

Traditionally, advertisers used to track you all around the web to understand your interests via your online behaviors. This helped them to then display you the best ads according to what you previously searched for or clicked on online. 

Now, as the big tech giant explains, the new API uses so-called interest groups to allow the different sites to display ads that are relevant to their users. It works by letting your web browser join these groups, bid for ad space and display the winning ad at last.

That's exactly where AdGuard feels there's an intrinsic issue with Google's new ad system. 

For carrying out these operations, explains the provider, your Chrome will need to run various scripts and ads in the background for contacting the owner of the interest group and get updates on bidding activities. Even worse, perhaps, this will occur without the user’s knowledge or consent—something that some commentators believe might go against EU GDPR rules.

"Trying to structure this and implement a new mechanism specifically for advertising use will certainly be more private than the old one," Meshkov told me. "But, in reality, we get only a slightly more private alternative to cookies."

See more

Google's move doesn't come in a vacuum, but it's rather part of a larger trend among notorious data-hungry web browsers in enhancing users' privacy. "This involves a simple thing: actions that used to be performed on the server are now being moved to users' devices," said Meshkov. 

Apple opened the path in this direction with its so-called Private Click Measurement on Safari, now known as UIEventAttributionView. The solution takes the form of a Webkit development to enable "privacy-friendly tracking." This means that, instead of completely replacing third party cookies, the system only prevents the collection of some sensitive personal data.

"Unlike Apple, Google decided not to move in small steps, offering alternatives for small parts of the advertising ecosystem," Meshkov explained. "Instead, they are trying to offer a "local" solution, which transfers the most important thing, the mechanism of the advertising auction, directly into their browser."

Put it simply, he explains, what Google aims to do is too complex in practice to enable the provider to protect users effectively. The web browser is now the center of the ecosystem, in fact. This means that Google Chrome must store all your information locally, maintain contacts with advertisers and deliver the necessary details to the entities involved in the process.

In the light of the aforementioned privacy risks, AdGuard decided to suppress Google’s Protected Audience API for users who have its Tracking Protection filter enabled. The team is also working on further ways to safely disable the API and educate users about its risks.

The provider even put together a demo site to better illustrate its concerns. You can use it to check whether or not advertisers might still be able to keep showing you ads based on your personal data instead of some aggregated signals—simply access the website and follow the instructions.

Chiara Castro
Senior Staff Writer

Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com