← Blog
7 min
March 17, 2022

Get ready: Privacy Sandbox is coming to Android

Ever since Apple went all-in on user privacy, app marketers have been wondering – is Google going to follow? 

The answer is yes, Google will introduce certain privacy updates on Android. These updates are coming in the form of Privacy Sandbox. 

Naturally, mobile marketers have a lot of questions about it. Some of them are – what are the main changes? How does Privacy Sandbox compare to Apple’s privacy framework? What does it mean for mobile advertisers?

Let’s answer all of these questions and more.

Google Privacy Sandbox: from Chrome to Android 

Privacy Sandbox was initially announced in 2019 as a privacy-focused initiative for the Chrome browser. 

It was created with the goal of eliminating third-party cookies while making targeted advertising possible. This should be made possible by developing new technologies that protect user privacy.

Until February 2022, mobile marketers were not particularly familiar with this concept. This is when Google announced – Privacy Sandbox is coming to the Android ecosystem as well. Once it arrives, Google Advertising ID (GAID) will be completely eliminated. 

Essentially, GAID is the Android equivalent of web cookies and Apple’s IDFA. With it, advertisers are able to deliver personalized ads, track user behavior across apps and attribute installs and user actions. 

The loss of GAID will be a huge hit for mobile marketers. 

However, there is no room for panic. 

According to Google’s announcement, GAID is not going away for at least the next two years. During this period, Google plans on developing and testing its privacy solution for Android. 

In the long run, the main goal of the Privacy Sandbox is to develop technologies that don’t rely on any cross-app identifiers, including GAID. 

The main changes with the Privacy Sandbox

Just like its Chrome version, Android’s Privacy Sandbox is created to protect user privacy, but also the advertising ecosystem. 

To achieve this, Google has announced three important proposals: 

  • Showing relevant content and ads
  • Measuring digital ads
  • Limiting covert tracking

With this system in place, app advertisers should still be able to acquire quality users for their apps and measure ad performance, but with limited covert tracking. 

From a technical standpoint, this will be achieved with a combination of two things – a set of privacy-preserving APIs and an SDK runtime. 

Privacy-preserving APIs

To make advertising without cross-app identifiers possible, Google proposes using a set of APIs. This set is made out of three critical parts:  

  1. Topics 
  3. Attribution reporting 

Let’s explain the basics of all three.

Topics will work as a method of targeting users based on how they interact with other apps. Based on common interests, users will be put in groups with other users. This information will be stored on the users’ devices only, making it completely privacy-compliant. 

With FLEDGE, app developers will be able to define custom audiences they want to show ads to. These audiences will be formed by how users interacted with the developers’ apps and games, with the information stored locally. The result? Privacy-safe retargeting made possible. 

Finally, attribution reporting will enable campaign performance measurement without using user-level data. More on this one further in the article. 

SDK Runtime

Out of all Privacy Sandbox proposals, this is probably the most innovative one. The thing is, SDK Runtime will likely put an end to a big attribution method – fingerprinting. 

Here’s how. 

At the moment, SDKs from different ad networks and measurement partners are integrated into every app’s code. As such, they have the same permission levels as the host app and run in the same environment. This gives them access to device data, allowing them to perform fingerprinting.

With SDK Runtime, this will no longer be possible.

The SDK Runtime will separate the apps’ own codes from third-party advertising SDKs they use. These SDKs will work in isolated, secure environments and will have different permissions than the host. It will be up to the developer to define which permissions they want to give to third parties. 

Google’s Privacy Sandbox vs. Apple’s ATT

Since Google’s privacy framework follows Apple’s example, it’s only natural to compare the two. 

Before anything else, it’s important to understand the context of their privacy moves. 

Apple’s advertising business (Apple Search Ads) isn’t nearly as big as Google’s. It is also way less dependent on user-level targeting than Google’s services. For this reason, when Apple launched its privacy framework (ATT), this did not have a major negative impact on its revenues.

On the other hand, Google makes a living from advertising revenues. 

Therefore, if it made the same moves as Apple, this would drastically endanger its revenues. For this reason, Google is being very careful, trying to implement a more advertiser-friendly solution. 

The most significant distinction between the two? 

Apple’s ATT comes in the form of a prompt for accessing a user’s IDFA (Identifier for Advertisers). 

In the Privacy Sandbox, there won’t be such a thing. Here, all privacy limitations will be implemented automatically for all apps. This means cross-app identifiers will be eliminated for everyone, with no exceptions. 

Attribution Reporting and SKAN

Out of all the announced features of the Privacy Sandbox, attribution reporting is most comparable to Apple’s privacy features. 

The thing is, it strongly resembles Apple’s SKAdNetwork

Just like SKAdNetwork, attribution reporting will deliver rough, non-user-identifiable conversion data. 

The data from attribution reporting will come in two forms: event-level reports and aggregated reports. 

Event level reports will show advertisers if certain clicks/views resulted in conversions (e.g. in-app purchases). On the other hand, aggregated reports will bring in campaign-level data such as revenue, number of conversions, etc. 

Moreover, just like SKAN has Conversion Values, attribution reporting has “triggers”. 

Here, advertisers can access trigger data (trigger count and value) on the campaign, ad group, and ad creative level. This makes it much more granular than Conversion Value data, which is only available on the campaign level. 

Overall, Google’s solution seems to be a “new and improved” version of SKAN. We have yet to see if this will turn out to be true. 

How will Privacy Sandbox affect mobile advertising? 

There is no doubt – the Privacy Sandbox will have a tremendous impact on mobile advertising. 

What kind of impact? For now, we can only assume. 

One thing is for sure – the moment Google “kills off” GAID, this will be the end of deterministic attribution on Android. Also, as mentioned earlier, its SDK Runtime feature will probably end fingerprinting as a probabilistic attribution method. 

Then again, some things are less certain. 

For example, we don’t know if Topics and FLEDGE will really fulfill their purpose of delivering relevant ads to users.

Moreover, at the moment, there are many questions about the Privacy Sandbox mobile marketers don’t have clear answers to. For example – will Google Ads use it just like all other ad networks? Will deferred deep linking be possible? 

Hopefully, Google will provide us with answers to these questions in the near future. 

Considering the two-year development timeframe, it is obvious Google’s proposals are not set in stone. Based on the feedback from app developers and advertisers, Google will probably make some additional tweaks to its solution.

It is also possible Apple will get inspired by some of Google’s moves. If this happens, it will have a great impact on the whole mobile marketing ecosystem. 

All in all, mobile marketers should do everything in their power to get ready for the Privacy Sandbox. 

For starters, they can analyze their current Android user targeting and focus on contextual signals. Once Privacy Sandbox arrives, this can help minimize the potential negative effects. 

Don't wait unprepared

The future is privacy-centric, and the best thing you can do is to get prepared for it. In order to do this, you need to find the right solution and reliable allies. 

With Tempr.’s technology, you can predict and measure your UA journeys despite all the privacy limitations. If you want to know more about it, make sure you schedule a demo or sign-up for our newsletter.

Mathilda Sauer
Marketing Manager and Happiness Officer at Tempr.

Ready to take UA to the next level?

Predict the future of your advertising returns
Operate in different marketing channels at the same time
Scale around the clock with automation

Read next