Podcast
Root Causes 277: Privacy Sandbox
Hosted by
Tim Callan
Chief Compliance Officer
Jason Soroko
Fellow
Original broadcast date
February 13, 2023
In the latest continuation of the effort to create better protections for consumer privacy while still enabling targeted advertising, Google has announced the Privacy Sandbox. In this episode we describe this latest foray, including concepts like k-anonymity and differential privacy.
Podcast Transcript
Lightly edited for flow and brevity.
Tim CallanI’m gonna take you back to Episodes 227, 228 and 229, which was about cookies, privacy and the various efforts that industry has made to allow targeted advertising to continue while at the same time preserving the privacy of individuals. And that’s some good back story to go back to but I think the short story on that is that there’s a lot of concerns about the existing cross sites cookies methodology and there have been efforts to try to find a way to preserve privacy but, of course, the problem is if you eliminate the ability to target messages and advertising then you really cut the knees out of the free internet business model. And people like the free internet business model. So how are we gonna deal with this. And so, the latest development in this regard, Jason, is an initiative sponsored by Google called the Privacy Sandbox. So what’s the Privacy Sandbox?
Jason SorokoPrivacy Sandbox is a continuation of, as you say, things we have talked about in previous podcasts. You’ve mentioned cookies. You mentioned the fact that those technologies which has been in browsers for a very long time, essentially you can think of them as client side trackers. Which have been used by all kinds of legitimate reasons and also if you want to call them legitimate reasons – marketing reasons. Basically, being able to track, hey, somebody with a certain set of interests who has been to certain websites. I know this because certain cookies exist and I can look up those cookies when that person chooses to browse to a certain website.
That basically upsets people because just the shear ability to track you and your browser. You do not look unique on the internet. Everybody, even though you might be using some standard web browser and you are browsing around, believe it not, the ability to track you is just unreal.
Tim CallanYou are not anonymous. You can be pinpointed down to an individual very close.Jason SorokoAbsolutely. And so a lot of concerns around that. The idea basically being cookies are just a privacy problem and we need to get rid of them. And marketers, of course, would say no, no, no. We love it. But it doesn’t matter. There have been initiatives now to get rid of cookies from the browsers. And so, we’ve heard of initiatives like Flock from Google.
We’ve podcasted on that previously. I think the Privacy Sandbox is the latest iteration of this. So let’s just touch on one of the reasons why Flock didn’t continue. And it was because Flock was a scheme to basically aggregate your interests and we’ve already touched on this topic already but the problem, of course, various privacy advocates out there – you can look up who they are – said, look, we are actually worried for certain kinds of interest groups that could then be targeted.
Because, yes, you are no longer maybe tracked down to an individual but individuals who might be a people of certain kind of target could be identifiable because of the way that they are being aggregated by the Flock scheme. And so that was deemed problematic. So the Privacy Sandbox does very similar, extremely similar things, to actually aggregate all of us into our interests. So marketers can figure out, hey, you like outdoors gear and I want to sell you some more of that.
Those kinds of things are going to happen and, Tim, I know you’ve been looking it up and I’ve been looking it up as well but this ecosystem seems to be quite large in terms of the various APIs and marketing technologies that are out there to figure out what should these aggregate buckets be. And so that I think is how they are addressing Flock, which is adding flexibility. And I could be wrong for this but I think that that’s really what they are doing is adding some flexibility to make sure that certain kinds of interest groups maybe are not targeted. They are looking very, very closely at the way things will be aggregated. The way it will be exposed. And so, I think at the surface, good move by Google to address the problem that Flock had. And great.
However… it’s kind of interesting. Google doesn’t usually fail too often in its initiatives and it has so far in its attempts to get rid of cookies overall. It isn’t just I don’t want to be tracked by marketers. I think that the Privacy Sandbox really the larger scheme of what Google is doing with the web browsing experience is what it might be troubling to those of us that are used to having a lot of freedom for how we like to consume our web content.
And there’s been ideas and I didn’t invent this idea, obviously, but, it’s this app storification of the web, Tim. So, you and I have talked about AMP, A-M-P, 2.0 by another scheme from Google. And so when you are consuming news, you click on a news link. Sometimes you are gonna be dropped into this AMP interface and you won’t even know what you are looking at because this is gonna be a bundled set of content that is signed by the author and then basically fulfilled to you in your web browser through Google. So, essentially, there’s two things happening here, Tim. You’re not leaving the Google world at all.
You are consuming third-party content. You are reading your news reader, news provider of choice. You are never leaving the Google experience. And that also means, I mean truly the experience because even the way in which that content is being shown to your eyes and formatted is controlled. And isn’t that interesting, Tim, because right now in most of your other browsers, you can decide how things are actually shown to you. You can use extensions in your browser to say, hey, I don’t want to see this graphic. I don’t want to see this advertisement. I don’t want to…and now because essentially signed content that where even the formatting is decided for you and you never even have the experience of being on right now you can go to Washington Post, New York Times. There’s a look and feel to the way that is and that will be controlled by Google.
So, some of these things like SXG, Web Bundles, AMP 2.0, Web Bundles being almost like a zip file idea for content to be coming from a single URL. I find it interesting because I guess the best analogy, Tim, is that when you are using a native application on your mobile device it’s a very controlled environment. When you drop into your web browser on your mobile device it’s Wild West.
It’s Wild West. Google seems to be – and I’ll choose that word “seems to be” because I never want to be absolute – Google seems to be in this mode of wanting to make the browser experience almost like a native app and that native app being Google.
Tim CallanSo that’s interesting. Let me play this back and make sure I’m getting it right because when you look at the Privacy Sandbox literature, they talk about these schemes they are using. They talk about differential privacy and k-anonymity and those things sound good in principle. Differential privacy is kind of you abstract it to the point where you can get the information you need to target somebody but you can’t get closer than that. K-anonymity means putting a number on it. So you say there are at least 10,000 other individuals who match you. So you can’t zero it down to someone. If you have a k-anonymity of three, that’s a problem. But when you kind of look at their message they are saying to world certainly there’s nothing built in there that says that the way we are gonna accomplish this is we are gonna control every aspect of your experience. But you are saying in terms of brass tacks, that is what it is turning out to be.
Jason SorokoI don’t think you can look at Privacy Sandbox without looking at the rest of what Google is doing is the point I’m trying to make. And I think, Tim, just before the podcast we were talking very, very briefly there’s a lot of pieces to this and I think that some of the things that touch on really hardcore privacy and things that touch on encryption, signing, signed packages, signed bundles, isn’t it interesting that we are going to be entering a world where who knows where your content is coming from. You might not even know. You might know who the author is. You might even be able to cryptographically verify that but the world in which the environment and the ecosystem in which you are consuming that is gonna be a very different world in the future if Google gets its way. So, therefore, we are not here to say, oh my goodness, there is evil going on. I think what’s important on this podcast, Tim, is lets really understand the privacy aggregation topic. What’s going on here? What they are really doing? There’s at least two to three major technologies that we should probably discuss.
Tim CallanWhich we should probably cut out into their own podcasts. We are not going to have time otherwise.Jason SorokoI’d like to re-review AMP 2.0 which is all about this signed authorship which is, hey, that applies to this podcast. Right up its alley. And then, let’s talk about SXG, Web Bundles. Let’s talk about how Google is putting all of this experience together. So, there’s really two aspects. There’s the privacy topics and then there’s the PKI encryption signing topics. And I think they are all applicable to this and I think that’s why some people are looking at this in the service going this is great. Get rid of cookies and I have this privacy scheme. On the surface sounds great and I think that’s how Google wants you to see it. But we are called Root Causes.Tim CallanThere might be some puts and takes to that. Like let’s get into them. At the same time, let’s not ignore the fact that until something else comes along, the problems with cookies will still be there. And so this could turn out to be a lesser of evils kind of choice.Jason SorokoIt probably is. However, get ready for your web experience to be different.Tim CallanThat’s interesting because I think that a lot of people are not gonna be sanguine about having their web experience limited or controlled or modified. That’s something we’ve all just really gotten used to over the course of our adult lifetimes or for many of us, our entire lifetimes and we are gonna have trouble giving that up.Jason SorokoTim, I’m not belligerent to Google and also not a fan. They are what they are. The thing about Google that I’ve seen in the past, especially when it comes to user interfaces is no matter what they will repeat over to you over and over again, no this is the right thing and you will like it. This is the right thing and you will like it. I suppose if they repeat it enough and then force it down your throat even if you don’t like it, you have to like it. And this might be the world we are entering. Who knows. But at least let’s stay intelligent about what is actually happening so that we can be informed consumers of these technologies.Tim CallanIt’s interesting because now if you are talking about living inside of somebody’s world, in the case of web browsers there are choices. You could use Edge. You could use FireFox. In the case of your mobile device, really practically, you get to live in one person’s controlled world or another person’s controlled world. Are you on Android or are you on iOS? And they are both controlling your world.Jason SorokoWell, with Android, that is a completely controlled Google world. And even with Safari on iOS, the thing is I’m still consuming AMP content and living in a Google world. So, Google has even got that figured out is what I’m trying to say. Your browsers will start to look like a Google native app.Tim CallanThat’s provocative. Let’s leave it there. We will return to this topic for sure.Stay informed with expert insights
Subscribe to Root Causes for engaging discussions on PKI, digital security, and best practices for protecting your organization's critical assets. Don’t miss an episode!
