Android’s toothless “Privacy Sandbox” fails to answer iOS tracking limits

  News
image_pdfimage_print
A large Google logo is displayed amidst foliage.

Google is announcing the “Android Privacy Sandbox” today, a move the company says will be “a multi-year initiative” to introduce “more private advertising solutions” into Android. After Apple made tracking opt-in in iOS 14, Android wants to be seen as matching its main rival. Today’s announcement is in addition to existing ad systems, not a replacement for them, so this will probably be even less effective than the “Privacy Sandbox” for Chrome.

Apple’s tracking changes blew up the advertising industry and are already costing ad-based companies like Facebook $10 billion in revenue for the year. Google, the world’s largest ad company, doesn’t seem to want to do that on Android.

Here’s how Google addresses iOS 14 in its blog post:

​​We realize that other platforms have taken a different approach to ads privacy, bluntly restricting existing technologies used by developers and advertisers. We believe that — without first providing a privacy-preserving alternative path — such approaches can be ineffective and lead to worse outcomes for user privacy and developer businesses.

(Google did not explain how it thought Apple’s blocking of unique identifiers was a “worse outcome for user privacy.”)

That’s the setup for Android Privacy Sandbox. The specifics of Google’s plan are vague right now because even a beta version won’t be out until the end of 2022. The Android Developers site has some design proposals for what a privacy-preserving ad system might look like. The Topics API from Chrome is here, which will share a list of user interests with advertisers when they ask, so advertisers can show relevant ads. The new Android FLEDGE API tracks users’ behavior inside an app and throws them into groups for “custom audience targeting.” Google says developers will be able to create groups like “left an item in a shopping cart” and show those users certain ads.

So far, we’ve yet to cover anything that actually reduces tracking. For that, there’s the “SDK Runtime,” a sandbox for ad-related SDKs that Google says will “reduce undisclosed access and sharing of a user’s app data” for “compatible SDKs.” The idea is that developers could package a “runtime-enabled SDK” with limited permissions instead of a traditional ad SDK, which has all the same access as the main app.

Advertisers can opt-in to privacy improvements?

That bit about being a sandbox for “compatible SDKs” is the big catch for the SDK Runtime and the Android Privacy Sandbox. It’s optional. Chrome’s Privacy Sandbox, even if it is a watered-down privacy solution, is at least starting with the progress of blocking third-party cookies. The existing tracking methods in Chrome will be blocked, and Google is offering an alternative solution that will have some (again, watered-down) privacy benefits. Google has not announced plans to block or limit any existing tracking techniques on Android. Android apps have a lot more privileges than a website, and developers could choose to ignore this and include an ad SDK that does not use the SDK sandbox.

So while Google did not announce anything that will improve privacy today, it did hint at someday making a change. The blog post says, “we plan to support existing ads platform features for at least two years, and we intend to provide substantial notice ahead of any future changes.” Those “future changes” could theoretically improve privacy, but again, there is no commitment to do that. If anything, today’s blog post is a reassuring statement to advertisers that, while Apple blew up the mobile ad industry in 2021, Google is publicly committing to keep the cash flowing until at least 2024.

As for what an actual privacy-preserving solution might look like, apps can include whatever code they want, so a technical solution to ad tracking is hard to imagine. Like Apple, Google could artificially limit ad SDKs via the Play Store and declare that any app not using an ad SDK sandbox would be banned from the store. The Play Store regularly imposes limitations like this on apps: the minimum supported Android API level goes up every year, forcing developers to support the latest Android features and restrictions. Google also tried to use the Play Store to ban apps that use the accessibility APIs in ways it doesn’t like.

While Play Store enforcement would be a possible solution, Google would have a hard time limiting Android advertising without summoning the ire of regulators. Google already gave a “We’re also committed to working closely with regulators” shoutout at the end of its blog post, even without promising any actual restrictions.

Since Google is not making any privacy changes mandatory, it is basically asking advertising companies to voluntarily stop collecting data on users. If advertisers wanted to do that, they could make that change today. Advertisers don’t actually need to wait for a technical solution to be finished.

https://arstechnica.com/?p=1834723