The Android Privacy Sandbox—What Is It, How Does It Work, and What Can You Expect

In 2022, Google announced that Privacy Sandbox will be expanded to the in-app environment. Google’s Privacy Sandbox on Android, or simply the Android Privacy Sandbox, is a natural progression of Google’s broader privacy efforts. It’s designed to provide users with greater control over their data and privacy, while still giving marketers the tools they need to connect with users and sell their products.

This article will explain how the Android Privacy Sandbox works and what impact it will have on in-app marketing campaigns.

In this article you will learn about:
  • What the Android Privacy Sandbox is.
  • How the Privacy Sandbox on Android works.
  • Why the Android Privacy Sandbox is a powerful in-app marketing tool.
Last Updated:
Published:

What is the Android Privacy Sandbox? 

The Privacy Sandbox on Android was created to enable privacy-friendly ads that were still effective enough for advertisers to want to use. The Android Privacy Sandbox has three main goals: 

  • Enhance user privacy—allows users to enjoy their app experience without needing to worry about how their data is being collected and used. This is specifically achieved by eliminating tracking mechanisms and blocking covert tracking techniques like fingerprinting. 

  • Keep online content free—advertising is the foundation of the entire internet, including the mobile app landscape. By ensuring that advertising is effective and privacy-friendly, the Android Privacy Sandbox will help ensure that access to a wide range of apps remains free and not behind a paywall. This is particularly important for people in less wealthy countries. 

  • Industry collaboration—Android has always maintained a strong focus on open-source collaboration, and the Android Privacy Sandbox is no different. The goal is to invite a variety of stakeholders to help define better user privacy standards for apps that work for all ecosystem participants. 

Rather than being a single product, the Android Privacy Sandbox is a collection of specific propositions. The exact number of active APIs varies, but there are currently four main design proposals that form the backbone of the Android Privacy Sandbox:

SDK Runtime APITopics APIProtected Audience APIAttribution Reporting API

Provides a safer way for apps to integrate with third-party advertising SDKs.

Enables privacy-friendly interest-based advertising personalization.

Serves customized retargeting ads without sharing user data with third parties.

Ensures there are accurate ways to measure and optimize ad performance without sharing user data.

The Android Privacy Sandbox is already available for use, but the specific proposals and SDKs are under constant development and improvement. 

Why was the Android Privacy Sandbox implemented? 

Ever since we founded the Private Ads team in 2019, RTB House has been working on ways to implement the proposals of the Privacy Sandbox, both in the web and mobile environments. This effort has resulted in some of our proposals being implemented into the Privacy Sandbox. 

We opted to focus on this broader ecosystem, as it was clear that they have never been just about third-party cookies and the web environment, but also the mobile environment. For evidence of this, you need to look no further than the statement by the Information Commissioner’s Office (ICO), Elizabeth Denham, an authority that Google brings up on many occasions:

“I am looking for solutions that eliminate intrusive online tracking and profiling practices and give people meaningful choices over the use of their personal data. My office will not accept proposals based on underlying AdTech concepts that replicate or seek to maintain the status quo.”

Reading through individual proposals within the Privacy Sandbox, like FLEDGE (now known as Protected Audience API), the Topics API (previously called FLoC), and Attribution Reporting API (also known as ARA), work using similar principles in both web and app environments. They are also based on the idea of “what happens on the device, stays on the device,” which sounds very similar to what Apple has heralded for years now. 

So, how dedicated is Google to Privacy Sandbox on Android? Well, the company has shared a vast array of material, including: 

In terms of specifics, apart from announcing the expansion of the Privacy Sandbox to Android, Google confirmed the will to limit sharing user data across apps, including the advertising ID. This is a major blow to entities building cross-app user profiles and enriching them with external data. They will lose a key data point to identify users. 

It is worth noting that in their releases, Google acknowledges the need to address in-app advertising to support the mobile economy. In contrast, Apple significantly limited the availability of identifiers used for advertising without proposing an alternative. While significantly more complex than today’s technology, Google’s solutions will eventually lead to delivering relevant advertising to users, which will preserve advertising effectiveness on a comparable level while improving privacy protection. One of the mechanisms aimed at improving privacy in the web Privacy Sandbox is called “Fenced Frame,” which aims to isolate the ad placement from the publisher. Plans for a similar mechanism were announced for the app environment.

While Google has not yet shared any specific timelines, the beta of the Android Privacy Sandbox is already available. There is no specific announcement regarding when the AAID rollback will begin, but we can be fairly certain that it will happen after the withdrawal of third-party cookies is complete.

Who benefits from the Android Privacy Sandbox?

Google’s approach to the app environment benefits three key stakeholders in the mobile economy: 

  • Users will benefit because they will see relevant content and ads without being identified individually. 

  • Publishers will benefit because they will be able to monetize their inventory without privacy concerns. 

  • Advertisers will benefit because they will be able to reach the right audience without worrying about users turning against them due to privacy worries. 

What are Google’s next steps for the Privacy Sandbox on Android? 

The success of the Android Privacy Sandbox will hinge on a few key actions on Google’s part. First, Google should explain the differences between the web and app propositions. In the Android Privacy Sandbox, the ad auction will involve bidding on interest groups. While it is not yet present, k-anonymity is planned for Q2 2024. Additionally, it’s unclear to us what happened with some of the industry-proposed extensions, which were very positively received and included in the web proposal. We believe it may be an oversight from the Android team.

When it comes to testing and feedback in general, there are questions regarding what the forum for discussion will be this time around. The World Wide Web Consortium (W3C) is a key forum for discussion regarding internet-related changes but does not generally touch on the in-app environment. Perhaps an answer to that would be a new forum focusing on specific proposals, like Protected Audience API or Topics API across environments. 

The development of the Privacy Sandbox for the web is a great example of how industry cooperation can improve the initial proposal. In that case, it was improving the original Turtledove with, among others, Product-level Turtledove and Outcome-based Turtledove, which significantly improved its usability and level playing field when implemented in the proposal’s second iteration, FLEDGE(now known as PA API).

There’s also the regulatory aspect. Quite recently, the Competition and Markets Authority (CMA) accepted Google’s final commitments on the development of the Privacy Sandbox.

What happens next? 

Moving away from user-level targeting was the only option to meet the privacy requirements so important in today’s digital ecosystem. We are glad that Google has focused on providing an alternative for AAID, and we will certainly engage in refining it. As one of the most active contributors to the web-based Privacy Sandbox, we feel much better positioned to advocate for the needs of our clients in the mobile environment than other AdTech players without such an experience.

We are also waiting for Apple to start a similar initiative to support market needs and not only focus on its limited advertising solutions.