What is the Privacy Sandbox?
5min • Last updated on Nov 3, 2025
Initially designed to replace third-party cookies in Chrome, Google’s Privacy Sandbox was officially discontinued in October 2025 due to limited industry adoption and increasing regulatory pressure.
📢 6 months earlier, through Anthony Chavez, VP leading the Privacy Sandbox project, the Mountain View giant had confirmed that Chrome would ultimately not phase out third-party cookies.
Yet, several years after Google’s first announcement, many professionals are still wondering about the future of marketing in a world without cookies:
How can brands run effective retargeting campaigns?
How can they deliver relevant personalised recommendations?
How can advertising platforms use lookalike algorithms if they can no longer reliably identify “digital twins”?
👉🏼 Originally intended to outline its rollout, this article explains what Google’s Privacy Sandbox was and how it worked.
Google announced the end of third-party cookies in its Chrome browser as early as 2020, but repeatedly postponed the deadline. 2024 was initially expected to mark the end of this long-running phase.
In August 2022, Google Chrome introduced its Privacy Sandbox in beta — an initiative designed to strengthen online data protection. Its goal was to gradually eliminate third-party cookies while helping marketers transition to new practices that would preserve their performance.
What was the Google Privacy Sandbox?
Cookies are small text data stored in the browser containing information about a visit. Most have no impact on privacy, as they serve to remember a user's preferences (dark mode, navigation language, etc.).
However, third-party cookies are JavaScript codes placed by domains different from the main site's domain. In short, major advertising networks (Meta, Google Ads, etc.) can track your journey across almost the entire internet, raising privacy concerns today.
Third-party cookies are used to track online behaviour and retarget customers
Google’s Privacy Sandbox was an initiative designed to phase out third-party cookies. Its aim was to develop technologies that protect user privacy and confidentiality (across web browsing and Android) while still enabling businesses to succeed in their digital activities.
👉🏼 Other solutions can be implemented to face the end of third-party cookies, including the implementation of APIs and first-party data collection and centralisation. Refer to our dedicated resources to learn more about these alternatives.
The project always struggled to gain traction. As early as 2024, many were already stating:
💡 The initiatives and technologies of the Google Privacy Sandbox are still in development and under discussion within the web community.
Google tests and iterates these proposals with the industry, standard-setting organisations, and privacy advocacy groups to find a balance between user privacy and the needs of advertisers and publishers.
More specifically, with its Privacy Sandbox, Google's major goals included:
Eliminating user concerns about their personal data by ending cross-site, cross-app tracking, and covert tracking techniques (such as fingerprinting)
Ensuring online advertising remains viable (notably to guarantee access to free content), without compromising privacy
Collaborating with companies for the development of these new technologies
💡 In computing, a "Sandbox" is a controlled and restricted environment, where data can be isolated to minimise the risk of misuse. For example, it's possible to run a program in a sandbox to conduct tests and verify its integrity before launching it elsewhere.
This is why Google uses this term for its solution!
How Did the Privacy Sandbox Work?
During its development, Google shared updates on the progress of the Privacy Sandbox (and the features it included) through the following online resources: Chrome and Android.
The development of these technologies followed fundamental principles like differential privacy, k-anonymity, and on-device processing to ensure that personal data not only remains anonymous but is also protected.
Differential Privacy: This is a system developed by Google to identify behavioural trends without disclosing confidential data about individuals or their affiliation to the underlying data set.
k-anonymity: This is a system for assessing the level of anonymity within a data set. With an anonymity level of k=1000, it becomes impossible to distinguish one person from the 999 others in the set to which they belong.
On-device Processing: Computing operations are carried out locally on a device without communicating with external servers. The idea is simple: third-party cookies will now remain in users' browsers and can thus evolve locally.
Google then proposed new interfaces (APIs) to advertisers for controlled information retrieval. For example, Google could prevent advertisers from retrieving too much data too quickly. The goal was to enable targeting of a group with shared characteristics, without making individual targeting possible (due to a lack of precision in the collected data).
Simultaneously, the Privacy Sandbox integrated artificial intelligence mechanisms operating locally to analyse interactions with advertisements and products, thereby identifying general trends without ever linking this information to specific individuals. These features were designed to strictly respect individual privacy while providing advertisers and publishers with useful and relevant insights.
Use Cases for the Privacy Sandbox
Measuring Conversions
The Attribution Reporting API was designed to measure the effectiveness of advertising campaigns without revealing user identity. It allowed advertisers to know if an ad led to a conversion (e.g., a purchase) without knowing the specifics of who performed the action. Specifically, it measured clicks and conversions after display.
This API provided features including cross-device and app-to-web attribution reporting, with two types of attribution reports:
Events reports linking an ad to conversion data (with limited data to ensure privacy)
Aggregate reports providing more detailed conversion data without being linked to a specific ad.
Selecting Ads
A major goal for an advertiser is to display the right ad to the right audience. Today, making an ad relevant to a user often relies on the person's interests. Ads are then selected based on browsing history. This is especially true for someone who has visited your website, for whom retargeting campaigns are highly relevant.
However, these techniques use third-party cookies to track an individual's web behaviour and will not be usable as such in the future.
The Privacy Sandbox therefore proposed alternatives to traditional retargeting and interest-based selection to tailor ads:
FLEDGE API (First Locally-Executed Decision over Groups Experiment)
This API offers a method for executing ad biddings and targeting directly in the user's browser, instead of on remote servers. The user's browser itself stores interests, making this API functional. FLEDGE includes mechanisms to limit the amount of information that can be inferred from a user's browsing history.
Topics API
The Topics API relies on Machine Learning to infer a person's interests from the names of recently visited sites. It thus enables targeting the right audience for a specific topic, without compromising privacy. Topics are stored for a short period, to limit the risks of creating a detailed and persistent user profile.
Preventing Fingerprinting
Fingerprinting is a technique for identifying and tracking a user's behaviour based on device information: user agent, screen size, time zone, language, operating system, etc. This technique is increasingly criticised because it is not transparent and cannot be controlled by users.
The Privacy Budget proposal limits the number of identifiers available (notably in JavaScript APIs and HTTP requests), reducing information collection about a user's device.
Fighting against fingerprinting also involves securing IP addresses. This proposal consists of two parts:
Voluntary blinding of IP addresses chosen by a website (making it impossible to connect a user to an IP address)
Routing traffic through a common private server for user groups (based on proximity)
Preventing Fraud
To combat online fraud, Google planned to introduce what it called "trust tokens" through the Trust Token API. A trust token can be placed on a user's browser based on their online behaviour. As the user navigates, various sites can verify this trust, confirming that the user is indeed human.
Conclusion
With growing concerns around privacy, third-party cookies are expected to gradually disappear over time. Yet many use cases still rely on them and on reliable journey reconciliation across the web: conversion measurement, interest profiling, retargeting, and more.
The Privacy Sandbox initiative aimed to enable effective online advertising while protecting user privacy. Now discontinued, this Google initiative encouraged advertisers and developers to comment on and refine its proposals (👉🏼 directly via these surveys).
The final transition was intended to happen gradually, with tools integrated directly into the Google Chrome browser.
However, it remains crucial to prepare today. Leveraging first-party data, having the right tagging setup, and adopting marketing automation and machine-learning solutions will soon be essential to deepen customer knowledge.
It's clear that transitioning to a cookie-less world won't be easy. Yet, this change is essential to ensure user respect. To prepare for it, feel free to contact us.
