The fame of third-party cookies is declining as users become more aware of their data usage. Likewise, technology is being updated to remove any hiccups. Not to forget that some regions of the world have passed specific privacy laws around the correct use of user data.
It all started with the introduction of ad blockers in the mid-2000s.
More recently, browsers like Firefox and Safari block third-party cookies to keep user data safe.
Following suit, in January 2020, Google Chrome announced that it would stop supporting third-party cookies altogether within the next two years.
The alternative to third-party cookies that Chrome proposed is called Privacy Sandbox.
Let’s unpack this alternative pathway in more detail.
What Is Google Chrome’s Privacy Sandbox?
Google Chrome’s Privacy Sandbox was introduced on August 22, 2019. It is a set of proposals (that are not cookies) submitted to provide a sustainable alternative to third-party cookies and improve user experience.
Google wants us to use new browser APIs for ad measurement, targeting, and fraud detection with this move. Privacy Sandbox aims to provide anonymity to user data and simultaneously allow advertisers to continue behavioral targeting.
Put simply; the Privacy Sandbox will enable user data to sit safely in the Chrome browser of individual users. Only Chrome will know about user interests and help advertisers target them (without sharing their data).
“For instance, an ad tech provider might call Chrome for a list of people who have visited a group of 100 sites, avoiding granular targeting. Or, Chrome might group people with similar browsing habits.”Sarah Sluis, AdExchanger.
Although the Privacy Sandbox is still at the development stage, it puts forward an entirely new way of how digital advertising will work now.
Chrome’s Privacy Sandbox will execute advertising processes in a restricted environment. Most of it will be implemented through browser APIs. The APIs will enable measurement and reporting on ad campaigns.
For those who don’t know, an API is a computing interface that initiates interaction between different software intermediaries. In the cookieless world, APIs will be used for transmitting browser data to entities working on serving the ads.
“The most significant item in the Privacy Sandbox is Google’s proposal to move all user data into the browser where it will be stored and processed. This means that data stays on the user’s device and is privacy compliant. This is now table stakes and the gold standard for privacy.”Amit Kotecha, marketing director at Permutive
Where did Dovekey come from?
TURTLEDOVE, SPARROW, and DOVEKEY are three of the web browser APIs in Google’s Privacy Sandbox and aim to serve as alternatives for third-party cookies.
TURTLEDOVE was first introduced as a privacy proposal. But due to its shortcomings, SPARROW was launched to overcome those shortcomings. Likewise, now we have DOVEKEY to deal with SPARROW’s limitations.
Here’s the complete breakdown:
Turtledove stands for Two Uncorrelated Requests Then Locally Executed Decision On Victory. It provides advertisers a method to retarget users without violating their privacy.
The highlight of TURTLEDOVE was that auction decisions will happen within the browser instead of ad servers.
TURTLEDOVE seemed to solve some privacy-related issues. However, APIs conducting auctions on browsers put unnecessary strain on the browsers’ bandwidth. Furthermore, TURTLEDOVE couldn’t provide clear answers on frequency capping, A/B testing, or brand safety.
SPARROW was an answer to TURTLEDOVE’s limitations. Introduced by Criteo, an ad tech company, SPARROW stands for ‘Secure Private Advertising Remotely Run on Web Server.”
Through SPARROW API, Criteo proposed that the auction processes, instead of being held in the browser, should be looked after by independent parties called ‘gatekeepers.’
The problem with SPARROW is the authenticity of ‘gatekeeper’.
Read more: All about SPARROW and Privacy Sandbox APIs
Dovekey was introduced as a response to SPARROW shortcomings in September 2020. It was submitted by the Google ads team.
The core feature of Dovekey is a third-party-key-value-server that is used to facilitate TURTLEDOVE’s bidding and auction process.
Dovekey can support the following use cases:
- Product-level ads
- Budget management
- A/B testing
- Incorporating browser-side signals
- Adding new inventory
- Fraud and security
In fact, Dovekey supports major use cases of SPARROW while eliminating its shortcomings. Some of the best selling points of Dovekey are:
- Guaranteed user privacy: The key-value server can be effectively implemented in a semi-private and private manner.
- Enhanced trustworthiness: The KV server supports well-defined functionality and establishes reliability through an open-source auditing process.
- Implement logic: Dovekey reduces the need to implement logic on an external ad server because the KV enables caching results of current bidding and control logic.
How does Dovekey work?
Dovekey can get most of the benefit offered by SPARROW bidding – even when the gatekeeper only acts as a basic lookup. According to Google, the gatekeeper in this scenario will be a key-value server – a simpler version of an ad server – that can be run both by Google and other third parties.
The gatekeeper will receive a “key” (an interest group or a contextual ad signal), and it will return a bid (value).
Dovekey will mainly cover the auction and bidding elements of digital ad buying. It will be useful for advertisers that want to utilize first-party data to retarget used in a restricted environment. It will not handle the measurement side of the ad equation.
Based on the information received so far, here’s the possible workflow of Dovekey:
- Step 1: The chrome browser will send a regular contextual ad request.
- Step 2: SSP will return the highest-bid contextual ads and derived contextual signals.
- Step 3: Chrome will construct a key-value by combining interest groups and contextual signal, and then send those keys to KV server
- Step 4: The key-value server will return all bids related to the requested keys.
- Step 5: The browser will run an auction between all interested group candidates that have been fetched from the winning contextual ad and the KV server
- Step 6: If a contextual ad wins, the browser will proceed to render the ads. When an interest group wins, the browser will send one more request to the KV server to collect the creative. Creatives can also be fetched ahead of time through interest group requests.
Ad Tech Industry Response to Dovekey
As of now, Industry professionals are discussing the worth of Dovekey.The improving web advertising business groups are still debating about:
- Interest group creation processes
- Key-value servers to handle bulky ad requests
- Potential gatekeeper entities
There’s a lot of ambiguity around the number of key-value servers that will be needed for processes at requests, when done at large. The jury is still discussing the type of entities that can be potential gatekeepers. Some professionals are placing their bets on SSP, while others are discussing cloud providers. There’s also the possibility of having multiple gatekeepers.
Dovekey is a potential solution to the eventual decline of third-party cookies in the Google Chrome browser. However, there’s a lot more to do and not enough time left to do it. That’s why Google is inviting industry feedback to improve web advertising further.
As of now, publishers should focus on building their first-party database. That way, they will be less dependent on the 3P data. Remember that once the Privacy Sandbox like Dovekey comes into existence, the Chrome browser will start playing an irreplaceable role and take center stage.
Hence, from tracking to targeting to improvement, every activity will rely on the browser. So, it is better to be prepared.