Google’s Privacy Sandbox is privacy quicksand

Share this page

Google has already taken privacy washing to the extreme by trying to brand itself as “privacy focused”, even though its business model is based on surveillance.

Lately, the company’s marketing strategy has turned toward outright Orwellian doublespeak with a new feature called “enhanced ad privacy” which actually enables the company to monitor your behavior in new and monopolistic ways.

You might have seen this “ad privacy feature” in Chrome via a popup inviting you to turn on “ad topics”, which allegedly protects your browsing history and identity. (In some regions, the feature is opt-out(new window).) In fact, the feature doesn’t offer any privacy whatsoever and does not prevent Google from tracking and identifying you.

All it does is block some third-party cookies (which other browsers already do by default), while continuing to collect your data and repackage it for targeted advertising.

The messaging around this feature — part of the company’s new “Privacy Sandbox” initiative — is Google’s most disingenuous statement since its CEO said(new window) “privacy is at the heart of everything we do.” 

The Privacy Sandbox is more like privacy quicksand: It seems safe, but you should avoid it at all costs.

What is Privacy Sandbox? 

In 2019, Google announced(new window) that “privacy is paramount to us”, and resolved to create ways to target you with relevant ads without the use of tracking cookies or device fingerprinting. Google developed these new methods publicly with ad-tech vendors over multiple years and called this initiative the Privacy Sandbox(new window).

Google framed the Privacy Sandbox as a way to give people more control over their privacy. But considering the timing of the initiative and the business incentives involved, it’s very hard to believe privacy was the company’s real motivation.

Apple had already begun to filter out third-party cookies(new window) on Safari browser in 2017, and Mozilla’s Firefox began blocking trackers by default(new window) earlier in 2019. These moves dealt a blow to Google’s main revenue source: targeted ads based on your online behavior, as revealed through tracking cookies. (Learn more about cookies.(new window))

Google had two options in 2019. It could do nothing, and Google Chrome would remain the only major browser still allowing tracking cookies. This would have been a bad look in the face of rising public distrust of Big Tech. Or it could block cookies in Chrome and effectively destroy its own business model.

Google didn’t like either of those options and invented a third, the Privacy Sandbox, in which Chrome blocks third-party cookies while continuing to monitor people’s web browsing. Instead of letting websites watch you, Google does the watching. Then it infers your interests, bundles you “anonymously” into groups of people with similar interests, and sells your attention as a package to advertisers. (Websites may still be able to identify you(new window).) 

Why is this bad?

Google is basically tricking people. It’s telling over three billion Chrome users — more than half the world’s adult population — that the things they do online are private. And it’s a lie. The things they do online are visible to Google, which is enriching itself from the deception.

If this doesn’t bother you, it may be because online surveillance feels abstract or impersonal. But that’s hardly the case. Imagine placing a camera over your shoulder and livestreaming your computer screen to a Google server. That’s functionally the same as using Chrome while logged in to your Google Account.

And Google refers to this as “enhanced ad privacy”. 

The deception has another layer of abuse that goes beyond privacy. Not only is Google taking your data, it’s taking your agency. Privacy implies the freedom to choose what happens to you. Google is advertising its products as private in order to give you the illusion of choice and extend the life of its lucrative business model a few more quarters. 

If Google were truly concerned about your privacy, wouldn’t it turn off surveillance by default and let you “choose” to turn it back on?

Google has crossed a line with Privacy Sandbox. If you want true privacy, switch to online services that are end-to-end encrypted and block ad tracking by default.

Switch to real privacy

We created Proton on the premise that the future of the internet is at stake. It’s up to each of us whether the internet remains a tool for companies to concentrate our data into their own hands for profit, or becomes a platform rooted in fundamental rights and freedom.

Proton is building encrypted services that actively prevent companies, including ours, from accessing your data. 

We started with email — your online identity — so that you can protect your communications and online accounts behind end-to-end encryption. More than 100 million people have joined our community, and we continue to develop more tools that give you control of your data, from your photos and documents to your account passwords and calendar events. Our VPN(new window) service blocks online trackers(new window) and protects your browsing activity from internet service providers. We’ve also compiled a list of privacy-focused web browsers that will protect you better than Chrome.
We’re working to build a world where the word privacy still means something and your data is truly yours. Make the switch.

Protect your privacy with Proton
Create a free account

Share this page

Ben Wolford

Ben Wolford is a writer and editor whose work has appeared in major newspapers and magazines around the world. Ben joined Proton in 2018 to help to explain technical concepts in privacy and make Proton products easy to use.

Related articles

At Proton, we’re always working on new and innovative ways to protect the privacy and data of the Proton community. Sometimes that means developing entirely new services, like our Proton Sentinel program, which combines AI and human security analysts
How to unsend an email in Gmail, Outlook, Proton Mail, and Apple Mail
“Undo Send” gives you a chance to stop an erroneous message you’ve just sent. We’ve all done it. You hit Send on an email only to spot you’ve misspelled someone’s name, forgotten an attachment, or accidentally sent a cringing joke to half your conta
Last week, the UK government made a statement in the House of Lords acknowledging that portions of the controversial Online Safety Bill might not even be technically enforceable without breaking end-to-end encryption. This rightly received a lot of a
What is email spoofing?
Email spoofing is a technique attackers use to make a message appear to be from a legitimate sender — a common trick in phishing and spam emails. Learn how spoofing works, how to identify spoofed messages, and how to protect yourself from spoofing a
Google Chrome is the world’s most popular web browser by far, with over 3 billion users. Its built-in password manager, Google Password Manager, is its default software to create and store passwords for websites and services. Although convenient for
OpenPGP, the standard defining how to encrypt and sign messages using PGP, the most widely used email encryption format, received a major upgrade, introducing various security improvements and more modern cryptographic algorithms. PGP has been used