People spend a lot of time talking about the Chrome Privacy Sandbox, third-party cookies and drama at the W3C.
But there’s rapid progress being made on the Android version of Privacy Sandbox.
In a blog post on Tuesday, Google said it plans to roll out the initial Privacy Sandbox beta to Android 13 mobile devices starting early next year. Google first announced the Android Privacy Sandbox less than a year ago, in February. Android 13 was released in September.
Once the beta starts, app developers and ad tech companies will be able to start more seriously testing many of the APIs within the Android Privacy Sandbox, and most of their names should sound familiar: Topics, FLEDGE, attribution reporting and SDK Runtime.
Android’s PETs
Topics, FLEDGE and the attribution API are all mobile app versions of the ads-related APIs currently being incubated, tested (and debated) within the Chrome Privacy Sandbox.
In a nutshell, Topics supports basic targeting without cross-app identifiers, FLEDGE allows for remarketing sans cross-app IDs and the attribution API is self-explanatory.
SDK Runtime, however, is unique to Android Privacy Sandbox – and it’s going to have a significant impact on the way third-party SDKs operate.
Time to run
Third-party SDKs are a key component of app and software development.
Developers use SDKs to add features and functionality, such as monetization, analytics and crash reporting, to their apps without having to write the code themselves.
But once embedded into an app, some SDK providers can use that access to collect and share data in an unauthorized and uncontrolled way with other third parties. Bad behavior on the part of certain SDKs has led to apps being booted from the App Store.
The SDK Runtime API within Android Privacy Sandbox isolates the execution of an SDK’s code from the rest of the app, effectively cutting off its ability to gather in-app data without explicit consent.
Although this feature will primarily affect what one might think of as the shady underbelly, any purveyor of an SDK, including larger companies, will be affected.
For example, what of AppLovin’s MAX SDK for mobile mediation or the ironSource SDK, now owned by Unity?
G’bye, GAID?
And here’s another unknown: What’s going to happen to the Google Ad ID?
Although Google has stopped short of saying it will do away with its advertising ID, in February, Google’s VP of product management for Android security and privacy, Anthony Chavez, pledged to “support existing ad platform features, including Ad ID, for at least two years” and to “provide substantial notice ahead of any further changes.”
It’s tempting to try and read between the lines.
To support something “for at least two years” – and there’s a little over a year left on that clock – begs the question: What happens after the two years are over?
Testing, testing
In the meantime, Google is encouraging developers to test the solutions within Android Privacy Sandbox and provide their feedback.
Google already released several developer previews of the Android Privacy Sandbox over the course of this year to gather early feedback, which it incorporated into the APIs now out for wider developer testing.
Developers and ad tech companies that want to test the Android versions of Topics, FLEDGE and the reporting attribution API need to go through an enrollment and verification process. They’ll also have to fill out a form to join the beta early testers program.
But SDK Runtime will remain in closed beta for select apps. Companies interested in kicking its tires will have to apply separately to participate.
