Data Protection

A cy­ber in­sur­ance loss study in Con­tin­ent­al Europe

Ex­pert leg­al ad­visers

Ex­pert leg­al ad­visers in Africa

Last year, Google an­nounced the in­tro­duc­tion of its Pri­vacy Sand­box, an ini­ti­at­ive with a mis­sion to “cre­ate a thriv­ing web eco­sys­tem that is re­spect­ful of users and private by de­fault”. As part of this ini­ti­at­ive, Google has pledged to re­move sup­port for third-party cook­ies from its ad net­works and Chrome plat­form. From Google’s per­spect­ive, this is a pos­it­ive step for­ward: third party cook­ies are used to track users across the In­ter­net and their re­mov­al will make it more dif­fi­cult for ad­vert­isers to do this. In­deed, Google it­self states on its Ads and Com­merce Blog that “[p]eople shouldn’t have to ac­cept be­ing tracked across the web in or­der to get the be­ne­fits of rel­ev­ant ad­vert­ising. And ad­vert­isers don't need to track in­di­vidu­al con­sumers across the web to get the per­form­ance be­ne­fits of di­git­al ad­vert­ising”.So, what does this mean for ad­vert­isers who still want to tar­get users? Well, Google will re­place its sup­port for third-party cook­ies with an AI sys­tem called the Fed­er­ated Learn­ing of Co­horts (or “FLoC”) which (as ex­plained by the Elec­tron­ic Fron­ti­er Fed­er­a­tion):…uses your brows­ing his­tory from the past week to as­sign you to a group with oth­er "sim­il­ar" people around the world. Each group re­ceives a la­bel, called a FLoC ID, which is sup­posed to cap­ture mean­ing­ful in­form­a­tion about your habits and in­terests. FLoC then dis­plays this la­bel to every­one you in­ter­act with on the web. This makes it easi­er to identi­fy you with browser fin­ger­print­ing, and it gives track­ers a head start on pro­fil­ing you.Thus, in­stead of identi­fy­ing users in­di­vidu­ally, Chrome will place users in­to co­horts based on their brows­ing habits and al­low ad­vert­isers to tar­get their ads to these co­horts, rather than in­di­vidu­als. This means that ads will be de­livered to users in a more an­onym­ous way, without (ac­cord­ing to Google) in­hib­it­ing the abil­ity of ad­vert­isers to de­liv­er those ads in a tar­geted way. So, every­one is happy, right?Well, no - not every­one is ex­cited by this pro­pos­i­tion. In­deed, crit­ics have warned that the use of FLoC by Google still means that users will be tracked to some ex­tent while they browse on­line. Fur­ther, there is con­cern that group­ing users in­to co­horts could res­ult in dis­crim­in­a­tion again cer­tain groups if, for ex­ample, sens­it­ive at­trib­utes (such as race, sexu­al ori­ent­a­tion, dis­ab­il­ity, etc) are used as the basis for group­ing. It is also worth re­mem­ber­ing that Google has only com­mit­ted to re­move sup­port for third-party cook­ies; its sup­port for first-party cook­ies will con­tin­ue.In ad­di­tion to the pri­vacy con­cerns, the UK’s Com­pet­i­tion and Mar­kets Au­thor­ity (“CMA”) has launched an in­vest­ig­a­tion in re­la­tion to the Pri­vacy Sand­box to as­sess wheth­er the changes could cause ad­vert­ising spend to be­come even more con­cen­trated on Google’s eco­sys­tem at the ex­pense of com­pet­it­ors.  With the CMA in­vest­ig­a­tion and these oth­er cri­ti­cisms, Google has now an­nounced that it is delay­ing the full im­ple­ment­a­tion of the Pri­vacy Sand­box un­til late 2023.  In the mean­time, Google is still tri­al­ling FLoC in se­lec­ted coun­tries so we will have to wait and see how ef­fect­ive it is as a pri­vacy-pre­serving al­tern­at­ive for both users and ad­vert­isers alike.