Privacy Sandbox.

Google's umbrella initiative for replacing third-party cookies and cross-site identifiers with privacy-preserving alternatives — Topics, Protected Audience (FLEDGE), Attribution Reporting, and on-device APIs — under heavy regulatory and competitor scrutiny. It belongs to the Privacy & Data Protection category of cybersecurity.

Google's umbrella initiative for replacing third-party cookies and cross-site identifiers with privacy-preserving alternatives — Topics, Protected Audience (FLEDGE), Attribution Reporting, and on-device APIs — under heavy regulatory and competitor scrutiny.

Privacy Sandbox is Google's multi-year initiative, launched in 2019, to replace third-party cookies and other cross-site identifiers in Chrome and Android with a family of purpose-built, on-device, privacy-preserving APIs while keeping the ad-supported web economically viable. The web-side APIs include Topics (browser-derived interest categories), Protected Audience (FLEDGE, previously TURTLEDOVE — on-device remarketing auctions), Attribution Reporting (browser-mediated conversion measurement with noise), Shared Storage and Fenced Frames (cross-site state in a privacy-bounded form), and Trust Tokens / Private State Tokens. Android-side counterparts include Topics, Attribution Reporting, and SDK Runtime. The U.K.'s Competition and Markets Authority has supervised Privacy Sandbox since 2022, with Google committing to behavioral remedies; in July 2024 Google announced it would keep third-party cookies in Chrome with a new user-choice mechanism rather than deprecate them, while continuing Sandbox APIs alongside. For privacy and AppSec teams, Privacy Sandbox is a major architectural change that needs site-by-site impact assessment.

Defences for Privacy Sandbox typically combine technical controls and operational practices, as detailed in the full definition above.

Common alternative names include: Google Privacy Sandbox.