Third-party cookie deprecation truly is a tale of “The Boy Who Cried Wolf.”
After delaying its self-imposed deadline to drop cookies on Chrome twice, Google announced on Tuesday it will push its cookie deprecation deadline for the third time – after promising it wouldn’t.
Google says it isn’t really dragging its feet or trying to circumvent signal loss, only that industry and regulatory pressure make it impossible to move forward on the current timeline.
In an official statement, Google said the UK Competition and Markets Authority (CMA), the antitrust regulator keeping close tabs on the Chrome Privacy Sandbox, needs “sufficient time to review all evidence including results from industry tests.”
The CMA requested market feedback by the end of June. But the statement also attributed Google’s decision partially to “divergent feedback from the industry and developers.”
When Google and the CMA solicit responses from companies that have tested the Privacy Sandbox, there is no consensus; only more hot takes.
Behind the scenes
In February, the CMA ordered Google to halt its phase-out of cookies until it had addressed anticompetitive concerns.
Specifically, publishers and ad tech companies prompted the CMA to investigate concerns that the Privacy Sandbox self-preferences the market position of Google’s ad products, especially Google Ad Manager.
The Privacy Sandbox auction works sequentially by feeding the results of one auction into another. (More details here.) Some industry execs argue that setup ignores the traditional role of the ad server and supply-side platforms, and could reinforce Google’s market share.
Also in February, the IAB Tech Lab’s Privacy Sandbox Task Force flagged that most of the basic use cases it defines for digital advertising simply aren’t possible using the APIs in the Privacy Sandbox as it currently stands.
One example is the Protected Audience API (PAAPI), which generates bids for individual interest groups and, in turn, increases the chances that advertisers bid against themselves. This API has been found to accompany higher latency (aka ads load relatively slowly) and lower yield, at least in early testing.
PAAPI also relies on intermediaries dubbed Trusted Execution Environments, and right now there are only two: Google and Amazon.
Alarm bells have been ringing for months, and Google is now ready to acknowledge that it needs more time to ensure consensus between regulators, developers and ad execs. Or at least approval by one regulator to move forward.
Implications on identity
Google and many others that invested in third-party cookie deprecation (which is to say, invested in post-third-party cookie solutions) hope this delay doesn’t once again take the wind out of the sails for testing and developing cookieless solutions.
Industry executives, even those who fully expected another cookie deprecation delay, express confidence the change will happen on Chrome eventually.
One problem with this year’s timeline is how difficult it would be to transition from 1% cookie deprecation through the first half of the year to cookies disappearing from most Chrome impressions late in the year, when all advertisers are on edge over the holidays.
If we’ve learned anything from the freakout after Chrome went from 0% to 1% deprecation, it’s that the full ramp-up will be chaos. And this chaos should ensue in the beginning of the year.
“We were very clear from the start,” responded Chris Jenkins, director of the CMA’s Digital Markets Unit who oversees the Privacy Sandbox investigation, to a question posed by AdExchanger during a virtual session at the IAB Tech Lab’s Privacy and Addressability conference last month.
“We don’t want to stand in the way of privacy-protecting changes,” Jenkins said.