Google Sandbox launch delayed – what now?

July 2021

A stay of execution for third-party cookies…

When it was originally announced, in late 2019, that Google would no longer support third-party cookies and that they would introduce alternative means of targeting audiences through the Google sandbox and specifically using FLoC (Federated Learning of Cohorts) there were gasps of horror and surprise in the advertising community.

Mozilla and Firefox had already stopped supporting third party cookies but these browsers represented a tiny proportion of all browser users. With Google Chrome representing around 65% of all users, this was a game-changer and spelt the end of behavioural targeting as we knew it. What would advertisers do without their precious third party cookies?

What was FLoC?

In a nutshell, FloC meant that instead of third-party trackers, the browser would do the profiling of users to create behavioural segments which could then be shared with websites and advertisers.

The obvious downside to this project was that Google would have greater control over the deployment of targeting tools. There were enough people who believed that this was anti-competitive.  Many have said it was an exercise to control the advertising market even further. There was also a fear that this targeting would be discriminatory and result in predatory targeting.

Since then, there has been a flurry of activity with publishers and advertisers trying to figure out what alternatives could be used to effectively target new customers in a more privacy-friendly way.

Privacy Sandbox delayed

In late June, Google announced that they had delayed the deadline for deprecating third party cookies. Instead of late 2021, the new self-imposed deadline is late 2023.

They also announced they will end the testing of FloC on July 13th which suggests they are going back to the drawing board to develop a privacy friendly targeting solution that potentially replaces FLoC.

The main question is why and what should advertisers do now?

1. The Sandbox solution isn’t ready and doesn’t work
One obvious answer is that the new targeting solution being developed in the sandbox isn’t ready. Whatever has been built hasn’t been tested in anger and there is no guarantee that they work as well as third party cookies

2. Google’s FLoC has been blocked
Big players such as Amazon have blocked FLoC. This would have been a serious concern if other large retailers/publishers followed suit and rendered the solution unusable.

3. Google are under pressure from regulators
The most likely answer. Google has allowed at least 6 months to talk to the Competitions and Markets Authority in UK (CMA). They are also the subject of other anti-trust investigations across Europe.

There was general concern amongst advertisers and ad tech providers that whatever is being planned is anti-competitive. They believed that removing third-party cookies would undermine publishers and ad tech providers. In addition, whatever is developed has to be privacy-friendly and considered compliant by ICO.

The new timeline for third-party cookie deprecation starts with the first stage in late 2022 when Chrome will test Privacy Sandbox features and monitor for industry adoption. That stage is expected to last nine months. This is also when the CMA will evaluate Chrome’s cookie changes.

If the Privacy Sandbox features are adopted by publishers and developers, and Google gets the go-ahead from the CMA, then Chrome will move to Stage 2: a three-month period when the browser will phase out third-party cookies.

What should advertisers be doing in the meantime?

This delay is a golden opportunity for advertisers to develop their own strategies for replacing third party cookies. There has been significant innovation in this area over the last 2-3 years, although adoption has been relatively slow with many companies not making much progress. An 18 month – 2-year breather will be most welcome.

What are the main options open to advertisers?

1. Build out a larger body of first-party (and zero-party) data
The best and most accurate data is that which you capture directly from your customers. It is freely given and is likely to deliver better response rates and conversions. This could include transaction data and registration data. The recently coined term – zero party data – is effectively a subset of first-party data and is defined as data that has been freely given by the individual through channels such as preference centres, surveys and other data collection methods. Building the first-party database isn’t always easy for advertisers and can take a long time but there is a clear motivation now to get on with it.

2. Share second-party data
A growing area is the development of pseudonymised data pools or clean rooms. In this context advertisers will sign a data-sharing agreement with another data owner to share compliantly collected, pseudonymised data to help enhance their own records.

3. Adopt contextual advertising
Contextual advertising relies on you using your compliantly collected first-party data to create segments and profiles. These can then be used to target new prospects using context as the basis for targeting rather than behaviour. These solutions often rely on data remaining on an individual’s device until the point when they start to consume relevant content – known as edge computing.


In summary, a lot is going on in advertising and the delay in the delivery of the Privacy Sandbox will be most welcome to advertisers. It gives them time to build out their first-party data as well as investigate the wide variety of new cookie-less targeting solutions that are springing up. No doubt Google will deliver a compliant solution but in the meantime, advertisers have a breathing space to sort out their data strategies.


Struggling with data protection? Ease the strain with our no-nonsense advice and support via our flexible Privacy Manager Service. Find out how our experienced team can help you. CONTACT US.