Austrian Non-Profit Accuses Google’s Privacy Sandbox of User Tracking
Google's plans to deprecate third-party tracking cookies in its Chrome web browser with Privacy Sandbox have run into fresh trouble. Austrian privacy non-profit noyb (none of your business) alleges that the feature can still be used to track users.
Allegations from Noyb
"While the so-called 'Privacy Sandbox' is advertised as an improvement over extremely invasive third-party tracking, the tracking is now simply done within the browser by Google itself," noyb stated. The organization claims that Google needs the same informed consent from users for this tracking. Instead, Google is allegedly tricking people by pretending to "Turn on an ad privacy feature."
By agreeing to enable a privacy feature, users are still being tracked by consenting to Google's first-party ad tracking, the Vienna-based non-profit founded by activist Max Schrems alleged in a complaint filed with the Austrian data protection authority.
Privacy Sandbox Overview
Privacy Sandbox is a set of proposals from Google aimed at blocking covert tracking techniques and limiting data sharing with third parties while allowing website publishers to serve tailored ads. However, the plans to deprecate third-party cookies in Chrome have been repeatedly delayed as Google addresses concerns and feedback from regulators and developers. As of April, Google intends to phase out third-party cookies early next year.
Current Testing and Rollout
In the interim, Google is ramping up testing efforts. The company is already deprecating third-party cookies for 1% of Chrome users globally starting in the first quarter of 2024.
Noyb's Accusations
Noyb has accused Google of using dark patterns to increase consent rates and misleadingly passing Privacy Sandbox off as a feature that protects users from ad tracking. The non-profit argues that Privacy Sandbox being less invasive than third-party cookie tracking does not give Google the right to violate data protection laws in the region.
"Consent has to be informed, transparent, and fair to be legal. Google has done the exact opposite," said noyb's founder Max Schrems. "If you merely steal less money from people than another thief, you can't call yourself a 'wealth protection agent.' But that is basically what Google is doing here."
Google's Response
In a statement shared with Reuters, Google said Privacy Sandbox offers "meaningful privacy improvement" over existing technologies and that it will work towards a "balanced outcome" that meets the needs of all stakeholders.
Previous Complaints by Noyb
This is not the first time noyb has filed complaints with European Union watchdogs against big tech companies for alleged privacy infringements. Earlier this April, it accused ChatGPT maker OpenAI of violating General Data Protection Regulation (GDPR) laws by "hallucinating" false information about individuals. Noyb has also criticized Meta for relying on "Legitimate Interests" to use publicly shared data of its users to train AI models.
Meta has responded by stating its AI models need to be trained on relevant information that reflects the diverse languages, geography, and cultural references of European users. Meta noted that its approach is "more transparent and offers easier controls than many of our industry counterparts already training their models on similar publicly available information."
Conclusion
The ongoing scrutiny of Google's Privacy Sandbox by privacy advocates highlights the complex balance between technological advancements and user privacy. As Google continues to test and refine its approach, the dialogue between regulators, developers, and privacy groups will be crucial in shaping the future of online privacy.
