Chrome’s “Sandbox”: Corporate Advertisements and Consumer Privacy

In 2020, in the midst of existing tensions between consumer privacy and corporate profit,  Apple seemed to take a major step in the field of digital rights—on the side of the consumers, for once. The tech giant’s primary search engine, Safari, was reconfigured to automatically block all third-party cookies. It became the second browser to ever do so, following Tor, a browser already well-known for its focus on total digital anonymity.

Third-party cookies are the driving force behind targeted advertising: by keeping track of what websites a user visits, companies can show advertisements targeted towards goods and services that the user might specifically be interested in. These cookies are imposed by “third-party” servers that allow for data to be transferred across multiple websites at once. Browsing a shopping website for purses, for example, might inject first-party cookies into your browser that allow that website to continue showing you purse recommendations. If third-party cookies are enabled, however, browsing any other website allows it to pull from your purse-browsing data—showing you purse ads no matter where you go.

Safari’s cookie block closed many of the potential security vulnerabilities and addressed privacy issues inherent to allowing websites to share data between each other without a user’s explicit permission. It also cut off a significant source of ad revenue for companies that relied on these targeted advertisements as a source of profit, such as Safari’s search-engine competitors. Not to be outdone, Google supposedly started phasing out its own use of third-party cookies on Chrome and Chromium-based browsers. In turn, however, it insidiously provided advertisers with another option for maintaining their streams of targeted ad revenue: the “FLoC” and “TrackAPI” programs, which ultimately evolved into the modern “Privacy Sandbox” that came into full effect this September. Instead of using cookies, the Privacy Sandbox is the name for a developer tool built into the search engine itself that tracks user searches. Users are sorted into cohorts of people with similar interests, and the group’s collective data is then passed on to advertising companies. The Privacy Sandbox is a new replacement for an old tracking method that has gotten bad optics in recent years, allowing Google to assert its concern for user privacy while continuing to track searches in ways that violate user privacy rights.

This arms race in the field of privacy protection exemplifies a push-and-pull between consumer rights and profit margins that has characterized corporate activity in the digital age. Legislators have only recently begun to address the lack of federal and state regulations regarding user rights and privacy online—with the burden of improvement being placed primarily on the corporate entities that benefit from tearing them down in the first place. With the increasing skepticism that Internet-based companies face from their users today, corporations have been forced to frame themselves as privacy-conscious entities, even as they attempt to maintain the same profits that they have reaped from targeted advertising in the past.

Different corporations have dealt with public opinion on their advertising methods in different ways. As mentioned earlier, companies like Apple have shifted the burden of profit to the consumers: rather than relying on ads to make money, they make users pay subscription fees (or buy expensive devices like iPhones) in exchange for the privilege of blocking advertisements and cookies entirely. Other corporations have begun to rely heavily on user “consent,” warning users every time they log onto a website that uses third-party cookies and providing them with an opt-out option. Some companies have dedicated themselves entirely to the cause of consumer privacy: the search engine DuckDuckGo uses private search ads that do not rely on users’ browsing habits, while the Mozilla Firefox browser is utterly transparent with what necessary data it collects from its users to improve its open-source engine.

Nevertheless, it seems that ad-driven tech giants still reign supreme over more privacy-conscious alternatives. In 2022, Google possessed an astonishing 86-96% of the search engine market share; the closest runner-up, Yahoo, occupied a measly 3%. Similarly, as of September 2023, Chrome made up 63% of the market share of all browser usage worldwide. Safari trailed behind at 20%, serving as a larger competitor primarily due to mobile iPhone and iPad use. Given that Internet privacy seems to be a major concern for modern corporations—to the point where many have adjusted their business practices to account for it—why have more users not turned towards more obviously privacy-friendly options like Mozilla?

Google argues that it is because its products are better than those of its competitors. The U.S. Department of Justice, however, in the biggest tech monopoly antitrust trial of the twenty-first century thus far, claims otherwise. It contends that Google’s predominance arises from the illegal maneuvers it has taken to outcompete smaller search engine and browser companies, making itself the default way to access the Internet for billions of users across the globe. The trial against Google began on September 17 this year. Only time will tell what it will reveal about Google’s potentially monopolistic practices and how sanctions, if they are imposed, will affect the rest of the digital market.

If the DOJ succeeds, hopefully Internet users will begin looking towards business models that genuinely focus on protecting their digital rights, no matter how murky and ambiguous those rights may seem. With the possibility of increased market competition, true privacy protection might become a far more relevant concern for those companies hoping to woo privacy-conscious consumers into using their services—rather than, as Google has done, paying lip service to the issue of privacy while maintaining the same invasive practices from which it profited in the past.