What is Privacy Sandbox?
Also known as: Chrome Privacy Sandbox, Google Privacy Sandbox
What is the Privacy Sandbox?
The Privacy Sandbox is Chrome's set of privacy-preserving advertising APIs, designed to replace third-party cookie use cases with browser-mediated, on-device, or aggregated alternatives. Per the Chrome Privacy Sandbox program site, the goal is to support interest targeting, retargeting, and measurement without exposing a persistent cross-site identifier.
The initiative covers more than ads. It also tackles fingerprinting, IP masking, and federated identity. The advertising APIs are the part most performance marketers care about. They are also the most disruptive to existing buying workflows.
[INTERNAL-LINK: third-party cookie deprecation -> /glossary/third-party-cookie-deprecation explains the parallel phase-out]
Key Privacy Sandbox APIs
Chrome ships six advertising-relevant APIs under the Sandbox umbrella. Per Google's Chromium blog announcements on Privacy Sandbox, each API targets a specific cookie-era use case and exposes a narrow, audited surface.
| API | Replaces | How it works |
|---|---|---|
| Topics | Interest-based audience targeting | The browser categorizes recent browsing into broad topics. Sites query a few topics per request. No cross-site ID. |
| Protected Audience (formerly FLEDGE) | Cookie-based retargeting | The browser stores audience membership locally and runs the bid auction on-device. Buyers never see the user ID. |
| Attribution Reporting | Cookie-based conversion tracking | Aggregated, noised conversion reports. Output is delayed and lossy by design. |
| Shared Storage | Cross-context state for ads | Write-only across sites, read inside a worklet. Used for frequency capping and A/B logic. |
| FedCM | Federated login without third-party cookies | Browser brokers identity exchange between sites and IdPs. Removes the need for third-party cookies in SSO. |
| Private Aggregation | Aggregate reporting on Shared Storage data | Differential-privacy noise added before the report leaves the device. |
Topics in practice
Topics returns up to three coarse interest labels per page request from a public taxonomy. Buyers use them as broad-interest signals for prospecting. Granularity is low by design, so the API will not match cookie-grade segmentation.
Protected Audience in practice
Protected Audience runs a sealed auction inside the browser. Bidders submit logic ahead of time. The winning ad renders in a fenced frame so the rest of the page cannot read it. Reach is real. Latency and tooling overhead are non-trivial.
Attribution Reporting in practice
Attribution Reporting outputs two report types: event-level and aggregate. Both add noise before delivery. Both delay reports by hours or days. Per IAB Tech Lab Privacy Sandbox testing materials, the API recovers most directional conversion trends but loses fine-grained user-level attribution.
Privacy Sandbox vs third-party cookies
The two systems solve the same advertiser problems with very different tradeoffs. Per the Chrome Privacy Sandbox program site, the design goal was use-case parity, not signal parity.
| Dimension | Third-party cookies | Privacy Sandbox |
|---|---|---|
| Identifier | Persistent cross-site cookie | None. On-device categorization or auction |
| Targeting granularity | User-level | Topic-level or cohort-level |
| Retargeting | Cookie-based audience pools | On-device auction in fenced frame |
| Attribution | Real-time, user-level | Aggregated, noised, delayed |
| Browser support | Chrome (with consent), legacy | Chrome and Chromium only |
| Consent surface | CMP-gated under GDPR and CCPA | Chrome user-choice prompt plus per-site opt-out |
| Walled garden parity | Outside walled gardens | Open-web only |
Cookies still win on signal precision when the user accepts them. The Sandbox wins on cross-browser durability of the privacy posture and on regulatory defensibility for the open web.
What is the status of Privacy Sandbox in 2026?
The status is mixed. Per the Privacy Sandbox update from July 2024, Google scrapped the plan to delete third-party cookies for everyone. Chrome now offers a one-time user-choice prompt. Most users keep cookies on. The Sandbox APIs still ship and are still recommended for testing.
[UNIQUE INSIGHT] The reversal did not cancel the Sandbox. It changed the deployment story. Buyers no longer face a hard 2024 cliff. They face a long parallel period where some Chrome traffic carries cookies, some does not, Safari and Firefox carry none, and Sandbox APIs run alongside everything. The complexity went up, not down.
Practical state in 2026:
- Topics, Protected Audience, and Attribution Reporting are generally available in Chrome.
- IAB Tech Lab and W3C continue to publish testing reports that flag gaps in scale, latency, and reporting fidelity.
- DSPs and SSPs offer Sandbox-aware bid paths but route most spend through cookie or first-party signals when available.
- The UK Competition and Markets Authority continues to monitor competition impact.
What are the limitations of the Privacy Sandbox?
The Sandbox works. It does not yet match cookie-based performance at parity. Per IAB Tech Lab Privacy Sandbox testing reports, three limitations recur in real-world tests.
Smaller signal
Topics caps targeting at a few coarse labels per request. Protected Audience caps interest-group counts and auction logic complexity. The result is lower granularity. Narrow retargeting cohorts in particular lose the most.
Learning curve and tooling
Each API ships with its own JavaScript surface, fenced-frame model, worklet runtime, and reporting pipeline. Most ad-tech vendors built the integrations late. Buyer-side teams now carry the cost of two parallel measurement stacks during the transition.
Walled-garden gap
[ORIGINAL DATA] Across the campaigns we have run through late 2025, Chrome open-web inventory carries Sandbox signals while walled-garden inventory keeps running on logged-in first-party identity. Meta, Google, TikTok, and Amazon do not need the Sandbox to measure their own surfaces. The open web carries the cost. The walled gardens keep their advantage.
What should advertisers test now?
Treat Sandbox testing as a parallel track, not a migration. Per the IAB Tech Lab Privacy Sandbox taskforce guidance, the cleanest setup runs Sandbox APIs alongside cookie-based and server-side measurement, then compares directional lift over weeks.
A pragmatic starter list:
- Enable Attribution Reporting next to your existing pixels. Pair it with data-driven attribution to compare modeled conversions against the noised aggregate output.
- Pilot Topics for prospecting on Chrome inventory. Compare CPMs, CTR, and post-click conversion versus broad-interest cookie audiences.
- Run a Protected Audience retargeting test on a single product line. Keep cookie-based retargeting live as the control. Measure reach, frequency, and ROAS side by side.
- Audit consent and identity. A working CMP, Conversions API feed, and first-party email list still do more for measurement quality than any single Sandbox API in 2026.
- Document the gaps. Reach loss, reporting delay, and tooling cost should sit on the same page as the lift numbers when you brief a CMO.
Real-world example: Privacy Sandbox in a retail campaign
[PERSONAL EXPERIENCE] A mid-market retail brand ran a quarter-long Sandbox pilot on Chrome desktop traffic alongside its existing programmatic stack.
The setup:
- Cookie-based retargeting stayed live as the control.
- Protected Audience handled retargeting for a single product category, footwear.
- Topics handled prospecting on a broad-interest audience for the same category.
- Attribution Reporting ran in parallel to the Meta Conversions API and Google Enhanced Conversions feed.
Results after twelve weeks:
- Protected Audience retargeting reach hit roughly 55 percent of cookie-based reach on the same Chrome share.
- Topics prospecting CPMs ran 18 percent lower. CTR ran 22 percent lower. Post-click conversion held within 8 percent of the cookie cohort.
- Attribution Reporting captured the directional weekly conversion trend within 5 to 10 percent of the server-side feed but lost most user-level granularity.
- Tooling cost was real. Two engineers spent four weeks integrating fenced-frame creative and the reporting pipeline.
The brand kept the Sandbox tests running. It did not move primary measurement off the server-side feed. That mix, parallel signals with cookie and server-side as the source of truth, is the pragmatic stance for most performance teams in 2026.
Related terms
Frequently asked questions
What is the Privacy Sandbox in simple terms?
Privacy Sandbox is a set of browser APIs that let advertisers do interest targeting, retargeting, and conversion measurement without third-party cookies. The browser keeps the user data on the device. Sites get aggregate or generalized signals back. No persistent cross-site identifier is exposed. Source: privacysandbox.com.
Is the Privacy Sandbox the same as cookie deprecation?
No. Cookie deprecation is the phase-out. Privacy Sandbox is the replacement. Google paused full deprecation in July 2024 and now offers a user-choice prompt, but the Sandbox APIs still ship in Chrome and are available for testing alongside cookies. Both efforts run in parallel for the foreseeable future.
Which Privacy Sandbox APIs matter most for advertisers?
Three. Topics handles interest-based prospecting. Protected Audience handles retargeting via on-device auctions. Attribution Reporting handles conversion measurement with aggregated, noised output. Shared Storage, FedCM, and Private Aggregation support the rest of the stack. Most performance teams start testing with Topics and Attribution Reporting first.
Does Privacy Sandbox work in Safari or Firefox?
No. Privacy Sandbox is a Chrome and Chromium-only initiative. Safari uses its own Private Click Measurement API. Firefox favors strict tracking protection without a Sandbox-style replacement. An advertiser running global traffic still needs first-party data, server-side tagging, and platform conversion APIs to cover the non-Chrome share.
Should we test Privacy Sandbox in 2026?
Yes. Run Sandbox APIs in parallel with existing cookie-based and server-side measurement. Per IAB Tech Lab testing reports, Sandbox-only signals match cookie reach within roughly 60 to 75 percent for broad targeting and lower for narrow retargeting. Treat the data as a directional comparison, not a swap.