Last August, Google launched an initiative to develop a set of open standards to enhance privacy on the web, which it called a ‘privacy sandbox’. While the sandbox was launched with quite a wide remit of “building a more private web”, one of the specific aims for the project was to find an alternative to the third-party cookie which could be used for delivering relevant ads, as well as conversion measurement and fraud protection.
The initiative was thrown into the spotlight earlier this year when Google announced that it will phase out support for third-party cookies within its Chrome browser by 2022. Google also anticipates that solutions developed within the sandbox will render third-party cookies obsolete anyway. But by ending support for third-party cookies on the world’s most popular browser, the digital advertising ecosystem may find itself forced to use whatever solutions come out of the sandbox, regardless of whether they would like to or not.
One of the proposals that has emerged is TURTLEDOVE, a framework for an API (application programming interface) which tries to enable behavioural targeting while limiting the amount of user data that is shared with advertisers. And while it’s still just a proposal for now, it could give an indication of how web-based advertising might look in the future.
What is TURTLEDOVE?
Myles Younger, a senior director of marketing at media consultancy MightyHive, explained TURTLEDOVE’s basic idea. “What TURTLEDOVE is proposing, and it’s not the only proposal out there that suggests this, is to completely re-architect the current system so that user behaviors are not stored in a remote database, they are stored in your browser and they never leave your browser,” he said.
So, for example, if a user searches for running shoes on an ecommerce site, the site’s owner might want to place that user in an ‘interest group’ for retargeting, but that data would only reside in the user’s browser.
The key to how ad auctions run within this new system is found in TURTLEDOVE’s name, which stands for ‘Two Uncorrelated Requests, Then Locally-Executed Decision On Victory’. Michael Kleber, one of the Google software engineers working on TURTLEDOVE, explained on Github the two steps this involves (the language Kleber uses has been simplified for our purposes):
-
The browser sends two uncorrelated ad requests: (a) a contextual ad request, which is allowed to contain the URL of the page where the ad will appear, and; (b) a separate request indicating an advertiser-identified interest, but which cannot be tied to any browsing behavior, and which can happen at a time other than while loading the web page where the ad will appear.
-
The ad network must make the final decision when it comes to deciding which ad “wins” via code that executes locally within the browser, and which cannot send information outside of that device. So the ad network can then run an “on-device auction” to choose from the ads that have been sent to the device.
In the first step, the first, contextual ad request would be sent as normal according to Kleber. But the interest-group request is new, sending information about which interest groups the user is in, for targeting purposes.
Paul Silver, chief operations officer at marketing intelligence company MiQ, said that these interest group requests would maintain users’ privacy by limiting the data sent to the ad network. “The interest group signals passed to any buyer will have reduced meta data associated to it, will have a time based expiration date and will throttle the frequency upon which you can bid for interest based ad slots,” he said. “It will not pass any data as to how the interest group was created, and how a particular browser was assigned to it.”
In the second step, a “locally-executed auction” takes place which decides which ad is shown on the browser. The browser can combine the information it received back from its context and interest-group requests, in order to make this decision.
Palatable for consumers, privacy advocates and the advertising industry?
TURTLEDOVE as it currently stands still just a framework, rather than an actual usable API, so it’s hard to say much about the specifics of what exactly would change, and whether it would work.
MightyHive’s Younger said that the framework would likely be effective in preserving privacy online. “Whereas having your behaviour stored in a remote database starts to pose all kinds of privacy problems, storing all that information in your browser keeps it easily locked on your device,” he said. “That’s the core inspiration for a solution like TURTLEDOVE.”
But there are a number of issues that could arise. Firstly, TURTLEDOVE would allow features like frequency capping, measurement and reporting, but relies on the Aggregate Reporting API, another sandbox proposal, to do this. But the Aggregate Reporting API itself is still just an idea, rather than something that’s already been proven to work.
TURTLEDOVE would also be somewhat more opaque from the point of view of advertisers, ad tech companies’ and agencies’, as so much happening within the browser, out of their view.
But MiQ’s Silver said that the industry might have to accept the fact that new solutions might be less than ideal, compared to the status quo.
”One thing we need to grasp is that we’re looking to reinvent how personalised ads can function,” he said. “If there was no legacy model, this would still present an advancement versus non digital / analogue ways of targeting individuals. One of the key principles of differential privacy (which many of the sandbox initiatives are designed around) is baking in enough noise to reduce the risk of identifying individuals. This is unfortunately going to become a new reality the ad industry needs to get comfortable with.”
Questions also remain about whether users would really feel the benefits of TURTLEDOVE. The API would turn the browser from a relatively passive piece of software into an active player in digital advertising, with elements of ad tech effectively baked into their browser. From a consumer standpoint, this could be seen as more intrusive than the current system.
Finally, TURTLEDOVE could risk handing Google yet another advantage over its ad tech competitors. “A movement from the cloud (where typically most events occur in adtech today) to the edge (in this case the browser) is a much more sustainable option in my opinion,” said Silver. “The only risk here is how church and state Google can behave, since they would own both the access (exchange, ad serving, buying platform and in some cases inventory) and the rules (ie how the browser creates the interest modeling).”
