What Was Google's Privacy Sandbox?
Privacy Sandbox was Google's ambitious project to build a set of browser-based APIs that would allow targeted advertising and conversion measurement without relying on third-party cookies. Announced in 2019, it aimed to address growing privacy concerns while preserving the ad-funded web economy.
The concept was straightforward: move the data processing that third-party cookies handle - interest-based targeting, remarketing, and attribution - into the browser itself, where it could be done locally without exposing individual user data to advertisers or ad tech intermediaries.
Google framed Privacy Sandbox as the path toward a cookieless Chrome. That path turned out to be far more complicated than anyone anticipated.
The Core APIs: Topics, Protected Audience, and Attribution Reporting
Privacy Sandbox comprised several interconnected APIs, each designed to replace a specific function of third-party cookies.
Topics API
Topics replaced the earlier FLoC (Federated Learning of Cohorts) proposal after that approach drew criticism from privacy advocates. The API worked by classifying a user's browsing activity into broad interest categories - such as "sports" or "travel" - stored locally on the device. Advertisers could then request a small number of recent topics for targeting, without learning the user's full browsing history.
Each topic was drawn from a taxonomy of roughly 470 categories. The browser selected topics based on the sites visited during each weekly epoch, and a degree of randomisation was applied to reduce fingerprinting risk.
Protected Audience (formerly FLEDGE)
Protected Audience handled remarketing and custom audience targeting. Rather than allowing advertisers to track users across sites with cookies like _fbp or _gcl_au, it ran ad auctions directly in the browser. Interest groups were stored locally, and the auction logic - including bid generation and ad selection - executed on-device.
Attribution Reporting API
This API aimed to measure ad conversions without revealing which specific user clicked an ad and later converted. It offered two reporting modes: event-level reports (limited data, delayed delivery) and summary reports (aggregate data with differential privacy noise added).
Why Google Reversed Course on Third-Party Cookie Deprecation
Google originally planned to deprecate third-party cookies in Chrome by 2022, then pushed the deadline to 2024. In July 2024, the company reversed course entirely, announcing that Chrome would keep third-party cookies and instead let users manage their preferences through existing browser settings.
The revenue data told the story clearly. Testing showed that removing third-party cookies without Privacy Sandbox caused a 34% drop in programmatic revenue for publishers on Google Ad Manager and a 21% drop for publishers on Google AdSense. Privacy Sandbox APIs only partially offset those losses.
In April 2025, Google confirmed it would not introduce a separate consent prompt for third-party cookies in Chrome either, meaning users would continue managing cookie preferences through Chrome's existing Privacy and Security settings rather than facing a new choice screen.
Performance Gaps That Undermined Adoption
The ad industry tested Privacy Sandbox APIs extensively during 2023 and 2024. The results were discouraging.
Attribution Reporting proved particularly problematic. Reports indicated that roughly 85% of conversions measured through Privacy Sandbox APIs were inaccurate by 60-100% compared to cookie-based tracking. For advertisers accustomed to precise conversion measurement, this was unworkable.
Protected Audience fared similarly. Publishers reported revenue decreases of 20-30% for inventory using Protected Audience compared to traditional remarketing. Advertisers also found 40-60% lower targeting precision.
| Privacy Sandbox API | Purpose | Key Issue | Status (2026) |
|---|---|---|---|
| Topics API | Interest-based targeting | Broad categories lacked precision | Retired |
| Protected Audience | Remarketing and custom audiences | 20-30% revenue drop vs cookies | Retired |
| Attribution Reporting | Conversion measurement | 60-100% inaccuracy rate | Retired |
| CHIPS | Partitioned third-party cookies | N/A - limited scope | Active |
| FedCM | Federated identity/sign-in | N/A - different use case | Active |
| Private State Tokens | Anti-fraud verification | N/A - different use case | Active |
Smaller ad tech companies faced a separate problem: implementation complexity. Third-party cookies worked universally across platforms with minimal setup. Privacy Sandbox required significant engineering investment for integration and ongoing optimisation that many firms could not justify.
The October 2025 Shutdown
On 17 October 2025, Google's VP of Privacy Sandbox, Anthony Chavez, published an update confirming the retirement of most Privacy Sandbox technologies. The list included Topics, Protected Audience, Attribution Reporting, Private Aggregation, IP Protection, Related Website Sets, Protected App Signals, SDK Runtime, SelectURL, and On-Device Personalisation.
Google cited two factors: low adoption across the ecosystem and feedback from publishers and advertisers that the APIs could not deliver sufficient value to justify the transition.
Three technologies survived: CHIPS (Cookies Having Independent Partitioned State), which limits third-party cookie access to the top-level site context; FedCM (Federated Credential Management), enabling privacy-friendly authentication flows; and Private State Tokens, used for anti-fraud verification without user tracking. Google also indicated it would pursue an interoperable attribution standard through the W3C.
What This Means for Cookie Consent
With Privacy Sandbox's advertising APIs retired, third-party cookies remain the primary mechanism for cross-site tracking in Chrome. That means cookie consent requirements under the ePrivacy Directive and GDPR are as relevant as they were before Privacy Sandbox existed.
Website owners still need to obtain informed, specific consent before setting non-essential cookies - including advertising and marketing cookies like _fbp, _gcl_au, and IDE. The legal framework has not changed.
Safari and Firefox already block third-party cookies by default through Intelligent Tracking Prevention (ITP) and Enhanced Tracking Protection respectively. Chrome's decision to retain third-party cookies means it remains the only major browser where cross-site cookie-based tracking works without restriction - making proper consent management on Chrome traffic especially significant.
Alternatives Worth Watching
Google Consent Mode v2 continues to operate independently of Privacy Sandbox. When users decline cookie consent, Consent Mode adjusts Google tag behaviour and enables conversion modelling to fill data gaps. This remains Google's primary approach for balancing consent with measurement.
Server-side tagging has gained traction as a privacy-first method of collecting analytics data. By processing data on your own server rather than in the visitor's browser, it reduces reliance on client-side cookies - though consent requirements under Article 5(3) of the ePrivacy Directive still apply to any information stored on or read from a user's device.
Privacy-preserving analytics tools such as Plausible, Fathom, and Matomo's cookieless mode offer measurement without setting tracking cookies. These tools can reduce your consent burden, though they trade off granularity for privacy.
CHIPS: The Privacy Sandbox Survivor That Matters
CHIPS deserves specific attention because it directly affects how cookies behave in Chrome. CHIPS partitions third-party cookies by top-level site, meaning a cookie set by a third-party service on Site A cannot be read by that same service when embedded on Site B.
This partitioning breaks cross-site tracking while preserving legitimate embedded functionality - such as chat widgets, payment forms, and live chat tools. If your site uses third-party services that rely on cookies for functionality (not tracking), those services will need to adopt the Partitioned attribute on their cookies to continue working as Chrome enforces CHIPS.
Frequently Asked Questions
Is Google Privacy Sandbox still active in 2026?
Most Privacy Sandbox advertising APIs were retired in October 2025, including Topics, Protected Audience, and Attribution Reporting. Only CHIPS, FedCM, and Private State Tokens remain active.
Will Chrome still block third-party cookies?
No. Google reversed its plan to deprecate third-party cookies in Chrome. Users can manage cookie settings through Chrome's existing privacy controls, but third-party cookies remain enabled by default.
Do I still need a cookie banner after Privacy Sandbox?
Yes. Since third-party cookies remain active in Chrome and are still used for advertising and analytics, you must obtain consent before setting non-essential cookies under the ePrivacy Directive and GDPR.
What is CHIPS and does it require consent?
CHIPS (Cookies Having Independent Partitioned State) partitions third-party cookies by top-level site to prevent cross-site tracking. Whether a CHIPS cookie requires consent depends on its purpose - functional cookies may qualify as strictly necessary, but analytics or advertising cookies still need consent.
Why did Google shut down Privacy Sandbox?
Google cited low industry adoption and ecosystem feedback indicating the APIs could not deliver enough value. Performance testing showed significant accuracy gaps in attribution and reduced targeting precision compared to cookie-based approaches.
What replaced Privacy Sandbox for conversion tracking?
There is no direct replacement. Advertisers continue using cookie-based conversion tracking with consent, supplemented by Google Consent Mode v2 for modelled conversions when users decline cookies. Google has indicated it will pursue an interoperable attribution standard through the W3C.
Take Control of Your Cookie Compliance
With third-party cookies remaining in Chrome for the foreseeable future, proper consent management is not optional. Kukie.io detects and categorises every cookie on your site - including the third-party tracking cookies that Privacy Sandbox was meant to replace - so your visitors get a clear choice and you stay compliant.
