October 20, 2020
Google’s deadline on plans to remove third-party cookies from the advertisement equation is coming closer, and developers are preparing potential solutions.
The Dovekey proposal is part of the Google “Privacy Sandbox” initiative that is going to replace the functionality served by cross-site tracking using privacy-focused technologies that mitigate workarounds such as fingerprinting and network-level tracking. Do...vekey is a response to a privacy proposal from ad tech company Criteo called SPARROW, which in turn was a response to Google’s privacy proposal TURTLEDOVE. The key element of the TURTLEDOVE proposal was that all auction decisions would take place in the browser rather than in ad servers, which in theory would stop bad actors from being able to siphon off bid stream data to build profiles on users.
Experts concern that Google owns the most popular browser, so the process may not be clear and depends on Google's influence. French ad tech company Criteo offers SPARROW as an answer to TURTLEDOVE’s drawbacks: rather than being held in the browser, the auction process and logic would be looked after by an independent “gatekeeper.” Also, advertisers would receive real-time data feedback.
But there were some industry concerns about how the gatekeeper could be fully entrusted to keep user and advertiser data safe — especially if reporting is moving in real-time. Plus, there are only a limited number of companies with the capacity to be a gatekeeper. Google’s Dovekey proposal builds upon SPARROW. The “gatekeeper” in this instance would be what Google describes as a “key-value server” — a simplified version of an ad server, which could be run by a third-party company (not just Google). It receives a “key” — such as a contextual ad signal plus an interest group — and it returns a value — a bid. The idea is that there’s no potential for advertisers, website owners, and ad tech vendors to gather information about individuals.
The proposal was published on GitHub for open discussion.