Google’s Privacy Sandbox debacle took a turn on Friday when the UK’s Competitions and Markets Authority (CMA) said it got the tech giant to agree to commit to improvements over the tech (a direct competitor of cookies).
The CMA’s claim came after Thursday’s call by the UK’s data watchdog (the Information Commissioner’s Office) for Google and its counterparts to fix privacy risks arising from ads. The ICO is continuing work with the CMA to review plans set forth by the Mountain View-based company.
An investigation by the regulator started in January following worries that Google’s plan to change its Chrome browsers would strengthen its virtual monopoly on the online ads ecosystem.
Google wanted to ditch third-party cookies in favor of a Privacy Sandbox. In June, the CMA said that initial commitments agreed to by the company needed to improve. The feedback was for Google to be more transparent to enhance the monitoring of compliance and improve provisions on Google self-referencing its ad products and services.
Google responded to the concerns, which the CMA seemed to be satisfied by, by agreeing to:
- Ensure that the CMA’s role and ongoing CMA processes are mentioned in Google’s important public announcements.
- Guide staff to not make claims to customers that contradict the commitments.
- Report to the CMA regularly on how it takes account of third-party views.
- Address concerns regarding its decision to remove functionality or information before making complete Privacy Sandbox changes. That would include delaying the enforcement of its Privacy Budget proposal and offering commitments concerning measures used to reduce access to IP addresses.
- Clarify the internal limits regarding what data the company may use.
- Provide more certainty to third parties working on alternative technologies
- Improve provisions on reporting and compliance (incl. adding a CMA-approved monitoring trustee).
- Provide a longer duration of six years from the date of any decision to accept the tech giant’s modified commitments.