Chrome kills most Privacy Sandbox technologies after adoption fails

Google announced on October 17, 2025, the death of most Privacy Sandbox advertising technologies, abandoning years of development work after the APIs failed to gain traction. The company will retire Attribution Reporting API, IP Protection, On-Device Personalization, Private Aggregation, Protected Audience, Protected App Signals, Related Website Sets, SelectURL, SDK Runtime, and Topics across Chrome and Android platforms.

According to Anthony Chavez, VP of Privacy Sandbox at Google, the decision stems from "low levels of adoption" combined with ecosystem feedback that revealed the technologies couldn't deliver sufficient value. The announcement represents a stark admission of failure for an initiative Google launched in 2019 with promises to preserve advertising functionality while enhancing privacy.

The timing proves particularly notable. Google reversed course on cookie deprecation in April 2025, just five days after being judged a monopoly in the Department of Justice's AdTech case. The company initially planned to eliminate third-party cookies from Chrome entirely but instead opted to maintain the status quo after mounting pressure from regulators and industry stakeholders.

What's being killed

The scale of this retirement affects nearly every component of Google's cookie replacement strategy. Each technology served specific functions in the Privacy Sandbox ecosystem, yet none achieved sufficient adoption to justify continued development.

Attribution Reporting API enabled conversion measurement without cross-site tracking. The browser itself performed attribution matching when users clicked ads and later converted on advertiser websites. Rather than sharing individual user data, the API generated two types of reports: event-level reports with limited conversion information and heavily delayed timing, plus aggregated summary reports with more detail but encrypted and accessible only through trusted execution environments. The technology attempted to replace third-party cookie-based measurement by moving attribution logic into the browser, using differential privacy techniques including noise injection and time delays to protect individual user privacy. Advertisers received metrics about campaign performance without access to individual user journeys across websites.

Protected Audience API, formerly known as FLEDGE, powered remarketing and custom audience targeting through on-device auctions. When users visited advertiser websites, those sites could ask browsers to add users to interest groups stored locally on devices. Later, when users visited publisher sites, the browser conducted auctions between interest group ads and regular programmatic ads to determine which ad to display. The entire auction process occurred on the user's device rather than on external servers. Buyers submitted bidding logic and creative URLs, while sellers provided scoring functions to evaluate bids. The API aimed to enable personalized advertising without sharing user browsing history across sites, keeping interest group membership private within the browser.

Topics API provided interest-based advertising by inferring user interests from browsing history without revealing specific sites visited. The browser assigned websites to categories from a taxonomy of approximately 470 topics like "Travel" or "Shopping." Each week, the browser calculated a user's top topics based on frequently visited site categories and stored them locally. When users visited sites showing ads, the Topics API shared up to three topics—one from each of the past three weeks—with sites and advertising partners. Crucially, callers could only receive topics they had previously observed for that user, preventing widespread cross-site tracking. The technology replaced Google's earlier FLoC proposal after that initiative faced industry rejection in 2021.

Private Aggregation API enabled privacy-preserving measurement for cross-site data collected through Protected Audience and Shared Storage APIs. The technology generated aggregatable reports combining information from multiple sites while protecting individual user privacy through encryption and noise injection. Reports could only be decrypted and processed by the Aggregation Service running in trusted execution environments. The API supported use cases like reach measurement, frequency capping analysis, and conversion funnel optimization without exposing individual user behavior.

Related Website Sets allowed organizations to declare relationships between domains they owned and operated, enabling limited cross-site cookie access for first-party use cases. A company operating multiple related domains could group them together, with browsers recognizing these relationships. The technology included requestStorageAccessFor API and partitioned storage mechanisms. Related Website Sets aimed to support legitimate business needs like single sign-on across corporate domains without enabling third-party tracking.

IP Protection proposed masking user IP addresses to prevent cross-site tracking based on network identifiers. The technology would route traffic through proxy servers, hiding IP addresses from destination websites while maintaining functionality for fraud detection and geographic content delivery. Google positioned IP Protection as complementary to cookie restrictions, addressing another avenue for user tracking.

Shared Storage API provided privacy-preserving cross-site storage for legitimate business needs like A/B testing, frequency capping, and content selection. Unlike traditional cross-site storage mechanisms, Shared Storage restricted data access. Information could be written from any site but read only within isolated worklets that couldn't communicate with external servers. Output from Shared Storage operations used privacy-protecting mechanisms like Private Aggregation for measurement or selectURL for limited output options.

Protected App Signals brought Privacy Sandbox technologies to Android app-to-app advertising, enabling remarketing on mobile without cross-app user identifiers. The technology mirrored Protected Audience functionality but for mobile app environments, conducting on-device auctions to select relevant ads based on user app engagement history.

SDK Runtime created isolated execution environments for advertising SDKs on Android, preventing SDKs from accessing device resources and user data outside their designated purpose. The runtime loaded SDKs separately from host apps, restricting permissions and data access to preserve user privacy while maintaining advertising functionality.

Testing results exposed fundamental problems with Privacy Sandbox technologies long before this announcement. The UK's Competition and Markets Authority revealed in June 2025 that publisher revenue declined approximately 30% when using Privacy Sandbox tools instead of third-party cookies. Even with privacy-preserving alternatives enabled, publishers couldn't recover lost income.

Third-party testing demonstrated more severe impacts than Google's own measurements indicated. Independent advertiser spend declined by 42%, 60%, and 67% across different testers, far exceeding Google's reported 14% drop on its DV360 platform. Click-through rates plummeted by magnitudes ranging from 12% to 67% depending on the tester. Latency increased dramatically, with some experiments showing performance degradation of 200%.

Google's Q1 2025 report to the CMA captured extensive criticism that foreshadowed this retirement decision. Stakeholders complained that "Ad techs have paused Privacy Sandbox API testing and are seeking stronger reasons to reinvest in these technologies." The feedback revealed a fundamental lack of industry confidence in the entire initiative.

Competitive concerns plagued the Protected Audience API specifically. Industry participants argued that Google structured the technology to advantage its own ad systems while restricting rival supply-side platforms. One stakeholder stated that "Google will not send any GAM/AdX demand to a publisher who wishes to rely on a rival publisher ad server" and that critical information would be "available to GAM but restricted for rival SSPs."

The retirement affects both web and mobile implementations. Chrome browser and Android operating system versions of these technologies will be phased out according to standard deprecation processes. Google stated it would share specific timelines on developer documentation sites, though no dates appeared in the October 17 announcement.

Not all Privacy Sandbox technologies face elimination. Google confirmed continued support for CHIPS (Cookies Having Independent Partitioned State) and FedCM (Federated Credential Management). These two APIs achieved broader adoption and gained support from other browser manufacturers, unlike the failed technologies being retired. CHIPS enhances cookie privacy and security, while FedCM streamlines identity authentication flows.

Private State Tokens will also remain active. Google indicated plans to explore additional approaches using this technology for fraud and abuse prevention, though specific implementations remain undefined.

The measurement pivot

The announcement emphasized scaled measurement solutions as the path forward. "We've heard clearly from marketers and publishers the importance of scaled measurement solutions to understand the impact of advertising campaigns and the value of different audiences," Chavez stated. Google now focuses on developing an interoperable Attribution standard through the Private Advertising Technology Working Group within the World Wide Web Consortium.

This pivot toward cross-browser standards represents a significant strategic shift. Rather than developing Chrome-specific solutions that competitors resist adopting, Google will work through W3C processes involving other browser makers. Whether this approach succeeds where Privacy Sandbox failed remains uncertain.

The scale of the retirement proves extraordinary. Attribution Reporting API, one of the cornerstone technologies Google promoted heavily, will be eliminated despite years of development and testing. The company stated that feedback from companies that built on this API will inform future work on the interoperable Attribution standard, suggesting it will salvage some technical insights from the failure.

IAB Tech Lab identified severe limitations in its February 2024 analysis of Privacy Sandbox. The report highlighted measurement challenges, brand safety concerns, technical complexity, and competitive advantages that could allow Google to gain market share. Criteo's testing validated these concerns, observing potential market share increase for Google Ad Manager from 23% to 83% if Privacy Sandbox replaced cookies.

Publishers invested substantial resources preparing for a cookieless future that never materialized. Many developed strategies around Topics and Protected Audience APIs, which Google positioned as primary cookie replacements. Those investments now appear wasted as the technologies get shelved.

Advertisers face similar challenges. Remarketing campaigns, which rely heavily on cross-site tracking, experienced particularly severe degradation in Privacy Sandbox testing. Third-party experiments showed remarketing-focused businesses suffering greater impacts than other advertising types, with some seeing spend decline by over 60%.

Google attempted to address concerns by expanding Privacy Sandbox capabilities in September 2024, extending interest group lifetime to 90 days and adding deal support. These enhancements couldn't overcome fundamental adoption barriers or performance limitations that plagued the technologies.

Industry investments now worthless

The announcement acknowledges contributions from developers and companies that participated in Privacy Sandbox development. "We're grateful to everyone who contributed to the design and development of the Privacy Sandbox technologies," Chavez stated, recognizing collaborative effort despite ultimate failure.

Market dynamics undermined Privacy Sandbox adoption from the start. With third-party cookies remaining available in Chrome and other tracking methods persisting, advertisers lacked incentive to invest in unproven alternatives with uncertain performance. The decision to maintain cookie support eliminated urgency for Privacy Sandbox migration.

Regulatory scrutiny intensified pressure on Google throughout Privacy Sandbox development. Competition authorities in multiple jurisdictions expressed concerns about Google's market power and potential anticompetitive effects. The CMA repeatedly highlighted competition concerns even after Google pivoted to user choice on cookies.

The retirement timeline remains unclear. Google indicated it would follow established Chrome and Android deprecation processes but provided no specific dates for disabling individual APIs. Developers currently using these technologies await detailed sunset schedules to plan migrations away from soon-to-be-obsolete code.

For technologies like Related Website Sets, which allowed organizations to designate relationships between their various web properties, the retirement eliminates functionality some businesses found useful despite limited overall adoption. The decision suggests Google applied a strict threshold for continuation based on usage metrics.

SDK Runtime retirement affects Android developers who implemented Privacy Sandbox solutions in mobile applications. This technology enabled privacy-preserving data collection within apps, but mobile implementation faced challenges similar to browser-based APIs that prevented widespread adoption.

IP Protection, designed to prevent cross-site tracking through IP address observation, will cease development. This technology aimed to mask user IP addresses when browsing, adding privacy protection beyond cookie restrictions. Its elimination indicates that even fundamental privacy enhancements couldn't justify continued investment without sufficient usage.

The announcement commits to maintaining developer choice and user protection as core principles in future work. This positioning suggests subsequent privacy initiatives will emphasize flexibility rather than prescriptive solutions, potentially addressing criticism that Privacy Sandbox technologies proved too restrictive or complex for practical implementation.

Chrome will continue collaborating with stakeholders through industry forums, trade organizations, W3C, and GitHub for developing platform technologies. This multi-channel approach aims to ensure broader input and consensus on future privacy solutions that avoid Privacy Sandbox's failures.

The aftermath

The gap between retiring current technologies and deploying an interoperable Attribution standard creates uncertainty about interim measurement capabilities. Advertisers and publishers face questions about what tools will be available during the transition period as deprecated APIs are removed but replacements remain unavailable.

Industry reaction to previous Privacy Sandbox decisions proved mixed. When Google announced in July 2024 that it would maintain third-party cookies, Mathieu Roche, Co-founder & CEO at ID5.io, called it "the worst possible season finale for this very disappointing show" after five years of false starts and real investments by companies in Privacy Sandbox solutions.

The retirement announcement likely intensifies that disappointment. Companies that built businesses around Privacy Sandbox technologies now face obsolescence. Ad tech platforms that invested engineering resources in implementing these APIs must write off that work as the underlying technologies disappear.

Google's stated focus on "highest value features that help improve the web across the board" suggests a return to more modest ambitions. Rather than attempting comprehensive cookie replacement, the company may pursue targeted improvements addressing specific pain points that gain consensus support.

The announcement reflects broader tensions around privacy, utility, and standardization in digital advertising. Google's attempt to unilaterally define privacy-preserving advertising technologies through Chrome-specific APIs failed to gain ecosystem acceptance. Whether collaborative standards development through W3C processes produces better outcomes remains to be tested.

For the digital advertising industry, the Privacy Sandbox retirement closes a tumultuous chapter. Years of uncertainty, testing, and preparation for a cookieless future led to maintenance of the status quo. The failure demonstrates that technical solutions alone cannot resolve fundamental conflicts between privacy protection and advertising functionality when market participants lack incentive to adopt them.

The technologies being retired represented Google's most ambitious attempt to reshape digital advertising infrastructure. Attribution Reporting aimed to solve measurement, Protected Audience targeted remarketing, Topics addressed interest-based targeting, and supporting technologies like Private Aggregation and Shared Storage provided infrastructure. All proved insufficient for their intended purposes.

Performance degradation remained insurmountable across testing. Publishers couldn't maintain revenue levels, advertisers couldn't achieve comparable campaign results, and latency issues created technical barriers. The privacy-utility tradeoff that Privacy Sandbox attempted to navigate ultimately tilted too far toward privacy at the expense of functionality advertisers required.

Google's response to IAB Tech Lab criticism in February 2024 defended Privacy Sandbox as not attempting one-to-one cookie replacement but rather seeking privacy-preserving alternatives. That defense now rings hollow as Google abandons the very technologies it championed.

The retirement validates concerns that smaller ad tech companies expressed throughout Privacy Sandbox development. Without the resources to adapt to constantly shifting APIs and uncertain performance outcomes, these companies largely avoided implementation. Their caution proved prescient as the technologies now face elimination.

The only Privacy Sandbox technologies surviving are those that gained adoption beyond Google's ecosystem. CHIPS and FedCM attracted support from other browser manufacturers and served clear use cases without the performance penalties that plagued advertising-specific APIs. Their survival demonstrates that cross-browser consensus and proven utility matter more than Google's preferences.

Timeline

• February 2022: Google publishes Privacy Sandbox timeline detailing milestones for phasing out third-party cookies
• February 2024: IAB Tech Lab releases analysis identifying severe Privacy Sandbox limitations
• February 2024: Google responds to IAB report, challenging findings while defending Privacy Sandbox features
• July 2024: Google announces user choice approach, delaying third-party cookie deprecation
• September 2024: Google expands Privacy Sandbox capabilities with 90-day interest groups and deal support
• April 17, 2025: Department of Justice finds Google is a monopoly in AdTech case
• April 22, 2025: Google announces it will keep third-party cookies in Chrome permanently
• May 2025: Google Q1 report reveals stakeholders paused API testing
• June 2025: CMA reveals 30% publisher revenue decline in Privacy Sandbox testing
• October 17, 2025: Google announces retirement of nine Privacy Sandbox technologies

Summary

Who: Google, through VP of Privacy Sandbox Anthony Chavez, announced the decision affecting developers, advertisers, publishers, and users of Chrome browser and Android platforms globally.

What: Google will retire Attribution Reporting API (conversion measurement), IP Protection (IP masking), On-Device Personalization, Private Aggregation (privacy-preserving analytics), Protected Audience (remarketing auctions), Protected App Signals (mobile remarketing), Related Website Sets (cross-domain relationships), SelectURL (content selection), SDK Runtime (isolated ad SDK execution), and Topics (interest-based targeting) due to low adoption rates. The company will maintain only CHIPS (partitioned cookies), FedCM (federated identity), and Private State Tokens (anti-fraud) while pursuing an interoperable Attribution standard through W3C.

When: The announcement occurred on October 17, 2025, following years of development, testing that revealed severe performance problems, and Google's April 2025 decision to maintain third-party cookie support in Chrome. Specific retirement timelines for individual APIs will follow Chrome and Android deprecation processes.

Where: The changes affect Chrome browser implementations globally and Android operating system integrations across all markets. The retirement impacts both web-based and mobile advertising technologies worldwide.

Why: Google cited low adoption rates and ecosystem feedback emphasizing need for scaled measurement solutions rather than Chrome-specific technologies. Testing revealed publisher revenue declined 30% using Privacy Sandbox tools, while competitive concerns, technical complexity, latency issues up to 200%, and lack of industry confidence prevented widespread adoption. The decision acknowledges that Privacy Sandbox failed to deliver sufficient value to justify continued development, with third-party testing showing advertiser spend declines of 42-67% compared to cookie-based approaches.