It’ll all be different now that the U.K.’s antitrust authority has come to the rescue. At least, that’s what James Rosewell, CEO and co-founder of 51Degrees, a small ad tech fish in a Google-dominated pond, hopes will happen now that the country’s competition oversight agency is expected to play a role in the process Google has guided in developing cookieless tracking and targeting tech. The Worldwide Web Consortium — an international web standards body also known as the W3C — is hosting the Privacy Sandbox initiative to develop methods for tracking, ad targeting and measurement to replace third-party cookie-based approaches. But Google is driving the initiative, which it developed in connection to its now-delayed plans to disable third-party cookies in its much-used Chrome browser. And ad tech providers like Rosewell feel like Google’s involvement has unfairly tipped the Privacy Sandbox process in the digital ad giant’s control.
The balance of power could shift, though. The U.K.’s Competition and Markets Authority has investigated the competitive implications of Google’s Privacy Sandbox proposals, and on June 11, the government regulator announced Google had agreed to facilitate the CMA’s participation in the initiative. The CMA’s involvement could make the Privacy Sandbox process more equitable, according to Rosewell, who also leads a small advocacy group of “just shy of 20” unnamed members called Marketers for an Open Web.
“The CMA has power over Google,” said Rosewell. On behalf of Marketers for an Open Web, he has lobbied the government agency to take a more aggressive part in overseeing the way Google is remolding the technical underpinnings of how firms like his gather and use data for advertising. “The CMA’s involvement changes the dynamic of Google’s engagement with the rest of the industry including the W3C,” Rosewell told Digiday, adding that the agency “can be there and just call foul, and give in the red card, using soccer terminology.”
‘A substantial investment’The CMA could end its investigation of the company if it approves Google’s commitments to be more transparent, open and fair in its Privacy Sandbox efforts. For that reason, Google’s decision announced on June 24 to extend its deadline for killing off the third-party cookies was driven in part by pressure from the government agency. According to the CMA’s analysis of Google’s Privacy Sandbox, “Some market participants have claimed that Google’s engagement with stakeholders, through the W3C, has been limited and of a very technical nature, which limits the potential for participation and examination of Google’s proposals by third parties.”
Government welcome in W3C, but some question their involvement
Still, the CMA has yet to dispatch any diplomats to the W3C group developing Privacy Sandbox tech, according to Wendy Seltzer, strategy lead and counsel at the W3C. For now, as the CMA assesses Google’s promises, it has welcomed input from interested parties on how to be involved in the W3C process.
The W3C is not a governmental body, though it has ties to governments around the world. Its primary mission is to serve as an international community of member organizations, full-time staff and “the public.” And Seltzer said, “W3C welcomes participation from government entities and agencies, as users of standards, public stakeholders in their outcome and reviewers.” However, there’s no indication that the W3C would give the CMA — a singular government agency — some sort of special influence in final decisions about Privacy Sandbox tech.
There are examples of government involvement in past W3C standards development, though. Both the U.S. Federal Trade Commission and the Europe’s independent privacy body — the Article 29 Working Party — took part in the fraught development of Do Not Track tech standards, for instance. But for now, there do not appear to be any government-affiliated members of the W3C group overseeing the Privacy Sandbox efforts, the Improving Web Advertising Business Group.
W3C does have some governments and government agencies as members representing the U.K., U.S., China and other countries. The U.K.’s government — listed as “HM Government,” as in “Her Majesty’s” — is on the list, along with several U.S. agency websites. The consortium also gets funding from government bodies including the European Commission and the U.S. Department of Health and Human Services.
But the involvement of the CMA in the W3C — which does not allow for public meetings, for instance — could be scrutinized by open-government advocates. One privacy technologist who spoke on condition of anonymity said the fact that W3C meetings exclude non-members, with only meeting minutes provided for public use afterward, is problematic. This person said that, if the CMA gets involved in the W3C’s Privacy Sandbox process as part of its Google oversight, the consortium’s process should be a public one because “taxpayers fund your salary, and you are attending meetings with corporate interests and where policy is made.”