Google Privacy Sandbox is currently a set of proposals for different APIs. When implemented together, they’ll provide anonymous browsing and behavioral targeting capabilities. Each API has its objective. TURTLEDOVE is one of the proposals from google that can make retargeting possible after the third-party cookie is phased out. Let’s dive right into it.
Table of Contents
A Brief About the APIs
What are the different API proposals under the Privacy Sandbox project? There are dozens of them! We have already discussed them in detail in our previous post, here’s a quick refresher:
- Trust Token API: It’ll assign a trust value to the user to differentiate between a human and a bot.
- Aggregated Reporting API: It’ll be used for reporting impressions, views, reach, etc.
- Conversion Measurement API: This API will track the conversions.
- Privacy Budget: It’ll limit the amount of data that a site can collect from the user.
- Federated Learning of Cohorts (FLoCs): It’ll classify the user as a member of predetermined interest-based groups (say, car enthusiasts, gamers, golfers, etc.) based on browsing activity.
- TURTLEDOVE: It’ll help advertisers to retarget the users based on the predetermined conditions (say, visited a product page, added a product to cart, etc.).
What is TURTLEDOVE?
The full form for TURTLEDOVE is Two Uncorrelated Requests, Then Locally-Executed Decision On Victory. It describes the working mechanism of the API. It becomes clear when we dissect the name:
Two Uncorrelated Requests
The auction takes place with the help of two uncorrelated requests sent during the ad delivery process. One is a contextual ad request whereas the other is an interest group-based ad request. We’ll discuss them in detail when we’ll understand the process step-by-step.
Then Locally-Executed Decision On Victory
The auction will take place on the client-side (hence the term, locally-executed) b/w the aforementioned ads (contextual and interest group-based ads). The browser will decide the winning ad and deliver its creative.
How does TURTLEDOVE work?
Google has explained one of the ways to use TURTLEDOVE for retargeting. Let’s understand it one step at a time.
- When a user visits a page, the website can create interest groups and add the user to any of the interest groups — based on the activity.
Let’s assume that a user visited www.wereallylikeshoes.com because she wanted to buy shoes. She went to the footwear section and selected the “Athletic Shoes” category. The user browsed through the shoes but didn’t make the purchase. The advertiser, www.wereallylikeshoes.com, understood the user’s interest and intention to buy athletic shoes. So, www.wereallylikeshoes.com decides to show its athletic shoe ads to the user. It added the user to the newly created interest group — “athletic-shoes” so that she can be targeted later. All the users who show similar behavior (i.e., visited athletic shoes but didn’t buy) are added to this group.
The group can be as broad as “WeReallyLikeShoes-shopper” and as specific as “WeReallyLikeShoes-item-00123-viewer” or “WeReallyLikeShoes-cart-abandoner”, etc. In our case, it’s “athletic-shoes”.
- The advertiser (www.wereallylikeshoes.com) can also declare the ad networks that can access this information. In the example, ‘first-ad-network.com’ and ‘second-ad-network.com’ can read the information about the interest group for 30 days.
The advertiser cannot show the ads by itself. It works with multiple ad networks to show its ads to users across the web. So, it wants the ad networks to show the athletic shoe ads to the users who were added to the “athletic-shoes” group in the last step. But, how will the ad networks know that who’s in the group? This is why the advertiser permits the ad networks to read the groups. Also, the last line in the script says that the user will be a member of the group only for 30 days. It is so because the advertiser doesn’t want to retarget the users forever, that’s why it has put the 30-day limit to the membership.
- When the user visits an ad-supported site (let’s call it “healthyrunners.com”) regularly* and the browser finds out that the site also uses ‘first-ad-network.com’ to monetize its traffic, it contacts the ad network and asks for ads targeted to the “athletic-shoes” group.
Wait. Why would the browser just contact the ad network asking for a retargeting ad? Well, the browser knows that the ad network ‘first-ad-network.com’ has been given permission (by the retail shoe site) to the interest group aka retargeting group and it assumed that the network would have a retargeting ad.
*The ad response from the network will be cached for only a limited time, that’s why the browser wants to make sure that the user comes across the ad network regularly.
- The ad network responds with the location of the web bundle that holds the ad. The response also has caching instructions, frequency cap, auction signals, etc.
It includes a decision logic URL that’ll help in determining the winner in the auction that’ll happen later. Until then, all this info will remain saved in the browser.
That’s right. The ad network will send the retargeting ad to the browser but the browser won’t display it now. It’ll wait for an opportunity to get another contextual ad from the same ad network (explained in the next step)
In the response, the ‘ad-cbor-url’ field contains the location of the web bundle that has the ad. The ‘auction-signals’ field gives the bid value for different scenarios. The ‘decision-logic-url’ will fetch a script that’ll tell how the winner has to be decided.
Here’s an example of fetched script:
- When the user visits the site (healthyrunners.com) again, the script on the page sends a request to the ad network ‘first-ad-network.com’ for a contextual ad. Remember, the site is connected to the ad network to monetize its traffic.
Other information like page URL, ad location, ad size, etc, is also sent along with it. The ad network now responds with the contextual ad and a request to conduct an auction between the contextual and the previously fetched interest group ad.
By requesting an auction, the ad network gets the chance to display its retargeting ad for the group. If the contextual ad loses the auction, the user will see the interest-based ad. So, retargeting is done. .
- The browser will decide the winner by comparing the bid value and conducting the auction as per the design logic (decision logic will be fetched from the decision logic URL). In our case, the bids for both the ads are compared, the interest group ad is rendered because it has a higher value of 250 (250 > 107).
There are two additional proposals to make google TURTLEDOVE more private. These two proposals are Willful IP Blindness and Opaque iFrames.
Willful IP Blindness
The Willful IP Blindness proposal talks about masking the user’s IP so that no ad tech providers can identify the user through correlation. An IP address can reveal a user’s location and correlating it with other data points can help in building the user’s profile. In other words, the IP address itself is a unique identifier. So, masking the IP can prevent the problem.
As the ads are supposed to target groups, they’ll know the user’s interests. Once rendered, the ads can also know what’s on the page, what’s there in other windows of the browser, it can also send pieces of information from one page to the other, etc. To prevent the information exchange with the surrounding page, the proposal suggests rendering the ad in an opaque environment.
Additionally, the ad will be delivered in a web bundle, rendering happens entirely locally, the iframe wouldn’t allow additional network activity until it is clicked. In this way, the user data can be prevented from reaching bad actors in the outside environment.
TURTLEDOVE vs FLoC
If you get an overview of the different proposals under Privacy Sandbox, there are chances that you develop a misunderstanding between FLoCs and TURTLEDOVE. It is because both of them deal with targeting a group of users and the grouping is based on their interests. Understand and remember these basic differences to avoid any confusions:
- FLoC is for targeting users based on interest groups created by the browser whereas TURTLEDOVE is for targeting users based on interest (or retargeting) groups created by the advertiser. So, FLoCs is for targeting and TURTLEDOVE is for retargeting.
- FLoC based groups are broad (say, non-fiction readers) whereas TURTLEDOVE groups can be very narrow (say, users who abandoned the cart while checking out with 7 Habits of Highly Effective People).
- FLoCs are based on browsing activity but TURTLEDOVE groups are based on specific actions performed by the user on the advertiser’s site.
How would Privacy Sandbox replace the third-party cookie?
The cookie will be replaced with a new algorithm that analyses the user’s behavior, preferences, habits, etc. It’ll place the user in the cohorts that hold other people with the same behavior. So, the users in the same cohorts (or FLoCs) will see similar ads.
Privacy Sandbox is in its development stage, which means you can expect changes in the proposals. Not every proposal has to be accepted and there can be multiple ways for achieving the objectives of the Privacy Sandbox. For instance,
What are the alternatives for the TURTLEDOVE proposal?
Criteo has proposed SPARROW as an alternative to google TURTLEDOVE. Google itself gave another proposal called PIGIN before coming up with TURTLEDOVE.
So, expect more such developments in the future. We suggest you subscribe to our AdTech Weekly Newsletter for Publishers so that you are not missing any updates. Also, we’ll keep this article updated with every new development related to TURTLEDOVE.