Android Privacy Sandbox


Jellyfish Insights

In 2019, Google first introduced the privacy sandbox initiative for the web in response to the announcement of the deprecation of third-party cookies in the Google Chrome browser. After the launch of the App Tracking Transparency and the SKAdNetwork on iOS in April 2021, Google has gradually taken the lead on privacy issues in the application environment:

  1. May 2021: Announcement of a new safety section in Google Play to give more transparency to users on how apps use data. 
  2. June 2021: Announcement of a new feature that allows device users to opt-out of ad tracking on Android 12. 
  3. February 2022: Android privacy sandbox initiative announcement. The current tracking methods based on Google advertising IDs won’t change for at least two years, giving the advertising market time to adapt.

In this document, we will be focusing on the major changes and impacts that Privacy Sandbox will have on Android

There are four proposals made by Google in Privacy Sandbox on Android: 

  • SDK Runtime: A new framework designed to provide a safer way for apps to integrate with third-party SDKs (An SDK or Software Development Kit is a set of software tools and programs used by app developers, more details below)
  • Attribution API: An API for measurement of ad performance without the need for user-level identifiers (GAID: Google Advertising ID).
  • Topics: Facilitates interest-based ads personalization, without relying on user-level identifiers.
  • Fledge: Allows remarketing without needing to share data with third parties.

First, it is important to point out that the proposals made by Google — as they stand — are promising. Indeed, Apple’s hasty iOS14 announcement was not accompanied by any solution or framework adapted to the advertising market in terms of measurement or targeting:

  • Measurement: The first versions of SKAN were very limited (it still is)
  • Targeting: Still no solution (and it’s likely there never will be). 

Moreover, Google has said that they are listening to industry feedback on the suggested frameworks and that any changes will not be effective until at least 2024. 

Now, let’s focus on each proposal made by the Privacy Sandbox on Android.

SDK Runtime 

Before starting, it’s important to understand what an SDK is. An SDK or Software Development Kit is a set of software tools and programs used by app developers. There are multiple types of SDK:

  • Programming SDK: Tools and functionalities to assist in the programming of the application
  • Maintenance SDK: Tools to detect and analyze app crash 
  • Marketing or advertising SDK: A wide range of tools allowing for instant audience analysis, app monetization, attribution, viewability, geolocation measurement, and so on 

When an app developer wants to implement a third-party service, such as an ad network to monetize their app, they need to implement the SDK of the ad network into the app. Currently, an SDK implemented into an app is granted the same permissions as the app itself, and in some cases, app developers don’t even know the data that third-party SDKs have access to, creating security and privacy limitations. 

The purpose of the Runtime SDK is to avoid these limitations, creating a dedicated runtime environment for third-party SDKs that can be granted permissions that differ from the app. The app developer will be able to control the data to which SDK has access. 

Attribution API

We still don’t know if Google will offer users the possibility to opt-in to ad-tracking, conserving GAID. But as the biggest ad network, Google still wants advertisers to be able to run ad campaigns and to track ad performance. That’s why Google will create an on-device solution for Android Operating System: the Attribution Reporting API. Its role is to:

  • Store impressions (views) and clicks reported by ad networks on the device 
  • Store conversion events reported by apps on the device
  • Match reported conversion events with impressions or clicks that are stored on the device 
  • Send the data out to networks/MMPs/advertisers in two reports: 


The Topics concept proposal for the Android Privacy Sandbox is very close to the Topics API for the original Privacy Sandbox on the web. The objective of Topics is to use on-device data from previous engagement with various apps which have been determined as belonging to different topics or categories in order to target users according to their usage, preferences and interests and not only based on the context. 

Google also indicates that users will be able to control and change their app usage with topics.


In mobile advertising, advertisers want to be able to retarget users based on previous engagement in the application. Currently, advertisers are using the mobile advertising ID to do so: lists of advertising IDs are shared across apps and ad networks to be able to retarget clients.

Fledge on Android will use two different APIs for ad-tech platforms and advertisers to support remarketing without needing to use a mobile advertising ID:

  • Custom audience API: Advertisers will be able to create custom audiences which represent a group of users with common intentions or engagements. All information about the audience will be stored on-device and will be associated with relevant candidate ads for the audience, thanks to bidding signals.
  • Ad selection API: A framework that orchestrates the ad-tech platform’s workflows to leverage on-device signals, allowing to determine a winning ad by considering candidate ads stored locally. 

See below : Flow chart that shows the custom audience management and ad election workflow in the Privacy Sandbox on Android.

Flow chart: Custom audience management and ad election workflow in the Android Privacy Sandbox

Basically, Fledge allows advertisers to integrate users into retargeting groups based on their interactions in the app and to allow publishers to run ad auctions by calling on-device data that contains the properties of users who belong to a custom audience. The purpose of Fledge is to allow users to be integrated into groups and for auctions to be managed on-device. 

As for Topics, Google indicates that users will have control over the custom audiences to which they belong, and which apps can group them into audiences. 

Conclusion & point of view

In conclusion, user privacy has become more important than ever as advertising has evolved over the last few years. It is not surprising to see Google moving forward with user privacy in the app environment after Apple’s announcement in 2020 and the release of iOS14.5 in 2021.

Furthermore, it is important to point out that we feel very positive regarding Privacy Sandbox for Android, especially compared to Apple’s rushed privacy announcements on iOS, which resulted in a release delayed by almost a year to give the industry time to prepare. The solutions provided by Apple even as they stand today – one year after release – are far more limited than those of Android. And this is not surprising; Google is one of the largest advertising companies in the world.

Google’s announcement was accompanied by comprehensive documentation that addresses the majority of issues faced by advertisers, so as it stands it is already robust (targeting and measurement). Moreover, it is the first version of the Privacy Sandbox on Android that won’t be released until 2024, and Google is listening to all advertising stakeholders, which is great news for the ecosystem.