Last update: May 2021

5 mins to read - 2021/05/12

Google to Replace Cookies With FLoCs by 2022 for Greater Data Privacy

More and more device users are becoming aware of the enormous potential of their personal data. They have seen the repercussions when their data privacy is abused, and they have seen how tech giants like Facebook are exploiting that data to make billions. It’s clear that the old business model of harvesting user data without their consent in 3rd-party cloud servers is no longer sustainable. Apple’s new App Tracking Transparency (ATT) feature has completely changed the nature of targeted ads, while updates in COPPA and GDPR-K are redefining local regulations to better protect children’s data. Meanwhile, Google has announced Privacy Sandbox, their approach to phase out all 3rd-party cookies on their Google Chrome browser by 2022. This new approach – seeking a happy medium between targeted ads and data privacy – leans heavily on its Federated Learning of Cohorts (FLoC) function.

Download OpenBack’s whitepaper outlining our unique approach to data privacy and regulation compliance:

google flocs data privacy

What Is FLoC?

Google has taken a somewhat different approach to data privacy than Apple’s ATT. Whereas ATT disallows data tracking entirely (on Apple devices, at least) unless the user opts-in, Privacy Sandbox still allows data tracking… but through Federated Learning of Cohorts (FLoC). That is, on Chrome, advertisers will be able to track groups of users with the same interests, rather than individuals. This concept has been in the works for over a year, and Google claim that utilizing their FLoC function is nearly as effective as tracking individual users with 3rd-party cookies. In fact, Google claims:

“Our tests of FLoC to reach in-market and affinity Google Audiences show that advertisers can expect to see at least 95% of the conversions per dollar spent when compared to cookie-based advertising.”

Essentially, rather than Apple’s approach of effectively dynamiting the targeted advertising industry, Google is seeking a compromise that’s acceptable for everyone involved. They state:

“Technology advancements such as FLoC, along with similar promising efforts in areas like measurement, fraud protection and anti-fingerprinting, are the future of web advertising — and the Privacy Sandbox will power our web products in a post-third-party cookie world.”

Moreover, Google’s Privacy Sandbox will include features that allow marketers and advertisers to track the success of their campaigns with FLoCs.

How Does FLoC Protect Users’ Data Privacy?

Essentially, by presenting user data alongside the identical data of thousands or millions of other users, Google seeks to mask users through anonymity. As they put it,

“by clustering large groups of people with similar interests. This approach effectively hides individuals “in the crowd” and uses on-device processing to keep a person’s web history private on the browser.”

The user cohorts will be generated by algorithms, and users will be placed in a different one each week, to make it harder for 3rd parties to identify them. So advertisers will still be able to monetize your data, but it will neutralize the more invasive tactics, such as fingerprinting, that give a detailed profile of your interests, browsing history, and behavior.

FLoC is only one element of Privacy Sandbox. Google has an entire list of elements – many of them with birds’ names – that will handle a different aspect of user privacy, including:

  • Aggregate reporting API
  • IP blindness
  • Conversion measurement API
  • Trust token API
  • Tracking prevention policy
  • And more…

Are FLoCs Compliant With Local Data Privacy Regulations?

Interestingly, it’s likely that FLoCs will only affect a small percentage of children users, as studies show children tend to use mobile devices rather than PCs. And since FLoCs are only replacing cookies on the Chrome browser (for now) children’s data privacy is still at risk.

In fact, there is still uncertainty about whether FLoCs – which provide a similar service to trackers, only anonymized – are compliant with COPPA and HIPAA. And Google has already announced that it won’t be testing FLoCs in Europe, due to worries that it isn’t compliant with GDPR. (GDPR is famously more strict on than any of its American counterparts: COPPA, HIPAA, and CCPA.)

However, the language of COPPA designates that apps and websites need to obtain consent from the parents of child users before collecting and processing the personal data of minors. Google’s FLoCs will not be conveying user data to be processed elsewhere – it will all be leveraged device-side. Because of this, and because they seem to be the least disruptive option in a digital age that is moving away from invasive tracking techniques, it’s likely that the FTC will come down in favor of Privacy Sandbox and its various elements as being HIPAA and COPPA compliant.

What Does OpenBack Have in Common With FLoCs?

OpenBack has been using device-side data processing since our inception in 2015. (Not to steal Google’s thunder…) With our patented hybrid mobile engagement platform, we use edge computing and machine learning to process user data directly on the device. Unlike traditional push technology, with OpenBack developers don’t have to send users’ private data in the form of push tokens to 3rd-party cloud servers (whether Apple’s APNS or Android’s Firebase).

Our device-side mode means we are the only push notification provider in the industry that is compliant with HIPAA, COPPA, and GDPR (among other regulations) by default. This makes OpenBack the #1 choice for children’s apps, whether they be educational, streaming, or mobile games, as well as all apps in the healthcare sector that handle sensitive health information of patients.

Moving forward, in the new age of FLoCs, ATT, and ethical data leverage, many apps may find themselves unsure of what they need to do to stay on the right side of local regulations. With OpenBack, you can rest assured that your push notifications – and any app monetization stemming from mobile marketing – will be entirely regulation compliant. To learn more about how to get started with OpenBack, get in touch with one of our experts for a free demo.


Leave a Reply

Your email address will not be published.

one × 1 =

Download our FREE Mobile Marketing Playbook to perfect your user engagement game!


Translate »