News

Chrome and Android will discontinue the use of many technologies created by the Privacy Sandbox project

By
Chrome and Android will stop using many technologies created by the Privacy Sandbox project.

I’ll be honest: I wanted the Privacy Sandbox story to end with a neat bow. Less tracking, workable ad tech, happier users. Instead, we’ve landed somewhere messier—and very human: plans changed, adoption lagged, and Google is cutting its losses.

On October 17, 2025, Google quietly announced it will retire most Privacy Sandbox technologies across Chrome and Android and keep only a short list of widely adopted pieces. It also signaled a pivot toward a browser-agnostic attribution standard being explored at the W3C.

The headline

  • Most Sandbox APIs are being phased out. That includes Topics, Protected Audience, Shared Storage (and Select URL), Private Aggregation, Attribution Reporting (both Chrome and Android), IP Protection, Related Website Sets (plus requestStorageAccessFor and Related Website Partition), Protected App Signals, SDK Runtime, On-Device Personalization, and more. Google says it will follow the normal Chrome/Android deprecation processes and update developer docs as it proceeds.
  • What stays:
    • FedCM (Federated Credential Management) for privacy-respecting sign-in flows
    • CHIPS (Partitioned cookies) for safer third-party embeds
    • Private State Tokens to help distinguish bots from humans without cross-site identifiers
      These are the pieces that earned traction beyond Chrome, so Google will maintain them.
  • Measurement pivot: Rather than push its own Attribution Reporting API, Google says it will focus on an interoperable “Private Attribution” standard through the W3C’s Private Advertising Technology Working Group.

If you’re thinking “didn’t Google already pause the cookie plan?”—yes. Back in April 2025, Google confirmed it would maintain third-party cookies rather than block them by default in Chrome, after years of delays and industry pushback. The Sandbox rollback is the second shoe to drop.

Reading between the lines: low adoption and lukewarm ecosystem value are the likely reasons for the reversals. Many APIs just didn’t see the uptake needed to justify shipping, especially once cookie deprecation fell off the near-term roadmap. With the CMA/antitrust glare and a fragmented ad stack, the path of “Chrome-only replacements” became a tough sell. Google’s own status page now labels a raft of Sandbox features “scheduled for phase-out.”

What’s being retired

  • Topics API (and earlier FLoC): Topic inference for interest-based ads without cross-site IDs.
  • Protected Audience (a.k.a. FLEDGE): On-device auctions for remarketing.
  • Shared Storage + SelectURL & Private Aggregation: Cross-site aggregation and decisions without leaking raw data.
  • Attribution Reporting (Chrome & Android): Privacy-preserving conversion measurement. Retiring in favor of W3C Private Attribution work.
  • IP Protection: Proxying page loads to hide user IPs.
  • Related Website Sets (+ requestStorageAccessFor & Related Website Partition): First-party groups with limited cross-site access.
  • Protected App Signals (Android), SDK Runtime (Android), On-Device Personalization (Android): Ad-relevant app telemetry isolation/personalization.

What survives

  • FedCM: Lets you sign in with an identity provider without spraying cross-site identifiers; improves UX and privacy.
  • CHIPS: Keeps third-party cookies partitioned per top-level site (think: an embedded widget that can’t follow you across sites).
  • Private State Tokens: A privacy-preserving way to convey “this is likely a human, not a bot” across contexts.

These are pragmatic wins: they reduce abuse and improve identity flows without requiring the whole ad ecosystem to move in lockstep.

What this means for you

If you’re an advertiser or agency:

  • Short term: Keep your cookie-based conversion tracking and remarketing setups; nothing is forcibly breaking this year because of Sandbox. But watch regulatory/UA-blocking headwinds and keep your first-party data house in order.
  • Medium term: Track and test the W3C Private Attribution work; prioritize solutions that are interoperable across browsers, not Chrome-only.

If you’re a publisher:

  • Lean into first-party IDs and server-side tagging. Use CHIPS-friendly embeds and explore FedCM for sign-in flows that don’t leak identifiers across sites.

If you build for the web:

  • Expect some API removals and console deprecation notices as features roll off. Audit code for Attribution Reporting, Shared Storage, Topics, Protected Audience, etc., and plan fallbacks. Google says it will post timeline updates on the developer site.

If you build Android apps:

  • If you tested Protected Audience / SDK Runtime / PAS in Privacy Sandbox on Android, plan a rollback and migrate to existing platform primitives while you evaluate where the W3C work lands.

If you’re just a person with a browser:

  • Third-party cookies aren’t going away by default, but your settings still matter. Consider stricter cookie controls, clear site data periodically, and use privacy-respecting sign-in flows when available.

I don’t think this is a surrender so much as an admission: privacy fixes have to be shared across browsers to really work. The best sign of progress will be if Private Attribution and similar standards earn support beyond Chrome—because otherwise we’ll keep cycling through one-browser experiments. In the meantime, the practical path is boring but solid: first-party data, consent, durable measurement that degrades gracefully, and fewer fragile hacks.

I wish I could tell you the web just got simpler. It didn’t. But at least the next phase is clearer—and more collaborative than it was last week.

Author

Alex is the resident editor and oversees all of the guides published. His past work and experience include Colorlib, Stack Diary, Hostvix, and working with a number of editorial publications. He has been wrangling code and publishing his findings about it since the early 2000s.

Related Posts