Technical Report: The Need for a (Research) Sandstorm through the Privacy Sandbox

• URL: http://arxiv.org/abs/2512.03207v1
• Date: Tue, 02 Dec 2025 20:14:44 GMT
• Title: Technical Report: The Need for a (Research) Sandstorm through the Privacy Sandbox
• Authors: Yohan Beugin, Patrick McDaniel,
• Abstract summary: This report outlines our call for privacy, security, usability, and utility evaluations of Google's cross-site and cross-app tracking proposals.<n>Our efforts materialized through the creation and operation of Privacy Sandstorm.<n>Privacy Sandstorm is a research portal to systematically gather resources (overview, analyses, artifacts, etc.) about such proposals.
• Score: 4.44323557361146
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: The Privacy Sandbox, launched in 2019, is a series of proposals from Google to reduce ``cross-site and cross-app tracking while helping to keep online content and services free for all''. Over the years, Google implemented, experimented, and deprecated some of these APIs into their own products (Chrome, Android, etc.) which raised concerns about the potential of these mechanisms to fundamentally disrupt the advertising, mobile, and web ecosystems. As a result, it is paramount for researchers to understand the consequences that these new technologies, and future ones, will have on billions of users if and when deployed. In this report, we outline our call for privacy, security, usability, and utility evaluations of these APIs, our efforts materialized through the creation and operation of Privacy Sandstorm (https://privacysandstorm.github.io); a research portal to systematically gather resources (overview, analyses, artifacts, etc.) about such proposals. We find that our inventory provides a better visibility and broader perspective on the research findings in that space than what Google lets show through official channels.

Related papers

• Differentially Private Synthetic Data Release for Topics API Outputs [63.79476766779742]
  We focus on one Privacy-Preserving Ads API: the Topics API, part of Google Chrome's Privacy Sandbox.<n>We generate a differentially-private dataset that closely matches the re-identification risk properties of the real Topics API data.<n>We hope this will enable external researchers to analyze the API in-depth and replicate prior and future work on a realistic large-scale dataset.
  arXiv  Detail & Related papers  (2025-06-30T13:46:57Z)
• On the Differential Privacy and Interactivity of Privacy Sandbox Reports [78.85958224681858]
  The Privacy Sandbox initiative from Google includes APIs for enabling privacy-preserving advertising functionalities.<n>We provide an abstract model for analyzing the privacy of these APIs and show that they satisfy a formal DP guarantee.
  arXiv  Detail & Related papers  (2024-12-22T08:22:57Z)
• Exploring User Privacy Awareness on GitHub: An Empirical Study [5.822284390235265]
  GitHub provides developers with a practical way to distribute source code and collaborate on common projects. To enhance account security and privacy, GitHub allows its users to manage access permissions, review audit logs, and enable two-factor authentication. Despite the endless effort, the platform still faces various issues related to the privacy of its users.
  arXiv  Detail & Related papers  (2024-09-06T06:41:46Z)
• Unraveling Privacy Threat Modeling Complexity: Conceptual Privacy Analysis Layers [0.7918886297003017]
  Analyzing privacy threats in software products is an essential part of software development to ensure systems are privacy-respecting. We propose to use four conceptual layers (feature, ecosystem, business context, and environment) to capture this privacy complexity. These layers can be used as a frame to structure and specify the privacy analysis support in a more tangible and actionable way.
  arXiv  Detail & Related papers  (2024-08-07T06:30:20Z)
• The Privacy-Utility Trade-off in the Topics API [0.34952465649465553]
  We analyze the re-identification risks for individual Internet users and the utility provided to advertising companies by the Topics API. We provide theoretical results dependent only on the API parameters that can be readily applied to evaluate the privacy and utility implications of future API updates.
  arXiv  Detail & Related papers  (2024-06-21T17:01:23Z)
• Evaluating Google's Protected Audience Protocol [7.737740676767729]
  Google has proposed the Privacy Sandbox initiative to enable ad targeting without third-party cookies. This work focuses on analyzing linkage privacy risks for the reporting mechanisms proposed in the Protected Audience proposal.
  arXiv  Detail & Related papers  (2024-05-13T18:28:56Z)
• A Survey of Privacy-Preserving Model Explanations: Privacy Risks, Attacks, and Countermeasures [50.987594546912725]
  Despite a growing corpus of research in AI privacy and explainability, there is little attention on privacy-preserving model explanations. This article presents the first thorough survey about privacy attacks on model explanations and their countermeasures.
  arXiv  Detail & Related papers  (2024-03-31T12:44:48Z)
• An Empirical Study on Oculus Virtual Reality Applications: Security and Privacy Perspectives [46.995904896724994]
  This paper develops a security and privacy assessment tool, namely the VR-SP detector for VR apps. Using the VR-SP detector, we conduct a comprehensive empirical study on 500 popular VR apps. We find that a number of security vulnerabilities and privacy leaks widely exist in VR apps.
  arXiv  Detail & Related papers  (2024-02-21T13:53:25Z)
• Challenges and Remedies to Privacy and Security in AIGC: Exploring the Potential of Privacy Computing, Blockchain, and Beyond [17.904983070032884]
  We review the concept, classification and underlying technologies of AIGC. We discuss the privacy and security challenges faced by AIGC from multiple perspectives.
  arXiv  Detail & Related papers  (2023-06-01T07:49:22Z)
• Analysis of Longitudinal Changes in Privacy Behavior of Android Applications [79.71330613821037]
  In this paper, we examine the trends in how Android apps have changed over time with respect to privacy. We examine the adoption of HTTPS, whether apps scan the device for other installed apps, the use of permissions for privacy-sensitive data, and the use of unique identifiers. We find that privacy-related behavior has improved with time as apps continue to receive updates, and that the third-party libraries used by apps are responsible for more issues with privacy.
  arXiv  Detail & Related papers  (2021-12-28T16:21:31Z)
• Mind the GAP: Security & Privacy Risks of Contact Tracing Apps [75.7995398006171]
  Google and Apple have jointly provided an API for exposure notification in order to implement decentralized contract tracing apps using Bluetooth Low Energy. We demonstrate that in real-world scenarios the GAP design is vulnerable to (i) profiling and possibly de-anonymizing persons, and (ii) relay-based wormhole attacks that basically can generate fake contacts.
  arXiv  Detail & Related papers  (2020-06-10T16:05:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.