So FLoC trials are delayed in Europe thanks to GDPR. Now what?

By Seb Joseph

Marketers are showing signs of strain but not panic as the initial furor over the delayed test of Google’s cookie alternative in Europe settles.

Most industry execs have been through these setbacks before. They know that each time the strain is different — and that each time companies adapt and bounce back. Even so, the uncertainty ripping through the online industry is daunting. As ever, Google’s protracted pivot to privacy remains a byzantine maze of conflicted emotions.

Here’s a primer to explain how what has happened, who it impacts, and how it’s all likely to net out over the coming months.

First things first. Get me up to speed on what the delay means.

Marketers across Europe who were planning to test-drive Google’s FLoC (or Federated Learning of Cohorts) will have to wait a little longer over the coming weeks. Google’s proposal for privacy-friendly targeting can’t be tested until it’s compliant with Europe’s privacy laws, as Adexchanger first reported. For now, Google will not make FLoC available for testing in countries where the General Data Protection Regulation and ePrivacy Directive are in place i.e the most complex markets in terms of privacy regulations. And from Google’s perspective, that might be a blessing in disguise — even if it does mean it’s on two different timetables for Europe and the rest of the world.

Will it stay this way for long?

Not if Google has anything to do with it. Chrome product manager Marshall Vale explained in a tweet that “we are starting this FLoC origin trial for users in the US and select other countries, and we expect to make FLoC available for testing worldwide at a later date.”

Still, Google product managers aren’t Google privacy lawyers and this is an issue only the latter can resolve.

And this is where it gets tricky.

The way FLoCs work without personal data is abstract at best. Technically, there’s nothing that would constitute personal data in FLoCs; no IDs, audience names or memberships are contained or subsequently shared from them. But it’s not the process a privacy lawyer would be wary of — it’s the product. In fact, it could be argued that the targeting options made available to advertisers via FLoCs could be perceived as too personal to the end-user. In the end, the delay will come down to how quickly privacy lawyers understand how FLoCs work — something that could take a while if the time it took them to get their head around cookie matching is any estimation.

In layman’s terms, FLoCs can be built to be privacy-preserving so that no identifiers are exchanged between ad businesses using it for ad targeting; anything personal stays on the system of the respective user of the browser. Put another way: it’s the AI that’s trained to sort someone’s personal data into a specific FLoC that gets shared, not the data itself. That model is then shaken together with other models from other browsers centrally to create a cohort that’s shared back with the person’s browser.