Andre Kempe,


Admiral Media,

May 24, 2022

What is Android Privacy Sandbox? A marketers’ guide

The last few years have seen an overhaul of the ad tracking system. We first witnessed this shift with the iOS14 from Apple in April 2021. While Android has been slower to make the move to full data privacy, Android product management VP Anthony Chavez announced that Android will be “introducing new, more private advertising solutions” in February of this year. The introduction of the Android Sandbox will restrict advertisers’ access to user data, thus shifting how app owners run their marketing campaigns. With more than two-thirds of the world using Android, it’s essential for marketers to come to terms with these new changes, and fast! So, let’s take a deep dive into how the Android Privacy Sandbox works and how exactly it will affect mobile advertisers.

How Android Privacy Sandbox works

To put it simply, Sandbox is a term that describes a special environment on Android devices. In the physical world, there are sandboxes where children can safely play, with some boundaries and rules. Similarly, in the online world, the sandbox is a place where programs can run securely and cannot access parts of your device that they aren’t supposed to. The Android operating system uses namespaces to isolate apps from each other and protect all apps from malicious software. But what does this mean for app users? It means that when you download a new app, it will be running securely. In its own namespace inside the sandbox.  Within the Android Privacy Sandbox, each app runs in its own process, with its own instance of the Dalvik virtual machine. Dalvik has a “multitasking” feature that allows multiple virtual machines to run at once. But each instance of Dalvik must be running a different code. It’s important to note that there are two types of sandboxes: public and private. While every mobile application runs in its own private sandbox regardless of whether it’s an Android or an iOS app. Apple devices do not use “sandbox” terminology, but they also use similar processes.  Multiple applications share public sandboxes. So they run within their own dedicated process space with limited permissions on the phone file system. As such, public sandboxes enhance security even further. Because they add another layer of protection between you and malicious actors inside your castle walls! We understand that’s a lot to take in. So we can pretty much break down Android’s Sandbox into two central objectives.

Two central objectives of Android Privacy Sandbox

  • Apps are essentially separated into different processes and isolated from each other and the operating system.
  • Apps cannot access each other’s data or the operating system. For example, an app on your phone cannot directly access another app’s database or read another app’s files without explicit permission from that app.

Now that we have a grasp on how Android’s Sandbox works, let’s look a little closer into how this will impact mobile advertising.

How does it affect mobile advertising?

What separates Android from Apple in their data privacy initiatives. That Android aims to create an equal system for both users and advertisers.In his blog post to announce the initiative, Product Management VP Chavez assured that advertisers won’t be entirely restricted from user data, saying “Our goal with the Privacy Sandbox on Android is to develop effective and privacy-enhancing advertising solutions, where users know their information is protected, and developers and businesses have the tools to succeed on mobile.”  Unlike Apple’s SKAdNetwork, Google plans to gather feedback from the mobile advertising industry to build its Android Sandbox. For instance, Android is already assisting advertisers with their Attribution Reporting API, which enables web-to-app conversion measurement – an advancement from Apple’s SKAdNetwork, which doesn’t offer this capability.  The other good news for marketers is that these changes aren’t intended to be implemented for at least two years according to Chavez. It does, however, mean that marketers need to start thinking about how to stay ahead of this change and get ready for when it happens. You might be asking yourself how exactly these changes affect mobile advertising. The short answer is this: we don’t know exactly. Advertisers will certainly notice a change in performance as a result of Android 4.4’s new trust model.  However, that change shouldn’t be too overwhelming, thanks to some development features from Android. For example, third-party ad networks should have no problem reading identifiers for advertising (IDFA) for users who have opted out of personalized ads with Limit Ad Tracking enabled on their devices (LAT). Instead of cookie tracking, which is a more invasive form of ad tracking, Android’s Sandbox uses “Topics” as a replacement tool.

About ” Topics”

As explained by Google“With Topics, your browser determines a handful of topics, like “Fitness” or “Travel & Transportation,” that represent your top interests for that week based on your browsing history. Topics are there for only three weeks and they delete old topics. Topics are selected entirely on your device without involving any external servers, including Google servers.” These “Topics” are just one of Google’s initiatives to carry on strong relationships with developers and advertisers. Google has also pledged to carry on with its current ad system for two more years. Allowing stakeholders a fair amount of time to adjust to these changes.  However, it’s not all smooth sailing for advertisers. The removal of Android IDs will still be a significant hit to advertising efforts. There will be no way to identify users. Install attribution will only be possible for Google-partnered apps. Being able to track installs and attribute them appropriately is critical for apps working with ad networks.

Main challenges advertisers may face as a result of Android Privacy Sandbox 

  • Potential for less revenue. It’s hard to measure how much more money you could be making without a tightened sandbox. But it’s an almost sure thing to say revenue will be impacted.
  • Less access to tracking data. Because you can no longer rely on fingerprinting. The process of collecting aggregate data from an individual’s device and using it to build a profile – the amount of data available for targeted marketing will decrease.
  • More difficulty targeting users. If publishers choose not to ask for permissions, they may lose out on certain valuable data points about visitors. However, if they do ask for permission, some visitors may decide not to share their data as frequently. Some studies suggest that only 2 percent of app users allow access when prompted. As with any change to your traffic metrics, it’s important to understand what the ramifications are before diving into new tactics like prompt-based marketing.


Both Apple and Google’s recent developments suggest that device ID’s no longer have a place in the future of data. A strong focus on earned and owned programs, along with contextual advertising, will help advertisers retain their targeting accuracy. Android’s open-source nature and its absence of constraint in terms of programming constitute an outlet for the endless imagination of technology developers. It’s time now to utilize this imagination and think outside the (Sand)box.

Join +3.000 app marketers and beat your competitors