Privacy Sandbox, SDK Sandbox, Ad Services

Keep an eye out for this in Android 14.

If any aspect of Privacy Sandbox / SDK Sandbox / Ad Services has any negative impact on user privacy or security, ensure that either that aspect or the entire feature is removed, disabled, or otherwise blocked, whether it be by default or always.

As of this writing (Android 13), there is no impact to CalyxOS users. Privacy Sandbox is only gradually rolling out to stock devices (see The Privacy Sandbox Beta is coming to Android - Google Blog) via mainline module updates. Regardless, we must make sure this is true in Android 14 as well.

What we know now

(Stub section, other devs feel free to edit)

• In preparation for this feature, parts of Android already add Sandbox SDK UIDs any time they interact with other UIDs. For example, the Network Policy Manager Service does so when setting firewall rules. This has no functional impact right now, but something we could do now is look for such instances and catalog them and/or start to adjust the behavior now, such as to not grant network access or other permissions to such UIDs. However, as also mentioned below, it's not clear what impact this would have on involved apps.

What we don't know

(Or at least, what I don't know!)

• What apps or kinds of apps will depend on Privacy Sandbox?
• How will an app behave if Privacy Sandbox is not available? Will it even run?