As consumer privacy expectations evolve and regulatory scrutiny intensifies, brands and platforms alike are rethinking how data is shared, matched, and activated. In some cases, this can open up new opportunities. One such opportunity is confidential matching, which is a technique for processing advertising data introduced for Google Ads that promises secure and verifiable collaboration across parties. This means everyone can be sure their data was only used in the way they intended. In this interview with Google’s Kamal Janardhan, Annalect’s James Aylett explores what Confidential Matching is, why it matters, and how it fits into the landscape of privacy-preserving technologies.
James Aylett: For those unfamiliar with this data processing feature, how does Google define confidential matching and why was it introduced?
Kamal Janardhan: Confidential matching is a secure data processing method for Google’s ad products. It uses specialized hardware and software to create a secure, isolated environment for connecting your first-party data for measurement and audience solutions. We introduced it because data privacy is paramount, and wanted to empower advertisers of all sizes to have greater confidence, and assurance, on how customer information is used.
JA: What guarantees does confidential matching provide? What sorts of clients will find it appealing?
KJ: Confidential matching provides three key technical guarantees. First, advertisers can encrypt their data using cryptographic keys that they control, so the data remains protected even during processing. Second, this encryption ensures that Google is completely isolated from the actual matching process. We can’t see, access, or learn anything new about the unmatched data you connect. Finally, through attestation, confidential matching offers verifiable transparency. This allows you to ensure the system is operating as intended.
Confidential matching will be particularly attractive to advertisers who have specific requirements when it comes to data security, data sovereignty, or general privacy considerations. It will also benefit organizations with heightened data governance needs.
JA: Could you elaborate on how this update offers verifiable data processing and access control? What are Trusted Execution Environments (TEEs)?
KJ: Great question. Put simply, this is a technical guarantee that the matching process operates exactly as specified, and that Google is truly isolated, confirming our compliance with your data governance policies. Think of it like a secure, isolated “safe room” within a computer’s hardware. It’s specifically designed for processing data like personal information.
In more detail, confidential matching uses Trusted Execution Environments (TEEs) to achieve the assurances I mentioned — namely verifiable data processing and access control. TEEs are a type of secure enclave — literally server hardware — that enforces strict isolation between the operator (in this case, Google) and the processing environment. And as a result it means advanced encryption can protect the data within the enclave. Importantly, advertisers can inspect the TEE’s code and obtain what is known as “cryptographic attestation” — or a receipt. Important to mention, sharing our TEE architecture and code along with a few open source examples to help others build confidential solutions.
JA: Many new technologies and protocols involve high upfront costs or specialized hardware. What is important to know when getting started with confidential matching?
KJ: We understand that adopting new technologies can sometimes be daunting, or technically prohibitive. That’s why we’ve made confidential matching integrated into Google Ads and available to customers at no additional cost. For those using Google Ads Data Manager, the matching happens within a TEE by default, requiring no additional complex implementation. In line with our privacy principles, we’re committed to making confidential computing and other complementary technologies accessible to everyone.
Additionally, brands that require a technical guarantee can encrypt their data and receive attestation from the TEE that the data will be processed exactly as specified.
JA: What future enhancements or uses of confidential computing are planned?
KJ: We see confidential matching as just the beginning. We plan to bring other applications of confidential computing across more solutions in Google over time. This includes integration into measurement solutions like enhanced conversions and Google tag gateway for advertisers.
Today, it’s already integrated by default for Customer Match lists connected with Data Manager.
JA: Are there any norms we should be looking out for as this technology comes into use in other contexts, both within and outside of Google?
KJ: Confidential computing is rapidly gaining traction across numerous industries, particularly those that handle regulated data, such as financial services, healthcare, and government.
As this becomes more prevalent, you can look for the widespread adoption of hardware-based isolation, cryptographic attestation for verification and auditing, and a broader commitment to building technical guarantees for privacy “by design” into the core of data processing systems.
JA: With privacy-enhancing technologies and now confidential computing techniques, advertising technology continues to get more complex. What are the key things that a general marketer — who doesn’t have to be hands on with the technology — needs to understand today?
KJ: The most important thing is that marketing performance and privacy go hand in hand. Advances in privacy enhancing technologies open the opportunity to integrate privacy and security directly into the core technology for marketing and unlock new ways for brands to manage and activate their data safely and securely.
This means that you, as a marketer, can continue to leverage your valuable first-party data and Google AI to effectively drive performance, with the added assurance that your customer data is being handled with the highest levels of security.