How Apple’s Private Relay could be the beginning of the end for fingerprinting on iOS devices
It’s been three months since Apple’s privacy safeguard arrived and ad execs are still trying to make sense of the company’s stance on tracking — or lack of one. Specifically, when it comes to fingerprinting, the much-maligned tracking technique Apple aimed the safeguard at.
As it stands, there are still instances of companies gathering data points from a person’s device so they can be tracked across apps and sites even when they have declined to do so. Recent reports from Digiday and the Financial Times are testaments to this.
And herein lies the rub for ad execs. Apple has told them fingerprinting is off-limits but doesn’t seem to be aggressively enforcing this policy. Few execs, however, believe this perceived inaction will last. Eventually, goes the thinking, Apple won’t need to enforce a policy like ATT to rid its mobile operating system of fingerprinting — it will have the technology to block it from ever happening in the first place. The reason: Private Relay.
Private Relay renders a person’s IP address useless for fingerprinting because it redirects web traffic through two separate servers. Granted, an IP address is just one of many aspects that make a fingerprint of someone’s behavior on a device — but it’s an important one.
“We view this [Private Relay] as a precursor to Apple using welcome technical solutions to break fingerprinting,” said Shumel Lais, CEO of mobile advertising intelligence business Appsumer.
That said, the current version of Private Relay won’t be much of a deterrent against fingerprinting. It only obfuscates traffic coming from the web and a tiny amount of app traffic (specifically encrypted HTTP app traffic). But app traffic is where fingerprinting is rife.
There are other loopholes in Private Relay that could be exploited. For instance, Private Relay restricts traffic apps send over an insecure web connection (HTTP). So apps that use an IP address for fingerprinting could theoretically work around this by using a secure web connection or some other transport protocol. This may lead to a “cat and mouse game” between Apple, ad tech vendors with fingerprinting solutions, and the apps integrating them, said Aaron McKee, chief technology officer at mobile ad tech vendor Blis.
Private Relay is also only for paying Apple customers for its upcoming iCloud+ service. Although it will undoubtedly cover a large number of iOS users when it launches later this year, it won’t be all of them. Of course, this could change over time in the same way the breadth of traffic obfuscated could be broadened. As Lais explained: “Overall, we’d view it [Private Relay] as them [Apple] testing the technical solutions on smaller subsets of users before rolling them to a wider audience.”
In a sense, Private Relay is posed to be the pebble in the pond that creates the ripple that turns into the third wave of privacy change around identifiers. This after the industry was hit by the first wave of device IDs, followed by cookies.
Regardless of how Private Relay will evolve, it will do so in slow motion.
“Apple needs to be careful when it uses its market position in a way that could be interpreted as either anti-competitive or too dictatorial,” said Nii Ahene, chief strategy officer at digital agency Tinuiti. “This is why there’s a gradual rollout of Apple’s privacy plan. The company communicates what it will do early, starts to have conversations behind the scenes, and then over some time the enforcement of the ATT policy starts to kick in.”
Some execs believe this enforcement could kick in soon. After all, Private Relay is the easy answer to the fingerprinting question in the future — not now.
Indeed, there are apps in the iOS App Store that use measurement and attribution tools to circumvent Apple’s guidance around tracking to varying degrees. This flies in the face of Apple’s marketing, which prides itself on giving customers choice over the companies they do and don’t want to be tracked by. Apple will only tolerate companies who flout its rules for so long before it reacts with force.
Otherwise, its customers could start to feel like their choices not to be tracked are meaningless when they click on an ATT prompt in their favorite app. It makes it hard to discount the possibility that Apple enforces its policies in a non-technical way even before the next major update to its operating system via the App Store approvals and notices of non-compliance with Apple AppStore rules.
“If I were the marketing lead for one of those companies using another measurement tool that is not complying, I would be concerned about the board-level discussion that happens when my company gets a notice of removal of my apps because I looked the other way despite Apple’s year-long guidance,” said Charles Manning, CEO of mobile attribution analytics firm Kochava.
‘Content and commerce are converging’: Kroger Precision Marketing svp Cara Pratt on evolution of retail media, new offering
More and more companies are getting into the retail media space. As competition heats up, a Kroger executive talks about the grocer's latest attempt to stay ahead of the curve.
‘I’m embracing the discomfort’: Fashion brand execs share how their office style has transformed
For some — particularly those that get personal fulfillment from their style — the return to the office is, indeed, a good reason to go all out.
Marketers are going beyond the individual and using personality to sell at Advertising Week
During day four of Advertising Week, marketers looked to go deeper with their audience by showing a softer side of the celebrities and creators they work with.
SponsoredHow advertisers are navigating advanced TV and premium video convergence
Nicole Schumacher, vice president of product marketing, Xandr Advertisers have a number of priorities and considerations as premium video content for viewers evolves. Media types are converging as audience behaviors diverge, adding nuance and complexity to each phase of campaign workflows. It’s the age of innovation for all types of video advertising, including convergence — […]
‘It’s crucial to fighting pay gaps’: How tech companies are leading the way in salary transparency
A growing cohort of progressive tech companies are offering salary transparency policies, which help tackle the gender pay gap.
Why a shoe brand is maintaining its digital paid media strategy well beyond the pandemic
By investing more in digital channels, the company was aiming to meet the tradesmen and women who typically shop for its shoes and work boots in-store wherever they were spending their time online.