How Apple’s Private Relay could be the beginning of the end for fingerprinting on iOS devices
It’s been three months since Apple’s privacy safeguard arrived and ad execs are still trying to make sense of the company’s stance on tracking — or lack of one. Specifically, when it comes to fingerprinting, the much-maligned tracking technique Apple aimed the safeguard at.
As it stands, there are still instances of companies gathering data points from a person’s device so they can be tracked across apps and sites even when they have declined to do so. Recent reports from Digiday and the Financial Times are testaments to this.
And herein lies the rub for ad execs. Apple has told them fingerprinting is off-limits but doesn’t seem to be aggressively enforcing this policy. Few execs, however, believe this perceived inaction will last. Eventually, goes the thinking, Apple won’t need to enforce a policy like ATT to rid its mobile operating system of fingerprinting — it will have the technology to block it from ever happening in the first place. The reason: Private Relay.
Private Relay renders a person’s IP address useless for fingerprinting because it redirects web traffic through two separate servers. Granted, an IP address is just one of many aspects that make a fingerprint of someone’s behavior on a device — but it’s an important one.
“We view this [Private Relay] as a precursor to Apple using welcome technical solutions to break fingerprinting,” said Shumel Lais, CEO of mobile advertising intelligence business Appsumer.
That said, the current version of Private Relay won’t be much of a deterrent against fingerprinting. It only obfuscates traffic coming from the web and a tiny amount of app traffic (specifically encrypted HTTP app traffic). But app traffic is where fingerprinting is rife.
There are other loopholes in Private Relay that could be exploited. For instance, Private Relay restricts traffic apps send over an insecure web connection (HTTP). So apps that use an IP address for fingerprinting could theoretically work around this by using a secure web connection or some other transport protocol. This may lead to a “cat and mouse game” between Apple, ad tech vendors with fingerprinting solutions, and the apps integrating them, said Aaron McKee, chief technology officer at mobile ad tech vendor Blis.
Private Relay is also only for paying Apple customers for its upcoming iCloud+ service. Although it will undoubtedly cover a large number of iOS users when it launches later this year, it won’t be all of them. Of course, this could change over time in the same way the breadth of traffic obfuscated could be broadened. As Lais explained: “Overall, we’d view it [Private Relay] as them [Apple] testing the technical solutions on smaller subsets of users before rolling them to a wider audience.”
In a sense, Private Relay is posed to be the pebble in the pond that creates the ripple that turns into the third wave of privacy change around identifiers. This after the industry was hit by the first wave of device IDs, followed by cookies.
Regardless of how Private Relay will evolve, it will do so in slow motion.
“Apple needs to be careful when it uses its market position in a way that could be interpreted as either anti-competitive or too dictatorial,” said Nii Ahene, chief strategy officer at digital agency Tinuiti. “This is why there’s a gradual rollout of Apple’s privacy plan. The company communicates what it will do early, starts to have conversations behind the scenes, and then over some time the enforcement of the ATT policy starts to kick in.”
Some execs believe this enforcement could kick in soon. After all, Private Relay is the easy answer to the fingerprinting question in the future — not now.
Indeed, there are apps in the iOS App Store that use measurement and attribution tools to circumvent Apple’s guidance around tracking to varying degrees. This flies in the face of Apple’s marketing, which prides itself on giving customers choice over the companies they do and don’t want to be tracked by. Apple will only tolerate companies who flout its rules for so long before it reacts with force.
Otherwise, its customers could start to feel like their choices not to be tracked are meaningless when they click on an ATT prompt in their favorite app. It makes it hard to discount the possibility that Apple enforces its policies in a non-technical way even before the next major update to its operating system via the App Store approvals and notices of non-compliance with Apple AppStore rules.
“If I were the marketing lead for one of those companies using another measurement tool that is not complying, I would be concerned about the board-level discussion that happens when my company gets a notice of removal of my apps because I looked the other way despite Apple’s year-long guidance,” said Charles Manning, CEO of mobile attribution analytics firm Kochava.
Of all the concerns marketers may (or may not) have about TikTok right now, the pixel isn’t one of them
Marketers have a lot on their minds when it comes to TikTok these days, from the geopolitical tensions over the app’s supposed ties to the Chinese government to whether they should be funding some of the content on it.
With podcast advertising maturing, more mainstream brands want in on growth
Podcasts, once a go-to marketing channel for direct-to-consumer brands, have become a mainstay for more seasoned advertisers, agency executives say.
Marketing Briefing: Coca-Cola and other major marketers enter ‘test and learn’ phase with generative AI
Many major marketers like Coca-Cola are asking agencies how they can use generative AI technology. But most are not creating consumer-facing work with generative AI just yet.
SponsoredMarketers are driving ad effectiveness and engagement with digital audio
Ann Piper, head of client partnerships, vertical team, Spotify Advertising As an increasing number of people engage with digital audio, marketers are keen to understand what keeps listeners engaged — and how they can tap into their attention. Recent reports anticipate the global digital audio advertising market will top $8.9 billion this year. In 2022, […]
As its future hangs in the balance, TikTok tries to keep advertisers on its side
The whole idea that TikTok is really spyware is nothing more than a myth, according to the app. And it wants marketers to know it.
How gaming organization OTK strikes a balance between creator-ownership and more traditional executive experience
Since its formation in October 2020, creator ownership has been a core part of One True King’s DNA. The group is constantly adding new talent to its list of creator–owners, fueling a rapid rise and accolades such as “Best Content Organization” at last year’s Streamer Awards.