WTF is link decoration?
There are all kinds of ways for companies to pass information around the web from one site to another. One of the simplest options is known as link decoration. Used by publishers, advertisers, affiliate marketers and major platforms, link decoration has been a common practice online for years but has recently attracted renewed attention for how it can be used to track people online and side-step Apple’s anti-tracking efforts.
Sounds fun. WTF is it?
Link decoration is one of those rare terms that means exactly what it sounds like. It’s a method of adding extra information to the URL in a link that a person clicks on. This extra information doesn’t change the link’s destination but provides a way to pass information to the destination site. This extra information appears after a “?” that has been added to a URL. Collectively, the information included after the “?” is called a query string, and that query string can consist of multiple individual pieces of information that are called query parameters.
How does link decoration work?
There are two main ways to decorate a link. The basic way is to statically attach the extra information to the URL when a link is created. Publishers typically do this in their email newsletters for links that point back to their sites. Instead of including a simple link like “http://www.example.com/article,” they will decorate the link to look like “http://www.example.com/article?referrer_source=emailNewsletter” in order to know when someone visited that page by clicking on a link in their newsletter.
How is a site able to collect the information added to a link?
Is link decoration only used to know the referral source for site visits?
Nope. Any information — technically, any combination of letters and numbers that represent information — can be attached to a link. For example, if you fill out a form online, link decoration can be used to pass the information you filled out to whatever page receives the completed form. You can see this when performing a Google search for, say, “digiday.” The URL of the search results page will include the query parameter “q=digiday,” which is added after the initial search query is submitted (the “q” is Google’s chosen label for “query”).
Is link decoration a new practice?
Not at all. While the exact origin of link decoration is unclear, link decoration has been used for years to pass information from site to site as well as from page to page on the same site.
So why are we talking about it now?
Because companies including Facebook and Google have been using link decoration to side-step the anti-tracking feature that Apple has added to its Safari browser and Apple is not okay with it anymore.
How are companies using link decoration for cross-site tracking?
Here’s a WTF article that breaks it down in depth.
Here’s the CliffsNotes version: Apple doesn’t like third-party companies like Facebook and Google track people on websites they don’t own, so it added an anti-tracking feature to its Safari browser. Facebook and Google found a workaround to Apple’s anti-tracking tool. They would use link decoration to attach information, which they could use to identify a user, to links they can control and pass that information to the destination site, which would cooperate by dropping a first-party cookie to store that identifying information for Facebook or Google to access through code stored on the site. To limit Facebook’s and Google’s ability to track people around the web through first-party cookies dropped via link decoration, it has decided to delete those cookies if it believes they were dropped via this method.
And here’s a video explanation if you’re the visual type.
Oh, so link decoration isn’t bad?
Nope, it’s just another basic web feature that advertising companies have appropriated to track people around the web. Just like the cookie.
‘We’re letting Facebook grade their own homework’: Here’s how advertisers’ desired changes differ from overall boycott
The overall goals of civil rights advocates organizing the boycott differ slightly from those of advertisers.
How Facebook’s brand safety audit with the Media Rating Council will work
The MRC audit will determine whether Facebook has applied an advertising adjacency standard into its brand safety protections.
Member Exclusive‘Are you going to put people over profit?’: As Facebook boycott continues, DTCs still running ads on the platform in a tricky spot
The Facebook boycott is part of a larger cultural shift towards a more “values-based consumerism.”
SponsoredWhy data clean rooms are a start, but not enough
Clean rooms are intended to be a “safe space” for brands to collaborate with walled gardens, but the greater opportunity for all brands is bringing together all of their data to create a single source of truth that they own and can continually enrich.
WTF is California’s new, and potentially stronger, privacy law?
In November, California residents will vote on the state's second privacy law, which is basically the CCPA 2.0
‘Influencer deals are being paused’: As Facebook boycott begins in earnest, influencer marketing feels a sting
The latest move to pause influencer marketing comes as marketers are not only reconsidering where their ads appear and the kind of content they appear next to, but as they work to figure out how they can better support Black creators and Black-owned businesses following the Black Lives Matter (BLM) protests.