Impacts of Apple’s latest privacy update thwarting ‘link decoration’
With Safari’s anti-tracking feature, Intelligent Tracking Prevention 2.3, Apple fired a warning shot at companies using “link decoration” — a method of passing information through code added to a URL — as an alternative to third-party cookies, closing yet another loophole in its quest of killing off cross-domain tracking through third-party cookies.
For years, link decoration has been used to track referrals. Apple’s concern: Companies have been using link decoration to sidestep Apple’s privacy-focused plans to rid the web of persistent tracking.
Apple’s recent update pointed to the “continued abuse” of companies using link decoration as a workaround to track people in response to earlier ITP updates. As part of the update, Apple thwarted link decoration use by putting a seven-day limit on all non-cookie storage data, like local storage — a type of web storage that allows sites to store data directly in the browser typically with no expiration date.
“The more Safari traffic you have coming to your website, the more you would be impacted by the changes,” said Adriana Tailor, head of data and insight at TI Media. “Beyond CPMs, which everyone agrees has a lower value for Safari inventory when compared with Chrome [around 30% lower], the biggest impact will be for agencies and advertisers to report performance.”
Each release of Apple’s ITP update has led to some drop in publisher CPMs as more identifying data on Safari audiences is stripped out. With Apple’s crackdown on link decoration specifically, publishers have noted that their analytics tools aren’t working as they would expect, said Joe Root, co-founder of data platform Permutive, which offers alternatives to third-party cookies. The company has previously said that the platform is unaffected by the ITP updates.
“Facebook IDs could be getting recycled faster,” said Root. “After seven days, they could count as a new user when they aren’t.” For publishers, for now, this is more annoying than really damaging. But the direction of travel toward a data-privacy first advertising ecosystem is clear.
In the long term, for publishers making use of their first-party data, it’s an opportunity for them to take back more control of CPM prices and encourage advertisers to buy against that data, added Root.
“ITP is the environment publishers will flourish the most in. It puts them back in control,” he said. “In this update, Apple is making a request for publishers to help them clean up the web.” Publishers and marketers can strip out link decoration so they don’t fall foul of Apple’s increasingly restrictive privacy terms. For publishers, this is a fairly low lift.
Subscription publishers and those with scaled authenticated-logins are in the lead with how they are flexing their first-party data strategies. The issue with the latter is getting login alliances to scale when they’re met with headwinds like working with competitors, configuring technical issues and generating enough interest from buyers.
Vendors who aren’t able to pivot quickly enough to respond to Apple’s changes will struggle. The number of companies offering alternatives to third-party cookies continues to grow, ratcheting up the game of cat and mouse. But ITP 2.3 also appears to put Facebook, which uses link decoration and is likely classified as a tracking domain, in the firing line.
“This version looks like going after Facebook,” said Root, adding that in recent earnings calls Facebook referenced that it is finding it increasingly difficult to target Apple audiences. “There could be some downstream impact on the platform.”
For context, the Safari audience impacted by ITP 2.3 is still going to be a slice of publishers’ Safari traffic, which in turn can be between 30% and 40% of traffic. But Apple isn’t done killing off cross-domain tracking, and, increasingly, industry onlookers fear Google’s Chrome browser, which has been flirting with third-party cookie crackdown, is ramping up its efforts.
For now, this sting from ITP 2.3 isn’t as bad as earlier updates. “A seven-day expiry on this type of data [using local storage] is much better than the one-day expiry that first-party cookies get from the same process,” said Tailor. “However, it’s impossible to rule out changes to this expiry date. Future ITP updates may put a one-day expiry date on non-cookie storage.”
Media Briefing: What to expect at the Digiday Publishing Summit
As DPS draws nearer, top pain points for publishers are coming to light.
New app launches through Apple hoping to win with ‘zero-party data’ when others haven’t
Caden's new app lets users connect data from their Uber, Amazon, Netflix and other accounts in exchange for money. Will it take off?
‘The next level for us’: The New York Times eyes better retention for games in subscription drive
The games division is focusing on finding new ways to mine the inherent competitive nature of games like encouraging people to play multiple games in a single session or through new achievements and rewards for progression.
SponsoredHow ironSource’s hybrid mediation solution is enhancing mobile ad monetization
Produced in partnership with Marketecture The following article highlights an interview between Nimrod Zuta, ironSource’s senior vice president of product, and Eric Seufert, general partner at Heracles Capital. Register to watch more of the discussion and learn how advertisers are leveraging hybrid mediation solutions to fuel more effective ad monetization. Advertisers are facing a particular […]
In graphic detail: Publishers’ full year 2022 earnings
Looking back at 2022, the hits to publishers' revenue were partially staunched, but by the end of the year nearly all areas of the business felt the impact of the economic downturn.
‘It has to be built in’: How agencies strive to advance their diversity goals
There often is no blueprint for diversity in the corporate world, and many initiatives at media agencies have been works in progress over the last few years.