Apple closes loopholes related to the hidden use of personal data of users of iOS applications. Email lists for targeting similar audiences are also banned.
How it all started
Recall that this summer Apple decided to seriously change the privacy rules on its platform. Then the company said that soon applications will be required to request access to a unique identifier or IDFA.
This policy has alerted marketers and developers — with the loss of access to IDFA, they will not be able to fully monitor the effectiveness of advertising. In response, some experts began to look for “workarounds” that would allow the use of user data. As backup options, it was proposed to use fingerprint tracking, tracking from the built-in SDK or email lists for targeting.
Tracking Restrictions
Apple commented on most of these ideas at the end of September when it updated the “User Privacy and Data Usage” page on its developer site.
There, the company explained that now all applications will have to get consent not only to access the IDFA, but also to track data in general. Some practices were allowed by the company with reservations (if users do not mind), and some were definitely banned.
For example, they were completely banned:
- fingerprint and cellular signal tracking;
- manipulations with limitation of application functionality;
- attempts to offer people rewards in exchange for privacy.
But tracking from the built—in SDK, processing data when using a single sign-on system from other companies, or using a hashed email/phone number as an identifier – it turned out that the user’s permission was needed.
At the same time, Apple also told about the ban on the use of lists with email addresses for targeting. Nevertheless, this topic began to be actively discussed only after the company recently disclosed several more details of its privacy policy. She forbade:
- show ads based on user data collected by websites or applications of other companies;
- transmit geolocation or email addresses to the data broker;
- use lists with email addresses to search for similar users and retargeting;
- embed a third-party SDK that is able to combine user data from different applications and offer suitable advertising/track the effectiveness of advertising.
Note that all of the above can be done only with the user’s permission through the App Tracking Transparency framework.
According to marketing expert Eric Benjamin Seufert, Apple’s behavior was unpleasant, but predictable. He recalled that back in August, Facebook removed from the advertising cabinet the ability to target similar audiences for campaigns on iOS 14. Other major mobile marketers also mostly rejected the idea of sharing email lists even before Apple officially started talking about the ban.
Interestingly, Apple can’t actually check whether the email list is being used for advertising purposes or not. But, as Seifert pointed out, rumors of fraud can still reach the company and lead to sad consequences. If desired, Apple can remove the developer’s apps from the App Store or exclude the advertising network from the SKAdNetwork framework (a new tool that partially replaces the IDFA functions).
As a result, marketers have no real workarounds for Apple’s privacy policy. Moreover, those advertisers who will play by the new rules will be in a winning situation, Seifert noted. In his opinion, in the near future a similar story with privacy will happen not only on mobile devices, but also online in general.