Apple’s Safari Cut Off All Workarounds For Cross-Site Tracking – Now What?

Apple’s announcement Wednesday that it will fully block all third-party cookies in Safari by default and that it’s cracking down on any effort to circumvent tracking prevention shouldn’t come as a shock to anyone.

And in terms of what this means for advertisers, publishers and ad tech companies, the answer is: More of the same.

“Safari is where digital advertising goes to die,” said Mathieu Roche, CEO and co-founder of ID5.

Measurement, for example, was already extremely difficult in Safari, and remains so, said Andraz Tori, head of recommendations and data science at Outbrain.

“View-through measurement was restricted even before this, [and] click-through measurement now can only be done with JavaScript on an advertiser’s site,” Tori said.

But Apple does seem to have thrown a minor bone to the digital ad community.

A website’s script-writable storage, such as LocalStorage, will now be capped at seven days – there used to be no expiration. But from a glass-half-full perspective, it appears that Safari is saying a seven-day window for precise conversion attribution is okay, Tori said.

“If this stands, that gives ad platforms way more data than what [Apple’s] click attribution API was proposing,” he said. Apple released a proposal for an experimental API last May that would enable limited click-to-conversion tracking and severely restrict the data that could pass between buyers, sellers and third parties.

But Apple’s recent WebKit update also shows an inherent hypocrisy related to its mobile ad ID, the IDFA, which is regularly shared between apps and SDKs. The App Store is full of apps that don’t protect users, said Zach Edwards, founder of analytics firm Victory Medium.

If Safari users search for or visit the site of an app they’ve already downloaded, Safari will immediately prompt them to open the mobile app.

While that might make sense from for user experience, it also puts people “one click away from going from a Safari website that is ‘safe’ and ‘not tracking them’ to a prompt built into Safari urging them to open the Apple mobile app, which will immediately identity the user and leak the same user ID across the app and any SDKs in the app,” Edwards said.

“Why should Apple get credit for making minor changes in Safari, when they still have dark patterns pushing Safari users into their app ecosystem on those same devices?” Edwards added.

Enjoying this content?

Sign up to be an AdExchanger Member today and get unlimited access to articles like this, plus proprietary data and research, conference discounts, on-demand access to event content, and more!

Join Today!