Home Online Advertising Safari Enables Full-On Third-Party Cookie Blocking By Default (Aka, No More Workarounds Ever)

Safari Enables Full-On Third-Party Cookie Blocking By Default (Aka, No More Workarounds Ever)

SHARE:

Are you sitting down? Because there’s some news that actually isn’t related to the coronavirus.

After years of moving in this direction, Apple said Tuesday that all third-party cookies for cross-site tracking will be blocked by default in Safari 13.1 for iOS and macOS.

You’d be forgiven for scratching your head and saying, “Wait a sec, weren’t third-party cookies already blocked in Safari as part of Intelligent Tracking Prevention?”

The answer is yes. What’s new is Safari going full nuclear on workarounds. It’s been a cat-and-mouse game between trackers and Safari for a while, but ITP means business.

In a blog post, WebKit security engineer John Wilander put it like so: “This is a significant improvement for privacy since it removes any sense of exceptions or [that] ‘a little bit of cross-site tracking is allowed.’”

WebKit will share its experiences with unmitigated third-party cookie blocking with privacy groups within W3C “to help other browsers take the leap,” Wilander wrote.

Chrome said earlier this year that it’s planning to deprecate third-party cookies in its browser beginning in 2022.

Here are a few of the exploits WebKit is cracking down on:

  • Ironically, the way in which a tracking prevention method is carried out can in some cases be manipulated to track a person across sites. Full third-party cookie blocking ensures that there is no ITP state that can be detected through cookie-blocking behavior. Basically, trackers won’t be able to use what is being blocked as a signal for tracking.
  • Login fingerprinting, which allows sites to see where a user was previously logged in, will no longer be possible. Aka, no leakage of a user’s login state across sites.
  • Last year, Apple announced that all client-side cookies would expire after seven days. (Later, this became 24 hours.) As expected, third-party scripts reacted by simply moving to other means of first-party storage, such as LocalStorage, which uses JavaScript to store information on the client side and never expires. Well, now there will be a seven-day cap on all script-writable storage too.

Click here to read the full blog post.

Must Read

The FTC's latest staff report has strong message for social media and streaming video platforms: Stop engaging in the "vast surveillance" of consumers.

FTC Denounces Social Media And Video Streaming Platforms For ‘Privacy-Invasive’ Data Practices

The FTC’s latest staff report has strong message for social media and streaming video platforms: Stop engaging in the “vast surveillance” of consumers.

Publishers Feel Seen At The Google Ad Tech Antitrust Trial

Publishers were encouraged to see the DOJ highlight Google’s stranglehold on the ad server market and its attempts to weaken header bidding.

Albert Thompson, Managing Director, Digital at Walton Isaacson

To Cure What Ails Digital Advertising, Marketers And Publishers Must Get Back To Basics

Albert Thompson, a buy-side veteran with 20+ years of experience, weighs in on attention metrics, the value of MFA sites, brand safety backlash and how publishers can improve their inventory.

Privacy! Commerce! Connected TV! Read all about it. Subscribe to AdExchanger Newsletters
A comic depiction of Google's ad machine sucking money out of a publisher.

DOJ vs. Google, Day Five Rewind: Prebid Reality Check, Unfair Rev Share And Jedi Blue (Sorta)

Someone will eventually need to make a Netflix-style documentary about the Google ad tech antitrust trial happening in Virginia. (And can we call it “You’ve Been Ad Served?”)

Comic: Alphabet Soup

Buried DOJ Evidence Reveals How Google Dealt With The Trade Desk

In the process of the investigation into Google, the Department of Justice unearthed a vast trove of separate evidence. Some of these findings paint a whole new picture of how Google interacts and competes with its main DSP rival, The Trade Desk.

Comic: The Unified Auction

DOJ vs. Google, Day Four: Behind The Scenes On The Fraught Rollout Of Unified Pricing Rules

On Thursday, the US district court in Alexandria, Virginia boarded a time machine back to April 18, 2019 – the day of a tense meeting between Google and publishers.