How Apple Killing IDFA Will Impact Developers
Every year, Apple releases changes that, for better or worse, change what developers are allowed to do or modify how certain processes are allowed to play out. Over the last two years, almost every end-user has noticed that virtually all websites now post brief privacy statements through what’s commonly referred to as a “cookie banner” about their usage of cookies as well as offer options to toggle off unnecessary cookies. In the same light, changes are coming to iOS will affect a similar tracking technology called IDFA (Identifier for Advertisers) that impacts privacy beyond a mobile browser.
In a never-ending quest to appeal to user comfort through privacy practices, certain tools fall out of favor or are at least Nerfed. With changes to IDFA on the horizon, this will require that developers modify existing programs and tools that rely on the data it provides which means substantial implications for technical marketers. Next, we’ll provide some insight on how an IDFA works then discuss what this means for development and marketing.
What is IDFA and why does it matter?
The funny thing about browser cookies is how they’ve been in use since the mid-90s where they quickly became a topical morsel for the media to spin in a mostly negative light. Users were regularly urged to perform maintenance actions like “delete cookies” to improve performance until sometime after the average personal computer started featuring double-digital, gigabyte storage off the shelf. Eventually, discussions on cookies would mostly disappear until around 2018 when the EU invoked the GDPR in an attempt to protect citizens’ personal information that has, in turn, had a global impact.
A cookie is simply a file that stores locally on a device that saves certain information about a browsing session. There are a few different configurations and classifications of cookies but the idea is mostly the same. Systems can use this information to personalize experiences as well as profile buyer personas based on patterns of behavior. In the same light, IDFA helps with the same processes but exists as a slightly more abstract process than the server-client exchange of a cookie file.
Rather than a file, IDFA just an identifier that Apple assigns to each device. In of itself, the identifier is harmless – it’s a randomly generated string used as a ubiquitous username across all apps that care to use it. This allows an app to tether behavior to this identifier instead of attaching something more personal like your name or email. Google does the same thing through its AdID mechanism but Apple does a better job at explaining how it works through solid storytelling using a day in the life of a hypothetical father and daughter.
These systems were put in place so backend analytics systems and advertiser networks aren’t sharing information that has more potential for being abused, like your email or actual name. For example, in my case, advertiser networks would obtain activity data from apps like Wayfair, eBay, and OfferUp that show I’m looking at things like new kitchen curtains and a specific electric dryer along with other metadata from permissions I’ve allowed like my location.
To an advertising system, this information looks like “user <32-digital hexadecimal number> searched ‘black and white curtains 36’ at location 41.68, -86.25 looked at item X for 58 seconds and item Y for 46 seconds.”It’s not as though it’s like “Nick Epson, a 33-year-old male in Northern Indiana was sitting on his couch trying to find cheap curtains in between taking bites of chicken tikka masala.” These systems are only allowed to share so much information personally identifiable information, in theory, plus users are usually given the option to shut off the retention and sharing of certain information.
The problem we’re now facing is mostly because attribution networks used by technical marketers have snowballed into monsters because of efforts to aggregate information from everywhere they can. They’ve built these immense profiles on people, supposedly using everything but individual’s real names, phone numbers, email, and mailing addresses, which is too close to comfort for many people. In conjunction with third-party cookies and the ability to cross-reference device IDs with Facebook IDs (among other super publishers like Twitter and Google) marketers can use the information furnished by these systems to create targeted marketing campaigns, just like the scenario Apple described in the link above.
What does this mean for developers and technical marketers?
The implications for this substantial change from Apple (and likely Google in time) are significant for developers and especially, technical marketers. Hacking these standard identifiers from the mix means app developers will certainly be tasked with eliminating or altering elements that push and pull information from databases that use these IDs as well as some responsibility for figuring out viable workarounds. Because none of the big players in this game have announced a new solution, all hell will break loose for a short time.
From a development standpoint, systems that use this data will become much less effective – before iOS 14 was rolled out, some 30% of Apple device users actively went to their settings and disabled IDFA. It’s expected that this number will rise to around 90% due to the update putting this option front-and-center.
Right now, this means those who take advantage of LAT (Limit Ad Tracking) features still produce data but it’s not attached to their IDFA such that it can follow them around like a mobile file cabinet that documents their every move. As such, a session still has value as activity can be measured and retained, so long as it’s not retained alongside an identifier.
Developers can’t come together and agree to backpedal and use something more identifiable like an email address or a phone number. Several big advertising networks proved that they’ll abuse this information so this option is off the table. For example, tons of people on the FTC National Do Not Call Registry still get calls every day from companies (usually overseas, but not always) that just don’t give a shit. A lot of this invasive marketing is being driven because – surprise, surprise – some companies that promise not to share identifiable information still manage to do so because of complex clauses in their privacy statement. Plus, it’s not like when an advertiser, for example, gets a phone number as part of an IDFA profile they go out of their way to blow the whistle – instead, they text you with “killer deals” for car insurance.
It seems like the most viable workaround for the near future is to begin taking advantage of Apple’s SKAdNetwork: an ad network API that claims to maintain user privacy. Of course, this proposed shift isn’t without problems. For starters, it’s relatively new so the framework hasn’t had much opportunity to be tested. Even by shifting to this, it means that code for apps and platforms will need to be heavily revised to use effectively.
At the end of the day, this problem stems from technical marketers who collectively went too far. For now, marketing efforts will have to use some imagination in place of relying on sophisticated information hubs to automate targeted ad campaigns. It’s entirely possible to still come up with effective campaigns with a little more creativity and a little less data.
We’re ready for changes that aim to better protect user privacy
It takes more than one bee to make honey – Blue Label Labs is a hive of creative problem solvers who work together to deliver results that delight. While we want marketers to be successful, we understand the need for a better system that’s less “big brother” and still delivers useful information to teams who make collateral that sells products and services. Blue Label Labs will work to implement systems that keep users engaged and feeling safe. Get in touch with us to learn more about our app development process and how we can design an app that gives you the data your need without sacrificing privacy.