Open Standards and Predictable Privacy for Consumers are More Important than Ever
There’s been no shortage of ad industry ink spilled in response to Apple’s WWDC privacy announcements for iOS 14. In particular, much of the focus is on Apple’s design for user transparency and control over the iOS identifier used for a range of common advertising activities: the “Identifier for Advertising” or “IDFA.” The Tech Lab team read a range of articles and responses—some we support (example) and some we’ve even signed our name to (example). What we haven’t seen yet is a closer look at how these proprietary features might and might not work alongside similar current and emerging privacy and data protection standards within the digital advertising ecosystem. Our purpose with this post is exactly that.
Executive Summary
- iOS 14, the operating system for iPhones and iPads, which most Apple devices will receive via auto-update in September 2020, introduces several proprietary privacy features impacting common digital advertising business activities.
- As far as we can tell, Apple did not consult with ad industry experts when designing these features.
- Proprietary privacy features lead to more fragmented and less predictable privacy and data protection for users.
- Each of the new Apple features may come into conflict with existing standards for advertising and data transparency and control.
- While we cannot know how users will react to these new features nor precisely estimate the impact to digital ad campaigns, there is no doubt that come September things will be anything but business as usual.
- We urge the industry to resist developing short-sighted workarounds that facilitate opaque tracking of consumers in situations where IDFA or device provided location data is not available to them.
- We instead urge the industry, Apple and other browser and operating system providers to collaborate to develop privacy and data protection standards for sustainable addressability across devices and platforms.
Table of Contents
Overall Impact
1. Changes to Identifier for Advertising (IDFA) and App Store-level Transparency/Control
2. Changes to App Install Attribution
3. Control Over App Access to Precise Geo-Location
4. Privacy Report Displaying “Tracking” Companies
Conclusion
Overall Impact
As with all privacy-related announcements from leading browser/OS platforms over the last year, there are critical business and user experience impacts for which our industry must prepare.
Impact to Business
The release of iOS 14, which is expected to start rolling out to Apple devices in mid-September, will likely result in a significant reduction in the availability of device-based IDs to the app ecosystem, the extent of which will depend upon the rate of consumer opt-in to use of the Identifier for Advertising (IDFA). Such IDs are integral to nearly all business activities our industry relies on, including audience segmentation, ad targeting, measurement, attribution, and even privacy choices. Generally, any advertising ID removal materially affects all stages of the digital marketing life-cycle, and the entire business model for publishers, resulting in an average 52% decrease in advertising revenue. App developers will need to think about how they appropriately motivate consumers to opt in and how they help protect user privacy overall.
Impact to User Experience
Rather than eliminating the availability of IDFA altogether, Apple is making the availability of IDFA a user choice, providing additional transparency around data collection and tracking practices of companies, apps, etc. This includes geo-location data availability. Tech Lab supports efforts to provide users more transparency and control. It’s the right direction for our industry, and we view Apple’s iOS 14 approach as much preferable to paternalistic approaches (making decisions for users) taken by Apple with Safari Google with the proposed Chrome Privacy Sandbox and Mozilla’s default Enhanced Tracking Protection. These choices should be up to consumers, subject to applicable privacy laws.
Where we differ is with Apple’s continued proprietary approach to user privacy. Just as Apple eschews interoperable hardware interfaces (power cords, peripherals, etc.) in favor of proprietary approaches, it is avoiding open standards in favor of proprietary user transparency and privacy controls. Predictable privacy for users should be the goal, not different features and approaches for every screen or platform where we consume media and services. For that we need open standards. We would prefer Apple work across the industry—more like Google and Microsoft do—towards standards that provide users strong baseline protection across all of their experiences and let businesses pursue important innovations while ensuring data protection and privacy.
Please read further below. A deeper understanding of proprietary moves, like Apple’s, aids the difficult but necessary conversations that ultimately help us all arrive at standards for more predictable privacy for consumers.
Note: the standards described here must continuously improve in order to reach and exceed user, regulator and commercial expectations. This is especially true regarding scientifically demonstrable conformity to the standards described in this post. The good news is that Tech Lab has a working group entirely focused on just that, with over 150 industry participants across advertisers, publishers, and the technology community which supports them.
1. Changes to Identifier for Advertising (IDFA) and App Store-level Transparency/Control
Apple Feature
For each app they install, users will need to specifically opt in to the availability of IDFA to any party, for any purpose. App publishers will now be required to provide a summary of their privacy practices. Referred to as a “nutrition label,” this summary will appear on each app description page in the App Store. The summary is fully self-reported, with no known compliance program or standardized set of notices.
Additionally, app publishers will self-report data processing purposes (Apple appears most concerned with cross-domain tracking), which will be presented to a user in a pop up. The user will then have a choice between allowing and disallowing whatever the app developer stated in the customizable portion of the pop up. An opt out by a user makes the IDFA unavailable to the app’s developer and its supporting technologies.
There is language in Apple’s marketing that indicates Apple’s policy is not just to remove an IDFA from opt-ed out users, but also prohibit any other type of identifying the user for advertising purposes. It is unclear how Apple will police this or the self-reported, non-standard statements in the customizable text app developers are allowed to present.
Impact on Industry
When an IDFA is not present, an ad campaign cannot frequency cap, control recency, measure and optimize uniquely, segment/target behaviorally, or attribute granularly. This should get marketers’ and publishers’ attention, given the corresponding revenue risk.
Marketers should not reject user choice and device access control. Instead, they should call for players like Apple to work within standards where the rest of the industry has a say. Perhaps then Apple would realize there’s a spectrum of data uses its IDFA facilitates—ranging from basic ad measurement to optimization and segmentation. Treating this spectrum of data uses as a single choice makes it likely users will make choices that could actually lead to less IDFA access, which translates into more frequent, less relevant ads. It’s also arguably noncompliant with the General Data Protection Regulation (GDPR), which requires clear specification of data processing purposes.
There’s reason to believe that if a communication of value exchange (for example, personalized and relevant ads in exchange for access to content) is clear, and if any user choices are demonstrably respected, then users might not reject all ID-based advertising activities outright. Apple’s approach does not do anything to make the value exchange clear, nor does it acknowledge the range of data usages, which in many cases can improve user experience.
Additionally, Apple is contributing to “consent fatigue” by ignoring the fact that a growing number of its app publishers already provide users clear, standardized options designed to help companies participating in ad transactions—from advertisers and publishers to their tech vendors—comply with various regional laws. While tracing around laws is not what we would advocate from a user experience perspective, it is still important to provide businesses the right tools to follow laws in the various geos in which they operate. In the case of this Apple feature, it does not provide businesses those tools, so they will need to continue showing users the additional layer of transparency and control. The impact is further annoyance associated with ads which—while hard to measure in currency–is also hard to dispute.
Relevant Open Standards
Tech Lab, in partnership with IAB Europe, developed the Transparency and Consent Framework (TCF) to provide standards for data use transparency and control, plus a signaling mechanism for any publisher and users preferences. Tech Lab also offers a flavor of this with the US Privacy standard, which allows content publishers, including those of apps, to signal to its vendors whether a user opts out of the “sale” of data under the CCPA. As with TCF, the CCPA signal is standardized and can be read by the value chain.
Potential Conflict Between Open and Proprietary
Apple itself could read these signals from open standards and make device-level decisions if it chose to do so. Instead, as with cases mentioned with TCF, users may be presented with both the Apple non-standardized pop up on many different App Store publishers and then a separate, yet standardized, choice provided by the content publisher participating in a non-proprietary standard like TCF or CCPA transparency, control and supply chain signaling. Again, privacy becomes less, not more, predictable when Apple ignores the standards that already exist to support the features it wants to provide its users.
Apple’s apparent policy to go beyond restricting app developers and supporting technology from IDFA access on opted out users by also prohibiting the app developer from using its own data from the user to sell ad space is bound to create poor experiences for users. Let’s look at the same example as above where a user is presented with Apple’s pop up and a publisher’s TCF-based UI. A user might tell Apple “no” to “tracking” presented in a pop-up, but then tell the publisher “yes” to “Select basic ads” via the TCF-based UI. The conflicted publisher then might identify the user with its supporting technology to frequency cap ad delivery. Would they be in violation of Apple’s policy?
2. Changes to App Install Attribution
Apple Feature
iOS 14 updated the SKAdNetwork interface, which provides a method for Apple to notify a registered “ad network” when a campaign produces an app install conversion. It is unclear if this is only for cases where a user does not opt in to the app publisher’s data processing purposes via the feature directly above.
The feature relies on ads to be signed with campaign identification and the ad network’s registration and requires the installed app to call a method which validates the attribution.
Impact on Industry
The design of this new feature does not take into account much of the complexity of digital advertising today. For example, the API only names three participants to an ad transaction. It is clear no one on the design team for this feature accounted for how advertisers and app publishers work with a variety of technologies to serve and measure ad performance. Similarly, supporting only one type of mobile marketing conversion—the app install—ignores other types of conversions for which a campaign might want to optimize.
Tech Lab is receiving inbound queries from companies looking for an industry standard to be built on top of this proprietary iOS feature. Companies, which have less than three months to come up with an integration to an API that doesn’t recognize their existence (the API only acknowledges “ad networks,” “source apps” and “advertised apps”) rightly want guidance for how they should expect the programmatic ecosystem to handle this. Therefore, we either build a standard to prop up something proprietary, which itself distracts resources from any holistic solutions, or leave industry to develop a host of one-off ways of dealing with the new attribution world on iOS. For now we’re looking at options in the OpenRTB Working Group.
Relevant Open Standards
While the ad industry does not yet have a set of technical standards to create this type of non-identifiable attribution reporting, it is absolutely in gear developing proposals to create accountability through technical controls and monitoring via Project Rearc.
Tech Lab believes ad industry credibility rests in large part on demonstrating integrity through tangible, systems-level accountability that goes beyond good-faith attestation and self-reporting. Why couldn’t Tech Lab and its members—along with Apple and other major device, OS and app producers—work together to create strong controls like this feature, but in a way that supports more use cases and leaves industry competition vibrant? Any time a major device, operating system, and utility app (e.g., browser) producer goes its own, proprietary way on privacy, we can see users will find privacy less predictable and addressability less expected.
3. Control Over App Access to Precise Geo-location
Apple Feature
Today, Apple iOS users control which apps have access to their location through operating system level “Location Services” settings. The new feature, visible in screenshots posted by third parties, allows a user to opt out of precise location information sharing with apps. If a user opts out they remain so and are not presented with the choice again. At that point only approximate geolocation information is shared with apps. Radar describes how developers interact with the new feature.
Impact on Industry
Besides the conflict between Apple’s proprietary opt-out and a standards based opt-in we see the movement here as positive for users and the advertising ecosystem. Users get a choice whether to share precise location data. In the case of Apple’s feature, even when a user opts out an advertiser could still tailor an ad to the approximate location of a user. Positive marks on user choice. Negative marks on going it alone and not adopting standards, which in this case are more conservative than Apple’s.
Relevant Open Standards
Again, IAB Europe and Tech Lab’s TCF, widely adopted in European Economic Area (EEA) countries, gives participants a common set of tools to provide users cross-site or site/app level controls over “precise geolocation data.” If a vendor signs up for the TCF Global Vendor List (GVL) under Special Feature 1: “Uses precise geolocation data,” the user is presented with the ability to opt in to this. Opt-in control over the digital advertising ecosystem’s use of precise geo-location is also required by NAI’s compliance program.
Potential Conflict Between Open and Proprietary
An Apple App Store app participating in the TCF will present its users with an option to opt in to precise geolocation data use even after that user makes a choice—or doesn’t since Apple’s feature appears to be opt out—at the operating system (OS) level. If that user actually made a conscious choice to opt out at the OS level, the app publisher presenting them with this option in the app experience does not know and therefore does not hide the interface—annoying the user—and cannot signal to its ad technology vendors, which leaves choice opaque.
Conversely, if a user navigating an app participating in the TCF standard chooses not to opt in to precise geolocation use via TCF there’s no way for the app to communicate the user choice to iOS. iOS, by not participating in standards, misses the opportunity to effectuate the user choice at the operating system level, which would actually be a great stride for technical accountability to user choices. Both potential conflicts do not contribute to predictable privacy and can be avoided by supporting privacy standards instead of developing proprietary means.
4. Privacy Report Displaying “Tracking” Companies
Apple Feature
The “Privacy Report” appears to work for both iOS 14 and macOS Safari (mobile and desktop). Safari’s Intelligent Tracking Prevention (or ITP) blocks cross-domain tracking today. Now, in addition to ITP, there will be user-level communication to demonstrate which companies it is blocking. However, it is unclear how Apple will derive known company names for this report, or provide end-user transparency regarding the data uses and purposes for those companies.
Impact on Industry
Given the current climate on digital advertising, presenting a list of companies blocked on a page load in a browser gives the impression that every company there has the same tracking intent, for the same purposes. Frequency capping, recency control, behavioral based targeting, and optimization and spend attribution are all different use cases, with potentially varying degrees of consumer perception.
The implication of this new Safari user communication is that Apple saved a user from “something bad” happening to them. This is misleading and does nothing to bring advertisers to the table to talk about how to make for better advertising experiences. After all, consumers vastly prefer advertising-supported access to content/services instead of paying for them.
Relevant Open Standards
The TCF provides standardized data uses and vendor transparency and control for users living in or visiting EEA countries. This type of transparency and control is what Tech Lab continues to help different regions negotiate in-market. While the standard here is not an outright blocking of cross-domain data uses like ITP (and subsequent boasting in “Privacy Report”), it provides much clearer transparency for users. With Apple’s new privacy report there is no concept of varied data uses. If a publisher or advertiser, by way of its technology vendors, attempts to control the frequency with which a user sees an ad, Apple will show the same message as when a third party might be trying to create a behavioral profile.
Potential Conflict Between Open and Proprietary
When a publisher participates in TCF, they show their users a list of data processing purposes and the vendors employed for those processing purposes. Now unfortunately, it is likely that a user is going to see differences in what Safari shows and what the TCF user experience shows. Vendor names in the TCF will accurately depict companies processing personal data on page, and also show that not every vendor is processing data for the same purposes. The Safari privacy report appears to make no distinctions. Note, an in-market Tech Lab standard like TCF on the other hand would give users the ability to differentiate between their preferences for ad frequency caps and behavioral profile creation, to name a few.
Conclusion
Privacy shouldn’t be a pawn in the battle to sell one device vs. another. It’s unfortunate Apple treats privacy and data protection as a proprietary advantage instead of a right which users maintain no matter what device they buy or browser they choose. To achieve predictable privacy for consumers, browser providers, mobile OS providers, and media and advertising companies must collaborate on open, interoperable privacy approaches and standards that put the consumer at the center.
ABOUT THE AUTHOR
Alex Cone
Senior Director, Product Management
IAB Tech Lab