Data privacy has always been a major concern that has only gotten more important as the demand for user data grows. Businesses try to target relevant audience for advertising purposes and this data can be analysed through various digital analytics solutions.
The sources from where the data can be collected have always taken precautionary measurements to avoid the misuse of data. In recent years, this authority has been to the user. Whether it is permission to collect their location, browsing, or photo data, users are the controller of what information is collected from them.
But still, there have been differences in data collection norms for different platforms. Some platforms, like Apple iOS, have taken a keen interest in control of data collection entirely to the users. The Apple team has always given priority to data privacy, but they’re about to take it to the next level.
Recently, Apple has rolled out the privacy enhancement update, iOS 14 and 14.5, with some major changes to its privacy features to give more control to its users.
Until now, mobile apps have to rely on Apple’s IDFA (Identifier for Advertiser) to track users for targeting and advertising purposes. With the launch of the latest version of iOS 14.5, mobile apps now need to request permission from users who have upgraded their operating system to iOS 14.5 to gather tracking data.
This update is anticipated to have a significant impact on the entire mobile ecosystem. The mobile advertising industry will have to deal with new challenges for personalized advertising and attribution.
Reference
IDFA (Identifier for Advertiser): It is like a web cookie, but for mobile apps. With iOS 14, apps will now be required to get permission from the users to use IDFA.
Here is an example IDFA: AEBE52E7-03EE-455A-B3C4-E57283966239
- User can reset it and disable it as well (Limit Ad Tracking). This is found in Settings > Privacy > Advertising.
- It is reset on OS re-install.
The IDFA is unique for every device. It is reset in the following ways:
- Privacy change: Apple now asks all apps to provide their privacy practices before onboarding on the Apple Store. If an app uses a third-party code, it will need to provide the details on any data that is collected and how that data is handled. The new policy also allows users to request data deletion.
- User Permission for Data Tracking (IOS 14.5): Apple has introduced a new App Tracking Transparency framework under which you must request permission from the user to track data. Under this framework, you can only access the user device’s identifier if the user grants permission.
- Safari browser remains the same, IDFA only targets mobile apps.
- If you only have a website and not an app, you only need to consider changes in the Safari browser. In this case, the only thing that you have to worry about is the updated Intelligent Tracking Prevention (ITP) and its new Privacy Reports.
- ITP uses the Machine Learning Classifier to identify domains that can be leveraged for cross-site tracking and identification. After the Machine Learning Classifier successfully identifies a domain with cross-site tracking capabilities, it restricts cookies that are created by that domain. ITP deletes all cookies of any user who hasn’t visited the website in 30 days.
For businesses, this means you’ll need to gain a user’s trust and encourage them to opt-in.
Let us see what the changes iOS 14 are with regards to data analytics and tracking:
Impact of iOS 14 updates on Firebase Services:
Firebase SDKs do not access IDFA, though some have integrations with Google Analytics that may involve IDFA access.
The table below lists Firebase products that are available on iOS and describes how the functionality of each product is impacted if IDFA is not accessible.
| Product | Impact if IDFA is not accessible |
|---|---|
| A/B Testing | Some targeting data (like demographics) in the A/B Testing integration with Google Analytics is derived from the IDFA. In apps without access to the IDFA, this targeting is unavailable. |
| App Distribution | No impact |
| Authentication | No impact across Authentication and first-party Authentication providers, such as Google Sign-In and Phone Authentication. |
| Crashlytics | No impact. The Crashlytics integration with Google Analytics that provides real-time crash data and breadcrumbs is not dependent on the IDFA. |
| Dynamic Links | No impact for link-opening functionality. When used with Google Analytics, attribution for link conversion events is unavailable. |
| Cloud Firestore | No impact |
| Cloud Functions | No impact |
| In-App Messaging | No impact |
| Firebase installations | No impact |
| InstanceID | No impact |
| Cloud Messaging | When used with Google Analytics, Google Analytics will automatically log some FCM-related conversion events. Attribution for these events requires IDFA access. |
| Firebase ML | No impact |
| Performance Monitoring | No impact |
| Remote Config | When used with Google Analytics, Remote Config does not allow automatically created user properties for targeting without IDFA access. |
| Realtime Database | No impact |
| Cloud Storage | No impact |
Affected Firebase Integrations:
App tracking transparency:
With iOS14, a new framework has been created called App Tracking Transparency. This framework contains a class called ATTrackingManager, which provides an API to:
- Present a dialog to the user requesting permission to track them
- Query the authorization status (regardless of showing or not showing the dialog)
You must use the AppTrackingTransparency framework if your app collects data about end-users and shares it with other companies for purposes of tracking across apps and websites. The AppTrackingTransparency framework presents an app-tracking authorization request to the user and provides the tracking authorization status. This process of digital analytics helps the company in making niche audience report.
Step 1:
We’ll first learn how to get the authorization status. To do so, you need to call the trackingAuthorizationStatus method.
ATTrackingManagerAuthorizationStatus status = [ATTrackingManager trackingAuthorizationStatus];
It will return an NSUInteger with one of the following values:
- ATTrackingManagerAuthorizationStatusNotDetermined = 0
- ATTrackingManagerAuthorizationStatusRestricted = 1
- ATTrackingManagerAuthorizationStatusAuthorized = 3
- ATTrackingManagerAuthorizationStatusDenied = 2
Step 2:
Asking for permissions to track
NSUserTrackingUsageDescription key should be added into your info.plist file
What is NSUserTrackingUsageDescription?
If your app calls the App Tracking Transparency API, you must provide custom text, known as a usage-description string, which displays as a system-permission alert request. The usage-description string tells the user why the app is requesting permission to use data for tracking the user or the device. The user has the option to grant or deny the authorization request. If you do not include a usage-description string, your app may crash when a user first launches it. Make sure your app requests permission to track sometime before tracking occurs. This could be at first launch or when using certain features in your app. For example, when signing on with a third-party SSO.
Sample Code:
[ATTrackingManager
requestTrackingAuthorizationWithCompletionHandler:^(ATTrackingManagerAuthorizationStatus
status) {
if (status == ATTrackingManagerAuthorizationStatusDenied) {
//Logic when authorization status is denied
} else if (status == ATTrackingManagerAuthorizationStatusAuthorized) {
//Logic when authorization status is authorized
} else if (status == ATTrackingManagerAuthorizationStatusNotDetermined) {
//Logic when authorization status is unknown
} else if (status == ATTrackingManagerAuthorizationStatusRestricted) {
//Logic when authorization status is restricted
}
}];
IOS 14.5 Changes:
App Tracking Transparency: Developers are now required to ask and receive permission to track users across different applications.
Workarounds:Using MMP’s probabilistic matching (with the help of IP addresses), we can identify the user’s activity which is 95% accurate. This is also against Apple’s policy.
Privacy centric solutions such as identifying a cohort of users with similar interests.
The new iOS update will bring a lot of challenges for advertisers as they will lose some advertising data or target possibilities. We already know some possible workarounds to tackle this and minimize the effect. The data industry is continuously upgrading in terms of privacy and the use of data.
Organizations need to adapt to this change. It’s always wise to be one step ahead of the competition.