iOS 17 Feels Like iOS 14 All Over Again. What It Means for Growth Marketing…And Does It Matter Anymore?

Last week, buried under the news of WWDC, a single vague press release confirmed that Apple will continue its assault on user-level attribution. My first thought - what does this mean for advertisers? Quickly, my focus shifted to whether it even mattered anymore. We’ve seen this film before, and we know how it ends.

When Apple announced the deprecation of IDFA as part of iOS 14, I was leading Growth Marketing at the mobile streaming start-up Quibi. It was September 2020, and looking back now, I can compare the feeling around ATT at that time to the moment in Titanic when Jack and Rose first see that the ship hit the iceberg…a mix of confusion and naivety about the severity. We were pushing the ad platforms and our measurement vendors for solutions, while working closely with our product and engineering teams to figure out how our growth operations would work within the new constraints. We had several big questions: could we patch measurement gaps using server side events? What is SKAd and is it actually worth it? How do we keep running incrementality studies that rely on Google & Meta to allocate users into treatment & control groups?

Quibi unfortunately faced a grim fate and announced its shutdown in October 2020. In the midst of a terrible situation, I actually found solace in the fact that we no longer had to figure out these very serious iOS 14 challenges…that’s how bad it was. And since that summer, growth teams everywhere have been dealing with the universal pain of constantly changing privacy regulations. Last week, Apple once again piled on.

The 2 significant developments for advertising coming out of WWDC:

1. iOS Link Tracking Prevention will remove tracking parameters

If you’re in the ad platforms, you will know that “gclid” or “fbclid” are what you implement to track clicks and click-based conversions. It appears that these will be stripped away on iOS browsers. Remember that Chrome still owns the majority of web browsing activity, so there might not be a huge impact here, but if history tells us anything, it is possible other browsers may follow suit down the road. 

Meta’s Conversions API or “CAPI” also relies on the fbclid, so you can assume that CAPI will be heavily modeled for any event shallower than a purchase (think site visits and add-to-cart). Meta and Google are probably already spinning up some workarounds and ways to store their click IDs outside of UTMs, but it’s hard to imagine that Apple won’t eventually ax these approaches with more policy restrictions. 

Some are saying that UTMs are broken, but based on the screenshot in Apple’s documentation, broader campaign level UTM parameters should be ok and we’ve seen this confirmed on Twitter by advertisers who have tested it. 

A couple important caveats:

• This change is for private browsing right now, but it is possible it will extend to general safari release in the near future.
• The impact seems isolated to any KPIs shallower than a purchase. Purchase events should be ok given that users are volunteering PII such as their email address.

It’s worth pointing out that, aside from the press release and this article from 9to5 mac, there is currently no concrete documentation available, and even industry experts are debating over the impacts, with some saying that e-mail and SMS attribution are in trouble. If I’ve learned anything from iOS 14, it’s that this is largely a ‘wait and see’ game. 

2. Fingerprinting may now be enforceable.

‍Fingerprinting is commonly used in mobile advertising by companies who combine information about your browser, your network, your device, etc to identify you based on those characteristics. Fingerprinting is in violation of ATT, but it has been disguised by ad tech vendors using other names like ‘probabilistic attribution’ to describe it, and it was hard for Apple to enforce given that it’s happening not by the developers themselves, but by the SDKs placed in their apps by vendors and tech partners.

In Apple’s Privacy Manifests press release, they state “Apps referencing APIs that could potentially be used for fingerprinting — a practice that is prohibited on the App Store — will now be required to select an allowed reason for usage of the API and declare that usage in the privacy manifest.” 

This certainly seems like a fatal blow for fingerprinting, where Apple is now holding developers accountable for the behavior of their ad tech partners. Eric Seufert breaks this update down very clearly in my favorite blog (there is a paywall but it’s worth it). 

It may be a while before we know exactly how to interpret the press release, but marketing, product and legal teams will inevitably be taking a hard look at the SDKs running in their apps, given they are now on the hook for any bad behavior by their ad tech partners.

So what next?

My advice to marketers trying to navigate these changes: don’t find yourself on the deck of the Titanic. Spend your valuable time thinking through what your company and marketing team looks like in a world without user level tracking, and start preparing for that reality sooner than later. 

Privacy is only moving in one direction. It is no longer a good use of time for us to try unpacking what it all means. Instead we must start prioritizing more durable solutions. Seufert put it great in his blog post last week titled “Flying Blind”: The digital marketing ecosystem is very obviously moving into a permanent state of low visibility. Marketers must develop… marketing technology that provides both insights into performance and guidance on budget allocation without the transparency of deterministic identity.

Haus was born in 2021 out of the ashes of user level tracking. We are built for a future without deterministic identifiers. If you’re interested in learning more about how other teams are future proofing their measurement with experiments and econometric modeling, don’t hesitate to reach out.