At its Keynote Conference WWDC 2018, Apple announced the release of Intelligent Tracking Prevention (ITP) 2.0. As you know, it might have a significant impact on the digital advertising industry. So, we’ve decided to create a status page for ITP to help you learn and track what’s happening around it.
‘Privacy is a Fundamental Human Right’ says the CEO of the world’s largest tech firm. Whether the firm is going to commit to the words of the CEO (read Timothy Cook) or not is still in question, as they’re planning to enter advertising soon. But let’s just say they are pretty serious about privacy.
Intelligent Tracking Prevention 2.0 is here.
Wait, what is Intelligent Tracking Prevention?
Intelligent Tracking Prevention, also known as ITP is the privacy feature developed by Webkit, an open source browser engine which is used by Safari, Mail, and many other Applications on macOS, iOS, and Linux.
ITP only affects Safari users, which amounts to 13.78% of the total browser usage and so yes, it’s being used by millions of users.
As you know, safari browsers block the third-party cookies by default and only allow the first-party cookies to be active. But first-party cookies can be used as trackers in some instances (not just for keeping you logged in, saving products in your cart, etc.). ITP focuses on the trackability of the first-party cookies to further protect the privacy of the users.
When the user visits a website, it cookies the user to deliver the better user experience. That’s a first party cookie and can also be used in third-party context (retargeting, personalized ads based on history).
In Safari, if the user hasn’t visited the website again within a day, cookies can only be used in the first-party context (Ex: Saving login credentials). In other words, if the cookies have had the ability to track the users across the web, it’s disabled.
Furthermore, publishers can’t send cookies to third-parties who are regarded as the trackers. Technically, retargeting can be done only for 24 hours in Safari.
worse, if the user hasn’t visited the website again in 30 days, cookies will be purged permanently.
How it affects publishers?
“Safari will now block sending cookies to third parties determined to be “trackers”. This will be highly disruptive to buyers, sellers, and technology platforms, given the role third-party cookies play in audience addressability, segmentation (and thus targeting and personalization), and measurement”
– IAB Tech Lab
Typically, publishers like you (as well as advertisers) rely on cookies to serve personalized ads. Without the cookies, publishers can only serve non-personalized ads and this, in turn, attracts depreciated CPMs.
What was the Adtech’s reaction?
The publishers who rely on programmatic advertising and safari users suffered varied losses.
IAB Tech Lab published a blog post UNDERSTANDING & REACTING TO APPLE’S SAFARI BROWSER TRACKING CHANGES to help publishers, buyers, and adtech vendors to deal with the issue.
Then, there was ITP 1.1
In ITP 1.0, machine learning classifier partitions the cookies of the website user haven’t visited in the last 24 hours. But, this also raised a concern.
For instance, when you embed Facebook’s Social Plugins on your site, the users can only like/comment if they have visited the facebook.com in the last 24 hours. Else, users have to go through additional confirmation screen to do the desired actions. If the users haven’t visited facebook.com in the last 30 days, then they have to log in again (even though they have never logged out of Facebook).
This may not sound like a big issue. Because of course, users who haven’t visited facebook.com in the last 24 hours are negligible*.
*This has raised a few more concerns that the ITP is further going to solidify the duopoly in the digital advertising industry.
But, it also affects third-party payment providers or video-subscription services. So, ITP 1.1 was released with a Storage Access API.
Storage Access API allows authenticated embeds which solves the problem we’ve discussed above.
Today – Intelligent Tracking Prevention (ITP) 2.0
This was the most recent update by WebKit and it removes the 24-hour window previously granted for first-party cookies to track users across the web.
It means as soon as the machine learning classifier predicts the domain with cross-site tracking capability, it partitions the cookies immediately. Authenticated embeds can get access to their first-party cookies with the help of Storage Access API provided that the user interacted with the embed.
This time, Facebook can’t track the users by default, just because of the embeds (social plugins). With the ITP 2.0, users will be given a pop-up as shown below:
“Safari works really hard to protect your privacy and this year it’s working even harder”
– Craig Federighi, Apple’s SVP of software engineering, WWDC Keynote 2018.
In addition, Safari browsers are going to detect and prevent first-party bouncers and fingerprinting techniques from tracking users across the web. Besides, it also downgrades the page URL to just origin for third-party request identified as trackers by ITP and which doesn’t receive any user interactions.
What’s the impact (so far)?
One of the largest digital advertising firm Criteo said ITP will cut its revenue by more than a fifth.
“We expect a range of companies are facing similar negative impacts from Apple’s Safari tracking changes. Moreover, we anticipate that Apple will retain ITP and evolve it over time as they see fit”
– Dennis Buchheim, General manager, IAB Tech Lab.
Dennis, General Manager of IAB Tech Lab also recommended the adtech to follow the IAB Tech Lab’s guidelines to manage the issue.
And, here are our guidelines.