Apple is drawing a line in the sand around privacy.
Digital media networks are claiming that the release of iOS 11 will introduce the greatest threat to the Web as we know it. That’s because Apple is introducing strict new privacy protection in its mobile Safari browser on the iPhone. The update to Apple’s Safari browser prevents ad networks from effectively tracking your browsing history through the use of cross site tracking. According to this blog post by John Wilander on the WebKit.org (author’s note: WebKit is the open source code foundation for Apple’s Safari browser), the new intelligent tracking prevention features stops third-party sources (e.g.: major ad networks) from effectively creating a copy of your browsing history via tracking cookies stored on your device.
Here’s how John describes the process in his post: “Imagine a user who first browses example-products.com for a new gadget and later browses example-recipies.com for dinner ideas. If both these sites load resources from example-tracker.com and example-tracker.com has a cookie stored in the user’s browser, the owner of example-tracker.com has the ability to know that the user visited both the product website and the recipe website, what they did on those sites, what kind of web browser was used, et cetera. This is what’s called cross-site tracking and the cookie used by example-tracker.com is called a third-party cookie. In our testing we found popular websites with over 70 such trackers, all silently collecting data on users.”
While advertisers claim the process is benign, Apple deems the process overly intrusive, offering a data cache rich enough for any interested party to effectively reconstruct your complete browsing history. In the hands of a malicious entity, that information could surely be used to nefarious ends.
And the ad industry is living up to the term, “Mad Men.”
According to a sternly worded press release, penned jointly by a coalition of industry associations which includes the 4A's—American Advertising Federation, Association of National Advertisers, Data & Marketing Association, Interactive Advertising Bureau, and Network Advertising Alliance (hereafter referred to as the Industry)—the Apple update will effectively break the commercial Web. Or, at least, make it prohibitively difficult to monetize. In the joint press release, these industry groups assert they are “deeply concerned about the Safari 11 browser update that Apple plans to release, as it overrides and replaces existing user-controlled cookie preferences with Apple's own set of opaque and arbitrary standards for cookie handling.” Ultimately, they claim “Put simply, machine-driven cookie choices do not represent user choice; they represent browser-manufacturer choice.”
Did consumers ever really choose?
Running a company that makes its bread and butter crafting digital experiences, I can wholeheartedly and unquestionably agree there that browser cookie technology is fundamental to ensuring users have a seamless and personalized experience on the Web. But it is tough to agree with the industry’s position that the highly aggressive tracking and consumption of users’ effectively unfiltered browsing history was in any way a user choice that Apple is now violating.
I guarantee that if I was ever presented with any detailed terms of service outlining how, and what detail, my browsing history would be collected and reported back to third-party ad networks, I cannot remember the moment I accepted them. I would assume most users’ experience around that issue is similarly clouded by the fog of our myriad collective browsing experiences.
Is Apple overstepping their authority?
Put simply, I don’t think so. The company is, at its core, a purveyor of hardware and user experiences. If they deem the best user experience on their platform to be founded in a more conscientious protection of their users’ privacy, it’s difficult to see how their approach isn’t the smartest means to that end.
So, what is apple proposing? Again, the WebKit.org post describes it thus: “If the user has not interacted with example.com in the last 30 days, example.com website data and cookies are immediately purged and continue to be purged if new data is added.”
And, further, they simplified it into this easy-to-follow chart:
It seems the Industry would prefer that in the long run, with enough data-sharing and partnership agreements, everyone would be, by virtue of any number of unread terms of service, opted into everything, in perpetuity. It’s a convenient position in the short term, but one that ultimately, I believe, will lead to consumer backlash far less manageable in the long run than their current Apple problem.
Can’t we all just get along?
It may be tough to remember at this point, but we used to have a political system in the US where two conflicting parties would discuss an issue over which they differed and come to a compromise that was workable, even if both parties were slightly unsatisfied with the outcome. Ultimately this is where I think this issue should and will end up, in a compromise.
A day may be too short a time to allow tracking cookies to work their personalization magic in a way that satisfies the commerce needs of content providers and the ad networks that drive their revenue streams, but it’s hard to imagine a world where unlimited access to browsing histories doesn’t constitute a massive violation of privacy. In the end, it’s a question that needs to be resolved. Publicly. With open debate and full transparency for consumers. And when no interested party is fully satisfied with the outcome—Apple, the industry or consumers—we’ve probably derived the right solution.