• Marketing
  • Privacy

Are Marketing Metrics Blinded by the Light?


The great twentieth century composer and iconoclast, Igor Stravinsky, said “To enjoy to the full the conquests of daring, we must demand that it operate in a pitiless light.” (Poetics of Music in the Form of Six Lessons, 1947). Digital marketers do not seem to agree. And the bright light shone upon adtech by another 20th century iconoclast – Apple Inc. – is roundly unwelcome.

The Apple iOS 14 release requires app developers to obtain consent before using the IDFA (Apple Identifier for Advertisers) to track users’ activities on the device and across the internet. While it is certainly not the first bit of light shone on the digital marketing space, it does brightly illuminate a space at the heart of consumer device-based interactions. In doing so, Apple has chosen to interrupt in a potently tactile way the previously all but invisible adtech system: a network that connects advertisers to consumers and provides the key metrics on which marketers rely to target ads, analyze outcomes, and assess spend.

The Apple identifier for advertisers (IDFA) is a unique code assigned to each device and allows advertisers to track and target users through the apps installed on their phone. (The Android equivalent of the IDFA is the AAID or android advertising identifier.) Both the Google AAID and Apple IDFA, while fixed, could be reset by the user (which creates a new ID), or turned off. Disabling the IDFA instructs the apps not to use the device ID: presumably sending the equivalent of sending an opt out signal to every app.

Apple’s Privacy by Design

On average, apps include six “trackers” from other companies, which have the sole purpose of collecting and tracking people and their personal information.1 Data collected by these trackers is pieced together, shared, aggregated, and monetized, fueling an industry valued at $227 billion per year.

— Apple Press Data Privacy Day Release, 2021

OS 14 represents what are for adtech two disruptive changes. Firstly, every app is required to ask permission to collect and share data. The user must opt in. A much stronger default position than providing an opt out mechanism like presented in the now ubiquitous “we use cookies” website banners. Secondly, to enable transparency and allow the consumer to opt in or out, every app must present a data information label – a data “Nutrition Label” as Apple calls them— that detail what data is collected, and for what purpose. [1]

“The new privacy nutrition label requires every app – including Apple’s – to give users an easy-to-view summary of the developer’s privacy practices.” And with Apple’s “next beta update, App Tracking Transparency will require apps to get the user’s permission before tracking their data across apps or websites owned by other companies” (Apple, 2021).

For a company famous for obsessing over a frictionless user experience this is a remarkable design change and perhaps speaks to the growing consumer interest in data privacy and consequent focus on consumer trust as a brand value.

Partial detail of Apple’s Nutrition Label for data privacy
Partial detail of Apple’s Nutrition Label [4]

How Disruptive Is The iOS 14 Nutrition Label?

But how disruptive to adtech is this change really? Afterall, you could always turn off the IDFA prior to this release.

This new Privacy by Design execution was anticipated to have significant impact on consumer behavior: Firstly, only the most tech savvy or privacy-attuned user would even be aware that the IDFA exists let alone drill down into the settings to disable it. Secondly, given this, most consumers would not opt out (via turning off the IDFA) as most did not know they could.

Thirdly, and most importantly, presented with the option to opt out (or more precisely, not opt in), the adtech industry is certain that many, if not most, consumers would choose not to opt in. Adtech understands that transparency does not work in favor of existing practices. Their concerns are not unfounded:

iOS mobile device with user opt in prompt for application privacy settings.
Apple’s cross-context data sharing opt in [4]

What I’ve been told…is that we are seeing extremely, extremely low opt-in rates associated with this binary opt-in choice, said [TripleLift General Counsel and Chief Privacy Officer Julia] Shullman. I think it’s sometimes sub-15%, if not 10%. It’s going to have a large impact on the ecosystem because we will have no way of doing measurements…

Chiavetta, 2020 (emphasis added)

The sum total of recent and prospective changes in what look to become data privacy norms – passage of the CPRA; Apple’s nutrition label; Google’s decision to deprecate the third-party cookie; Google’s sandbox experimentation with global privacy controls; Mozilla’s introduction of a new Total Cookie Protection feature which defeats cross-context behavioral advertising, to name a few – are, as marketing consultant Tim Hayden put it, “a seismic shift,” not just for adtech, but marketing writ large.

The level of this disruption to the advertising industry can be gauged by its response: “four online advertising lobby groups have filed an antitrust complaint against Apple in France — seeking to derail the privacy changes on competition grounds.” (Lomas, 2020)

How Much Data Is It?

They gather, sell, and hoard as much of your personal information as they can. The result is a data-industrial complex, where shadowy actors work to infiltrate the most intimate parts of your life and exploit whatever they can find — whether to sell you something, to radicalize your views, or worse.

—Apple Senior Vice President of Software Engineering, Craig Federighi (Lomas, 2020)

BGR calls it, a “terrifying amount” when describing how much data Facebook Messenger collects. iDROPNEWS describes Google’s iPhone Data Mining as “staggering,” and goes on to note that “The most troubling category is the “Other Data,” a catch-all for usages that Google is not ready to disclose.” (Hodgkins, 2021).

Apple is requiring developers to disclose data that includes personally identifiable data (keep in mind that when aggregated, even non-personal information can become attributable to an individual), “sensitive data,” [2] and tracking data: you can see a delineation of the information Apple is requiring developers disclose here. It certainly appears to be an exhaustive list.

That a list this comprehensive is not all-inclusive, is indeed “most troubling.” How much consumer data is there to be collected, aggregated, tracked, sold, pieced together, shared, and monetized in the martech/adtech ecosystem? Even under the light of Apple’s disclosure requirements the answer remains opaque. (Again, there is no verification that what is disclosed is accurate.)

Marketing Metrics Post Privacy

Between Google’s phasing out of third-party cookies and Apple’s iOS 14 privacy updates, there’s a lot on adtech companies’ plates and necessary adjustments are imminent. Both changes will call for organizations to rethink their ad tracking practices in a way that balances consumer privacy and business results.

This is easier said than done…

Duball, 2021

And right now, “nobody knows how many people will suddenly become unrecognizable at a granular level once Apple makes the change, so marketers are worried about spending wisely.” And the IDFA and AAID “are the backbone of those spending choices, powering ad targeting, retargeting, frequency capping, campaign measurement and attribution.” (Joseph, 2021)

But it is not all doom and gloom for marketers. While the ascendance of data privacy (welcomed by consumers), may indeed be a “seismic shift,” it is not a keening bell.

“Online ads and measurement of their effectiveness do not require Site A, where you clicked an ad, to learn that you purchased something on Site B. The only data needed for measurement is that someone who clicked an ad on Site A made a purchase on Site B” (Wilander, 2019, emphasis added) on Webkit.org. [3]

This approach preserves privacy, eliminates cross-site tracking (the “cross-context behavioral advertising” rejected by the CPRA), but still preserves the ability to measure online advertisement effectiveness.

And “Apple [continues to increase] the capabilities of its Ad attribution API, allowing for better click measurement, measurement of video conversions and also — and this is a big one for some cases — app-to-web conversions” (Ha and Panzarino, 2021).

This is not to say the change will be easy. Still, “We need to do more as an industry on giving users real transparency and, more importantly, real control around how data is used,” asserts Alex Cone, IAB Tech Lab Senior Director of Product Management to IAPP’s Duball.

The answer most often proffered is a transition to first-party data. However, as many protest, the first-party data playing field is not level. What big tech – who sit at the center of, and atop, the “data-industrial complex” – can define as first-party data is far different than what SMB’s can claim. (And what first-party data can a startup lay claim to?) This disparity (and the impact not only to privacy, but to markets themselves) has given rise to the concept of data monopolies.

While many challenges lie ahead, many that embrace privacy as a value are sanguine:

“We feel like we’re well prepared for these changes and frankly because these changes are in line with our privacy philosophy…” says Snap CEO Evan Spiegel. While the policy changes will impact their ability to “effectively measure and optimize advertising outside of Snapchat,” [(read third-party cookies) we plan] to provide advertisers with more opportunities to provide their products and services to Snap users directly through Snapchat” (read increased use of first-party cookies). (Bursztynsky, 2021.)

Fundamental principles always apply. It is the beauty of a free market systems (such as they are) that success is predicated on creating value for the consumer and that transactions are voluntary. And the value of privacy is appreciating at a significant rate and driving consumer spend. In fact, a Llewellyn Consulting study found that 32% of consumers will “change providers or stop using products or services as a direct result of data policies…. consumers see privacy as part of the brand which can translate into increasing your customer base by 50%.

As WireWheel CMO Camille Landau reminds “The thing to keep in mind is what is the goal? The goal is great customer experience. What are the elements of customer relationship we would like towards that goal? Then the technology should plug in.”

Given the shifts in consumer sentiment – and to be sure Google, Apple, and the regulators are following consumer sentiment – it is highly likely to prove out that there are more customers (and valuable metrics) to be found in the light, transparency, and trust of direct engagement, than the dark.

Manage your customers cookie and privacy setting with WireWheel’s Trust Access and Consent Center.

Request a Demo

[1] It should be noted that Apple does not verify either the accuracy of the app developer’s disclosure or whether or not they actually honor the user’s “opt out.” In fact, The Congressional Subcommittee Chair Jan Schakowsky (D-IL) wrote to Apple CEO Tim Cook urging review and improvement of Apple’s new App Privacy labels “in light of recent reports suggesting they are often misleading or inaccurate” (see here).

[2] The California Privacy Rights Act (“CPRA”) established a new category of data called “sensitive’ personal data that is perceived as requiring enhanced protections. Sensitive information under the CPRA includes such information as found on government IDs, financial, genetic, and geo-location information, and the contents of private communications.

[3] Webkit is the open source browser engine developed by Apple and used by Safari, iOS web browser, Mail, App Store, and many other apps on macOS, iOS, and Linux.

[4] Source: Apple iPhone Screenshots. apple.com