ITP2.1 and the Future of Data as We Know It

In February, Apple released ITP2.1, the latest iteration of its intelligent tracking prevention technology integrated into the widely used Safari browser. First released in 2017, the technology aims to reduce the ability of ad tech providers, and by extension marketers, to track consumers around the web. This latest version of ITP accomplishes that goal by restricting the use of first-party cookies as well as the third party cookies restricted by previous versions. That’s bound to create challenges for digital marketers who rely on user tracking via various AdTech platforms and vendors, but it also has larger implications. ITP2.1 comes at a time of significant change for the Digital Advertising industry as governments and regulators have rolled out a variety of reforms and initiatives aimed to increase consumer privacy and security. It’s an admirable goal, but it also sets the stage for major changes to the way digital marketers can operate.

ITP2.1 up Close: Crackdown on Cookies

The primary goal of ITP2.1 is to restrict the use of first-party cookies. Previous versions had tackled third-party cookies, which are seen by privacy advocates as more intrusive because they can be used to track users across multiple sites. They are also the primary tool by which marketers build customer profiles and retarget potential customers across the web. By contrast, first-party cookies are primarily used by marketers to understand how users navigate and interact with their own websites.

This latest update is actually designed to counter many of the workarounds and loopholes that have been used by vendors to maintain continuity around these important functions. One such workaround was the storing of third-party cookies as first-party cookies. To counteract this, ITP2.1 now limits the longevity of persistent first-party cookies to just seven days. While this does effectively eliminate the first-party cookie loophole, it also has some significant knock-on effects for Digital Marketing more broadly.

Limiting the lifespan of first-party cookies to just seven days is a significant adjustment to a piece of technology that much of modern Marketing relies on. Prior to ITP2.1, a Google Analytics cookie could be relied on for two years. Following the update, users that don’t revisit sites via Safari within seven days will look like new users, severely hampering the ability to map behavior for many. One likely outcome is the skewing of metrics for the measurement of unique users. Site visitors who do not return within seven days will be recorded as different individuals, which will, in turn, lead to duplication of unique users which could skew analytics results that marketers rely on to assess their audience and target potential consumers.

For marketers concerned about the overall impact of ITP2.1 there are a few easy ways to assess how big of an effect the new protocols will have on your organization. Take stock of how much of your traffic is coming from impacted browser versions. The new rules currently only apply to Safari 12.1 and iOS 12.1. We also suggest that you take stock of the average number of days between Safari user sessions. If the sessions fall more than seven days apart on average, then it’s likely that ITP2.1 will skew your returning user data.

The Big Picture of Data Regulation Worldwide

While short-term workarounds may provide some relief for marketers looking to continue with business as usual in the face of ITP2.1, the changes arrive against a backdrop of larger movements focused on data privacy and consumer security that are likely to force digital marketers to rethink some of their key tactics.

Last May, the European Union rolled out its General Data Protection Regulation, heavily curtailing the collection and use of personally identifiable data. The sweeping new rule, complete with heavy potential fines for violators, is seen by many as a template for future regulation of data privacy around the world. In the US, the California Consumer Privacy Act will go into effect in 2020, mandating similar cuts to personal data collection and utilization in one of the country’s largest markets.

With regulation and public sentiment both seemingly pointing toward changes, Marketing organizations are taking notice. A group of leading trade advocacy groups including The American Association of Advertising Agencies (the 4A’s), The Association of National Advertisers, The Digital Advertising Alliance, The Interactive Advertising Bureau, and the Network Advertising Initiative have formed “Americans for Privacy” — a lobbying group that aims to enact privacy regulations at the national level to avoid being subject to complex state-by-state regulation and to shape those regulations to the benefit of advertisers.

What’s Next for the Consumer Digital Experience

While policy movements and industry lead reform will play a major role in the immediate future, it’s equally clear that a lot of the changes to come will be driven by major tech providers. Much like Apple’s industry-shaping release of ITP2.1, it’s likely that browsers and server technology providers will play an increasingly large role in shaping the future of data privacy — these platforms will be the ultimate arbiters of how tracking systems can function since they host all of the activity.

Apple has recently begun testing the next iteration of Intelligent Tracking Prevention. While ITP2.2 still allows sites to track interactions using first-party cookies to attribute ads and measure traffic, the new protocol is likely to place further limitations on first-party cookies to prevent them from being used as a workaround. Apple has made it clear that they plan to close some of the loopholes associated with ITP2.1 including the practice of link decoration, which is commonly used to track referral sources but could be used to pass information to other sites. Meanwhile, Google has rolled out the latest version of its own anti-tracking privacy tools for Chrome. While less sweeping that Apples, these changes to Chrome will further restrict the function of third-party cookies.

Ultimately, while data availability may change as the push and pull of consumer privacy and technology continues, marketers still need to deliver meaningful experiences to connect with customers. The key is staying on top of the changes and using the tools and useful data available to ensure the customer remains at the center of their digital strategies.

Read more: 4 Tips for Scaling Your Event Programs in the GDPR Era