Marketing and Data Science in the Post-Tracking Age
We look at the alternative marketing frameworks rooted in data science that are posed to counteract Apple’s cross-domain tracking regulation.
In the wake of the Cambridge Analytica scandal, the volume of organized public complaint over third-party tracking has outgrown governmental complacence on the topic, with new measures set to all but eviscerate user tracking. Let's take a look at the alternative frameworks currently in development, how FAANG has been drawn into both sides of the debate regarding big data privacy, and what available user data may be left on the table in a post-tracking era.
User-Profiling Across Domains
Cross-domain tracking is the practice of collating information about a specific user from a variety of different websites, apps and interfaces, in order to build up a profile of the user that's more complete than any one site or app would be likely to yield.
Historically, this has occurred through the use of 'third-party' cookies — long-term hidden browser preferences that follow the user across a number of websites and report back interaction data from each domain to a central processing framework that also receives information from other sources.
The method is arguably too effective: headlines over the last ten years have decried the intrusiveness of ads that exploited gender issues1; disclosed pregnancies2; advertised funeral services to the just-bereaved3; and that apparently eavesdrop on users' conversations in order to serve them apposite ads4 (against denials from the software creators5), and even track their offline activity6.
The Fall of Cross-Domain Tracking
In June of 2020, Apple announced that from 'early spring' of 2021, iOS-installed apps would need to explicitly seek permission to track user activity across other apps and websites via its Identifier for Advertisers (IDFA) functionality7.
Until now, apps have enjoyed access to a far wider range of user activity data than is indicated in the new default iOS app-tracking permissions dialogue, and the change has led to an aggressive and sustained campaign of protest and resistance from Facebook8, among other industry leaders in online advertising.
In March 2020, the WebKit browser engine that powers Apple's Safari browser announced that it would finalize its long campaign against third-party cookies by blocking them outright9 stealing a march on Google's Chrome browser, which will not block third-party cookies until 'some time' in 202210.
Meanwhile, in February 2021 Firefox implemented 'Total Cookie Protection'11, preventing any level of cookies (not just third-party cookies) from being tracked across domains, following up on earlier changes in its network architecture designed to completely prevent cross-domain tracking by other methods12.
With its advertising business model threatened, Google has proposed an alternative system called FLoC (Federated Learning of Cohorts, see below)13, that aggregates users into demographic categories without targeting them directly.
TikTok, among many other data-hungry social media ecostructures, is also looking into subverting the iOS app-tracking blockade, though details are scarce14.
Besides urging demographically valuable iOS users to opt in to tracking15, and attempting to frame these innovations as an attack on small businesses16, it's unclear yet if Facebook will likewise respond with alternative tracking approaches.
SKAdNetwork: Apple's Cross-Platform Ad Click Tracking
When Apple began to prohibit or limit the use of third-party cookies with Intelligent Tracking Prevention in 2019, WebKit, the upstream open-source browser for Apple's Safari, began to implement an alternative tracking method, Ad Click Attribution17, via the SKAdNetwork SDK.
Ad Click Attribution is effectively a 'firewall' for user data, wherein a limited amount of data reporting on the user is allowed, and semi-anonymized cross-tracking permitted so long as the nodes in the event path are sites that the user actually visits.
A rudimentary conversion funnel can be delivered to advertisers, without specifying the user: