Apple has introduced a new privacy technology it is including in WebKit, the browser rendering engine used by Safari, one that enables online advertising to allow attribution for clicks to be passed along to marketers, but while at the same time preventing the user from being identified or profiled.
Online advertising heavily relies on being able to track a user's activities, such as if a user clicks on a banner on a website or an affiliate link before spending money at a specific outlet or on a certain product. In such cases, marketers need to confirm that a purchase was made in order to charge for the referral.
However, the continued fight to protect the privacy of the user goes against the aims of advertisers, with continued attempts to block information being distributed to produce a profile of a consumer, like with Safari's Intelligent Tracking Protection features, making such efforts difficult to accomplish.
In a blog post on Wednesday, the WebKit team advised of a new technology to "allow attribution of ad clicks on the web while preserving user privacy" called Privacy Preserving Ad Click Attribution. In effect, the technology makes it possible for a marketer to acknowledge a user bought an item following an ad click, but without providing much identifiable information about the user.
In normal tracking, the retailer could provide the search company or marketer a tracking pixel or another element in order to provide progress updates during the purchase process. This system in "browsers without appropriate privacy protections" would allow the search company or marketer to learn about the user's spending habits over time, including whether or not an ad was clicked, enabling a profile to be created.
Safari's Intelligent Tracking Prevention effectively limits how such cross-site tracking functions.
Apple believes there should be some principles to minimize the privacy-infringing tracking while still enabling attribution to take place. It suggests users should not be uniquely identified across websites for the purposes of ad click tracking, only visited websites should be involved in measuring ad clicks and conversions, the browser should work on behalf of the user to preserve privacy while reporting attribution, and the browser vendor should not learn about specific ad clicks or conversions.
Apple's technology uses the browser itself to log ad clicks, not leaving it to the advertiser
Under Apple's alternate Privacy Preserving Ad Click Attribution, the search page or the referring website should store the ad click, using two anchor elements advising of the destination of the click and the campaign ID. The click is not managed by a third-party, nor a retailer, just recorded by the referring site.
The second step is to "match conversions against stored ad clicks," namely checking for actions that would qualify for payment from the ad placement, like signing up for a service or buying an item. In the new system, the existing tracking pixels are used as a way to determine where the user has progressed to in the store's site, but only in providing data to the browser.
Parameters may be passed to the browser to indicate the location of the user in the monitored purchase or sign-up process, the time of day, value of the conversion, or some other relevant data. No details like names, addresses, or other sensitive data is stored.
The browser is also informed that attribution is required, who the marketer is, and other non-identifying parameters
The final step is for the browser to report to the search site or marketer the existence of the conversion. Once a conversion has been matched to a stored ad click by the browser, it then sets a timer at random between 24 hours and 48 hours to send a stateless POST request to the advertiser, passing along the ad campaign and the other parameters.
In effect, this would advise to the marketer someone clicked on an ad between 24 and 48 hours previously, clicking on an ad from a specific campaign that led to a specific website, and resulted in a conversion with some deemed value.
Once the POST request is sent, the stored ad click in the browser is consumed, and cannot be used again. The randomized delay effectively prevents "speculative profiling" by the advertiser, while the stateless POST prevents other data about the browser or the user's machine from being passed along.
Apple has included Privacy Preserving Ad Click Attribution in Safari Technology Preview 82+ for macOS, located within the Develop Menu under Experimental Features then Ad Click Attribution. A "Debug Mode" version is also offered for developers, which enables data logging as well as setting the delay to just one minute.