Marketers needn’t worry about the demise of third-party cookie and mobile ad ID-based user tracking. It will accidentally make their digital campaigns better, argues Dr. Augustine Fou.
More and more privacy tsunamis are hitting ad tech island, and that’s a good thing for consumers who didn’t know their information was being harvested and sold by hundreds of ad tech companies.
All of this was done without their knowledge, consent, or recourse (e.g. if there were errors in the data). Apple’s privacy changes started years ago with the elimination of third-party cookies from the Safari browser in iOS 13.4, and now extends to IDFAs (device identifiers) in iOS 14.5, and email tracking pixels or IP addresses in iOS 15.
Google will also be eliminating third-party (3P) cookies from Chrome, its browser with a two-thirds market share. Google announced last week that 3P cookie deprecation has been pushed back from 2022 to late 2023.
Ad tech companies whose technologies rely on 3P cookies to track users across different websites will be most adversely affected. They are all scrambling to find ‘workarounds’ to these privacy protections.
Most of them are going to adopt some form of ‘fingerprinting’. Fingerprinting uses device and browser characteristics to uniquely identify devices, e.g. operating system, browser type and version, list of plugins and fonts, screen resolution, etc.
When enough of these parameters are collected and smashed together, ad tech companies can uniquely identify the user. Such ‘fingerprints’ are stored on servers. This means users cannot see them or delete them, like they could with cookies stored in browsers on their devices.
The key to fingerprinting
One of the key ingredients in fingerprinting is the IP address. This is because an iPhone 12 Pro Max on one IP address is different from an identical iPhone on a different IP address – think household cable modem IP address or wireless IP address on mobile networks.
The IP address plus device and browser characteristics allow ad tech companies to identify the user even without cookies going forward. This means they can continue to harvest data and use that data to target ads to those users. However, when Apple does away with access to IP addresses, fingerprinting by ad tech companies will become unreliable, i.e. they won’t be able to tell apart identical iPhones without IP addresses.
That said, even if the fingerprints are unreliable, ad tech companies will continue selling their ad targeting services because most marketers are not tech-savvy enough to ask, let alone conduct their own technical evaluations to see if targeting was working at all. If they did, they would have concluded long ago that ad tech targeting is not as effective as ad tech companies have claimed.
The inferences of “who they are and what they like” based on which websites users visited are notoriously bad, and targeting based on such data is equally bad. When fingerprints become unreliable, too, it will be bad user identification layered on top of bad targeting layered on top of bad data. Advertisers would be better off with “spray and pray” campaigns.