Apple Releases New Policy Aimed at Preventing Online Web Tracking

Compliance, News

The WebKit Tracking Prevention Policy from Apple explains the anti-tracking methods the company has developed, and expands on what should be considered harmful methods.

While the world has woken up to the fact that companies have been tracking much of what users do online, the practice itself has been going on far longer than people are aware. Two years ago Apple released Intelligent Tracking Protection aimed at cutting back on the ability for tracking users web movements. The company has doubled down, now releasing the WebKit Tracking Prevention Policy in an attempt to educate others on how exactly Apple counters online tracking, and which policies are harmful to users.

The policy ultimately seeks not to eliminate cross-site tracking, but to allow for it in a way that doesn’t affect the privacy of users. As it stands, organizations track users across multiple sites in order to get information about the users habits. They use cookies, pixels, fingerprinting, and other methods to do so. In all, it measures how users move, what they view, what they watch, what they click on, and more. This information is collected and analyzed into profiles that let advertisers market to users based on what they do online.

For specifics, Apple released a detailed explanation:

WebKit will do its best to prevent all covert tracking, and all cross-site tracking (even when it’s not covert). These goals apply to all types of tracking listed above, as well as tracking techniques currently unknown to us.

If a particular tracking technique cannot be completely prevented without undue user harm, WebKit will limit the capability of using the technique. For example, limiting the time window for tracking or reducing the available bits of entropy — unique data points that may be used to identify a user or a user’s behavior.

If even limiting the capability of a technique is not possible without undue user harm, WebKit will ask for the user’s informed consent to potential tracking.

We consider certain user actions, such as logging in to multiple first party websites or apps using the same account, to be implied consent to identifying the user as having the same identity in these multiple places. However, such logins should require a user action and be noticeable by the user, not be invisible or hidden.

The problem for so long was that advertisers were doing so without the user knowing. Apple’s new policy seeks to put an end to covert tracking, and instead ask for users’ consent before allowing tracking. Apple is so serious that they’ve stated that advertisers trying to get around the anti-tracking tech will be treated the same as security vulnerabilities. It will restrict advertisers trying to be covert, and even some non-covert methods when it comes to cross-site tracking.

Ultimately this is a benefit to users seeking privacy, and a threat to organizations utilizing covert tracking methods. While only Apple’s Safari is using these methods now, such a public statement will force other browsers to respond. The age of covert tracking could be coming to an end – tech managers should start looking into other methods of researching customers and potential customers to get ready.

Source link


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.