Privacy Changes in iOS 14

Apple continues to take user privacy seriously

With the launch of iOS 14, a lot of privacy changes have been made to the iOS platform as Apple has emphasized on the need for a total and complete transparency for the user.

Checking for App Permissions

So for starters, when downloading an app, the App Store listing will show which permissions the app will request.

App developers will now have to declare the data they collect. This, of course, should give you more clarity over the information that apps might be slurping up in the background, and will give you the power to choose whether to download and use an app in the first place, as well as better manage its permissions.

Apps will need to receive permission from users in order to use the Identifier for Advertisers, the IDFA. To be clear, this is explicitly granting permission to track users across apps and services.

Straight from the documentation:
“Your app needs to request permission to track sometime before tracking occurs. This could be at first launch or when certain app features are used. For example, when signing on with a third-party SSO.”

Looking at the documentation for iOS 14, we can confirm that when the “Ask App Not To Track” button is clicked, the app will not be able to access the device’s IDFA, and receive the same value as if the “Limit Ad Tracking” mechanism is turned on. In short, until a user grants authorization, all identifiers will be zeroed out.

If you want to use the IDFA, a customizable. message can be added for example “App developers need to provide custom text, known as a usage description string, which is displayed as a system-permission alert request,”

The vast majority of people who see a message like the above are not going to opt in. When they see that a publisher wants permission to track them across apps and websites owned by other companies … forget about it.

Checking for IDFA status

Apple is deprecating the isAdvertisingTrackingEnabled function. In order to check if a user has actually enabled measurement, developers will need to check the AppTrackingTransparency framework.

Changes to SKAdNetwork

Apple has also made multiple changes to SKAdNetwork, the class that validates advertiser-driven app installations. We’re going to go in-depth on this in a follow-up blog post tomorrow — and a webinar — but here’s the quick overview:

1. Apple added timers, which likely means that the conversion notification won’t be immediate. This is probably a privacy-enhancing move.
2. Apple added a mechanism to update a conversion value. This may be an initial method to attach limited post-install KPIs to the conversion notification, which of course is crucial for optimizations.
3. Apple added Redownload/Reinstall support, which is always nice to know.
4. Apple added Source App ID to recognize the publishing app (this is huge because we can now facilitate publisher-level granularity).

There are quite a few more changes, but we’ll continue researching them and update on those later in our in-depth follow-up post.

The New App Privacy section

Later this year, your app’s App Store product pages will start to feature summaries of your self-reported privacy practices, plus a link to your privacy policy. That includes both data gather via the app that is used to track users elsewhere plus data that publishers might access outside the app and link to users’ profiles in the app. Example: purchases, web browsing history, location data, and other demographic information.