Link Tracking Protection in iOS 17 & macOS Sonoma: Challenging Times for Digital Marketing Teams

What specifically do iOS 17 and macOS Sonoma change that affects online marketers and ad tracking?

These new versions of iOS and macOS update how Apple treats two things:

1. Known tracking resources in Private Browsing in Safari on iOS and MacOS (e.g., browser fingerprinting technology)

2. Marketing URL parameters that you encounter in two cases:

   • On links you share from Messages and Mail (e.g., you use Apple’s ‘share’ functionality to share a link you received in Messages, and the link has a tracking parameter on it like ?clickId=d77_62jkls. Those parameters are removed on sharing.)

   • On links encountered while browsing when browsing in Private Browsing in Safari on iOS or MacOS. (e.g., you’re browsing the web in Private Browsing mode and land on a page with a URL like https://www.example.com/produc...?clickId=d77_62jkls. Link Tracking Protection in Safari Private Browsing will strip that clickID parameter.)

Out of the gate, depending on how many of your customers use Private Browsing in Safari during their customer journey, this likely won’t significantly impact your marketing analytics, tracking, or reporting in 2023.

But down the road, this might significantly impact your online marketing and how marketers track and report on their advertising campaigns.

There are two upcoming iOS 17 changes that require paying close attention.

Change #1: Link Tracking Protection (in Mail, Messages, and Safari Private Browsing)

Link Tracking Protection is a new feature automatically activated in Mail, Messages, and Safari in Private Browsing mode. It detects user-identifiable tracking parameters in link URLs and automatically removes them when you encounter them (like gclid=...).

With iOS 17, Safari will automatically detect which parts of the URL are identifying and remove only those parts, leaving the rest of the URL intact so you can access the web page you intended to visit. This process happens transparently during browser navigation in Safari Private Browsing mode and links that the user clicks on from the Mail and Messages app.

This change is a pretty big deal! Here is a 38-second excerpt from the WWDC2023 announcement video talking about this new privacy feature (“What’s new in privacy – WWDC2023”).

And here is an excerpted quote from Craig Federighi from a Fast Company article published in June of 2023, where he mentions these changes. (Craig Federighi is the Senior Vice President of Software Engineering at Apple and oversees the development of iOS and macOS).

These changes are a big deal because they will affect how marketers track contacts, visitors, and customers using URL parameters with user-level tracking information.

But these iOS 17 changes aren’t an apocalyptic issue. (At least, not yet.)

If you’re using URL tracking in most CRMs or Marketing Automation Systems (like SFDC Marketing Cloud , Klaviyo, or Hubspot), they have the URL parameters AFTER the click, not before them.

What parameters does Link Tracking Protection remove?

Jesse Hanley, the founder of the email marketing and automation software Bento, shared this about the iOS 17 changes:

Steve at Word to the Wise did a great experiment testing iOS click tracking with known parameters. You should go read Steve’s article, it’s a great resource for the community. (Thank you, Steve!) Here is a screenshot of the table of parameters Steve tested and the resulting action from Link Tracking Protection in iOS 17. (tl;dr: UTMs don’t seem to be stripped and parameters like fbclid and gclid are stripped from URLs.)

Steve has an additional finding about when/where the Link Tracking Protection URL stripping seems to take place. Go check out his article.

Change #2: Fingerprint blocking and other added protections (Safari Private Browsing)

Private browsing mode prevents known tracking and fingerprinting resources from being loaded.

Over to Webkit in their announcement post “News from WWDC2023.” In the “Browser Changes” section, they share this additional information: Safari Private Browsing

In Safari 17, Private Browsing gets even more private with added protection against some of the most advanced techniques used to track you. Technical changes include:

1. Adding blocking for known trackers and fingerprinting.

2. Adding support for mitigating trackers that map subdomains to third-party IP addresses.

3. Adding blocking for known tracking query parameters in links.

4. Adding noise to fingerprintable web APIs.

5. Adding console log messages when blocking requests to known trackers.

6. Adding support for blocking trackers that use third-party CNAME cloaking.

7. Adding support for Private Click Measurement for direct response advertising, similar to how it works for in-app direct response advertising.

Changes #1-4 and #6 of that list impact digital marketers.

These changes are a big deal if your site loads known tracking and fingerprinting resources (scripts or subdomains), query parameters (covered in the above section on Link Tracking Protection), fingerprintable web APIs, or trackers that use third-party CNAME cloaking.

With these changes, front-end fingerprinting technology will likely be worthless going forward, so you’ll want to ensure your marketing analytics and reporting tooling offers server-side fingerprinting.

Now, Safari has had tracking and fingerprinting protection for years. That protection has been dialed up in this latest release.

The only genuinely new Safari privacy feature announced at WWDC2023 (as we understand it) is that Safari automatically removes tracking from URLs in Private Browsing mode.

How should marketers react and adapt to these iOS 17 changes?

First, these Safari privacy changes are only for Safari Private Browsing mode. Link Tracking Protection is only for links shared from Mail, Messages, or Safari Private Browsing mode or encountered in Safari Private Browsing mode.

iOS and macOS Sonoma are bringing impactful changes, but they’re limited to a small slice of Safari’s users (for now).

Knowing Apple and its focus on customer protection and privacy, it’s likely that these changes will expand outside of Safari’s Private Browsing or into other parts of the Apple ecosystem at some future date and iOS/macOS release.

Apple has recommended a way that the community should adapt to these changes (Private Click Measurement, more on that below), and the advertising/marketing community has also shared a few ideas on how to overcome these challenges. We’re capturing a sampling of these below.

Solution #1: Use a people first marketing reporting tool like Looker Studio, SegMetrics, or TripleWhale.

Unlike the web-first tracking solutions from “the other guys,” tools like these track people-first by using API connections to company ESP/CRM platforms.

That means marketing tracking technology centers around collecting your data using native integrations with your marketing tooling (like your CRMs and advertising, email marketing, and payment platforms).

That means that where web-only or web-first tracking solutions will struggle with these iOS 17 changes, these tools will continue to excel by providing you with comprehensive insights into your customers and their journeys through your funnels.

Solution #2: Use more tagging in your CRM/Email Platform to track and understand your customers’ journeys.

With your emails, you can tag people based on when they’re opening and what they’re clicking on, and use that information to better understand how your customers are behaving.

Solution #3: Use Apple’s Private Click Measurement Technology to understand campaign success without tracking user-level information.

Apple has a method for advertisers to measure campaign success without tracking user-level information: Private Click Measurement ad attribution.

Private Click Measurement allows advertisers to track ad campaign conversion metrics but does not reveal individual user activity. Private Click Measurement is an in-progress standard. Here is how PCM visualized their approach to web-to-web click measurement.

Solution #4: You’ll just see the URL parameters renamed to evade Link Tracking Protection detection.

Imagine a world where popular advertising platforms that use tracking parameters allow you, the user, to rename them to something custom.

So, for example, if the tracking platform’s parameter is ?clickid=..., as a user on the platform, you might be able to rename that to ?adgihdgt=... (or something sneaky like ?fname=...) bypassing immediate detection.

Solution #5: You’ll see the parameters incorporated into the URL path or included in some other way that’s difficult for browsers to remove.

We might see online marketers move to more ‘opaque’ URLs that don’t communicate where you’ll end up once you click the link, but that preserve parameters.

Marketers might start to use a single encoded parameter (a marketing ‘blob’) in their URLs instead of URL parameters. Then the receiving server could decode that URL ‘blob’ and ingest all relevant details. Instead of http://example.com/page/?track..., it’ll become something like http://example.com/d89y3tounwb....

In fact, Facebook already used this approach to circumvent Firefox’s “query Parameter Stripping” (privacy protection in the Firefox browser similar to Link Tracking Protection in Safari).

In 2022, this Reddit thread noted that instead of using the standard FB URL parameter that we all know (?fbclid=), Facebook started using pretty URLs with a tracking blob at the end, like so:

This ‘blob’ approach could be how many marketers adapt, stuffing the relevant tracking/non-tracking parameters into an encoded blob that Apple can’t decode.

It takes some server-side development time/effort/resources, but you can use this approach to route around the disappearance of URL parameters.

However, in some of the iOS 17-focused discussions, a commenter on HackerNews (AltairPrime) raised this point:

Historical patterns with Mail.app on iOS suggests that Apple will simply code something that fetches all such links in order to collect a preview, whether or not the preview is ever shown to the user, just as they do with Mail.app images today when iCloud Private Relay is enabled. At which point the tracking value becomes less than zero because it pollutes the core dataset attribution of “a human saw this.”

That does make sense as a counter-move from Apple.

If Apple starts to fetch + render ‘blobbed’ links, a lot of noise will get mixed into that tracking data, making this approach pretty worthless for marketers.

The Inevitable Solution #6: “This will turn into an arms race between Apple’s blacklists and advertisers working to escape the blacklists.”

As marketers adapt to these changes, Apple will, in turn, adapt, and what used to work to bypass/route around Link Tracking Protection will no longer work. The more people that know about Link Tracking Protection and work to circumvent it, the harder it will become to circumvent.

Frequently Asked Questions About Link Tracking Protection

Q: Is Link Tracking Protection this the end of UTM tracking?

Most likely not.

These changes — at this time — are only in URLs encountered while in the Private Browsing mode of Safari and links shared from Messages and Mail.

It’s doubtful that Apple would want to break/remove UTM tracking altogether, as that would break a fundamental part of web technology that’s been there since 2000.

Removing UTMs would also just be removing what has become a standard practice/feature of online marketing and likely would just be replaced by a bunch of different tags that do the same feature.

And from Steve’s testing on Word to the Wise, it seems that Apple is not stripping UTM parameters.

Q: How will Link Tracking Protection differentiate between parameters that are necessary for an app/website vs tracking queries?

Right now, we (the community) don’t know.

Apple likely has a safelist of known safe parameters that they won’t discard (e.g., /search?q=random, /watch?v=iI8K-OccmPY, /store?productid=1234, /checkout?coupon=save20percent).

Apple will likely have a known list of not-safe tracking parameters that they will discard (e.g., ?fbclid=…).

From initial testing of the iOS 17 beta (and public comments like what Craig F. said in that Fast Company article), it appears that this does only strip tracking parameters that are focused on tracking individual actions, though how Apple is deciding which are the ‘good’ parameters and which aren’t good is anyone’s guess.

We can see something like that with the testing that Steve did at Word to the Wise.

Q: Do these changes affect all Safari users?!

Nope.

Right now, these privacy changes only affect Safari Private Browsing users on the public betas of iOS 17 and macOS Sonoma. However, you can toggle these protections on for all browsing in Safari. Just go to Settings → Safari → Advanced → Advanced Tracking and Fingerprinting Protection → All Browsing in the iOS 17 public beta to toggle that on for all of your browsing.

Knowing Apple and the Webkit team’s focus on privacy, we suspect it is only a matter of time until some/all of these privacy-focused changes make their way to other parts of Safari in a future iOS or macOS release.

Q: Are these changes rolling out right now?

Slowly.

These changes are currently in the betas for iOS 17 and macOS Sonoma. These are rolling out to the public across 2023.

• iOS 17 is currently in public beta and slated for release in mid-September 2023.

• macOS Sonoma is currently in a developer/public beta and is slated for release in late 2023.

People in the beta reported that Link Tracking Protection isn’t highly featured, likely making it similar to Apple’s Mail Privacy Protection: they announced it, but it wasn’t quite ready for the full rollout and appeared over time. Link Tracking Protection may roll out over 2023 in a similar fashion.

What should I do now that I know the latest information about the iOS 17 privacy changes?

First, don’t panic. This level of privacy protection is likely the direction Apple is moving, but the sky isn’t falling for now.

Second, you’ll be able to continue to track and report on your customer journeys as long as your marketing analytics and reporting tooling support features like server-side fingerprinting or native CRM integrations. But you may have a challenging time if your reporting tool is web-only or web-first (those web-first tools seem to be the tools that these privacy changes impact the most).