Every fortnight or so we’ll bring you some technical updates that we hope you’ll find useful.
Today’s topics are an update on the most recent announcements from Apple following their WWDC event this week, how WebExtensions are standardising across the major browsers and we take a look at a recent proposal from the EU for an e-ID, which would be available to all EU citizens and businesses.
Recent Apple Announcements
Apple’s annual Worldwide Developer’s Conference was held this week with a raft of updates, mainly related to privacy features. These are all coming within iOS15, which is due to be released towards the end of Q3 2020.
See below for a curated list of the three announced features that we feel are most relevant, including some initial considerations:
iCloud Private Relay – will effectively act as a VPN by blocking access to the device IP address, location, and browsing activity. In a similar approach to Tor’s onion routing, web traffic is first sent to an Apple server which strips out the IP address. Secondly it’s then sent to a second server (maintained by a third-party operator) where a temporary IP address is assigned before being sent on to its final requested destination.
The feature is designed to obscure all online browsing habits from internet service providers, ad servers and other entities looking to create profiles based on gathered user information – resulting potentially in completely obscuring any device-level identities on Apple hardware useful for digital advertising. The granularity of geo-targeting will be seriously impacted, as will the reach and effectiveness of any targeting and/or measurement related to user enabled IDs. Our advice remains (as with the ATT-related limitations) to fully adopt and embrace the SKAdNetwork API and thoroughly test Apple’s Private Click Measurement attribution tool
Also worth noting that Apple are adhering to any variations in global regulations – and therefore will not be making this feature available in Belarus, China, Colombia, Egypt, Kazakhstan, Saudi Arabia, South Africa, Turkmenistan, Uganda and the Philippines.
Mail Privacy Protection – will prevent email senders (and marketers) from measuring if and when a user opens emails on an iPhone, iPad and Mac, and will also obfuscate the user location and IP address.
Email marketing and newsletter sponsorships opportunities will be affected as email senders will be less able to measure open rates and confidently purge email lists by recognising and removing any subscribers who don’t regularly open emails. Larger publishers may be comfortable keeping large numbers of dormant recipients on lists that never open emails, but smaller businesses may not.
Hide My Email – intends to reduce the volume of spam in email inboxes by enabling users to generate random email addresses whenever they complete online forms or sign up on websites, without having to provide a genuine email address.
This update will impact publisher strategies in how they initiate sign-ups and further mandates the implementation of improved authentication processes and a very clear value proposition for consumers.
WebExtensions Community Group
In an interesting development the four biggest browser have formed the WECG, to explore how browser vendors and other interested parties can work together to advance a common browser extension platform. The proposed scope of the project is:
An extensions model – the basic architecture of extensions and how the different pieces interrelate. This definition will include a description of the trust model, the differing trust between browsers and extensions and between extensions and web pages.
A permissions model – what sorts of powerful features extensions may access, and how extensions may request user consent to access them.
WebExtensions APIs – the interface extensions are built on.
A packaging format – including a manifest format and how extensions are localized.
Native Messaging – the API surface extensions use to exchange messages with native applications running on the host system.
The group will conduct all of its technical work in public, within the dedicated GitHub repositories (not in mailing list discussions). This will ensure that any contributions can be tracked through a software tool. However, the WECG are keen to not specify every aspect of the web extensions platform or existing implementations so as to ensure that browsers can keep innovating and shipping APIs that will serve as the basis for further improvement of the web extensions platform.
Other browser makers, extension developers and interested parties are also welcome to join this collaborative effort as well. It’ll be interesting to see how this collaborative project between these highly competitive applications progresses… and what results.
European Digital Identity Proposal
Last week the European Commission announced plans for a digital identity wallet, underpinned by a European Digital Identity, to be made available to all Europeans to more easily provide access to public and private services.
Governments are keen to allow consumers to verify their identity in an easy and secure manner, whilst also allowing them to control what information they may wish to share.
The announcement has clarified that the European Digital Identity will be:
- Available to anyone who wants to use it: Any EU citizen, resident, and business in the Union who would like to make use of the European Digital Identity will be able to do so.
- Widely usable: The European Digital Identity wallets will be usable widely as a way either to identify users or to prove certain personal attributes, for the purpose of access to public and private digital services across the Union.
- Users in control of their data: The European Digital Identity wallets will enable people to choose which aspects of their identity, data and certificates they share with third parties, and to keep track of such sharing. User control ensures that only information that needs to be shared will be shared.
The EU’s press release also states that “Very large platforms will be required to accept the use of European Digital Identity wallets upon request of the user”. This is a project worth keeping an eye on as it may set a precedence for what the ACCC are reviewing here and for our industry as we work towards trying to ensure that explicitly opted-in user-enabled IDs can support addressability capabilities for digital marketing moving forwards.