On privacy protection and tracking

Since the introduction of ITP by Apple there have been continuous discussions in the industry on how to deal with it. ITP and other privacy protection initiatives limit how and what data can be collected in browsers. A big part of the discussion is on how to keep data collection going, as if ITP weren’t active. I think it is an interesting technical question and it is important to have good quality data. But I also think it’s missing an important point: ethics.

Ethics & privacy protection

Let’s go back in time a little bit. Back in June 2018, ITP started to seriously limit third-party cookie capabilities. As a result, some big tech vendors added an option to use first-party cookies instead of third-party cookies for their marketing tags. It was this change that prompted an interesting discussion with my colleague Gido Den Hartog:

So there is this development in privacy protection. And vendors provide a solution to circumvent that development. By implementing the solution we actively help those vendors circumvent the privacy protection initiative. Do we want to do that?

This is good food for discussions. And unsurprisingly, the next ITP update started impacting first-party cookies (including my beloved Google Analytics cookie). I saw this as a direct response to the move to the first-party cookies by some AdTech vendors.

How to deal with privacy protection

As I mentioned in my introduction, it is an interesting problem to solve: how can we circumvent privacy protection? But there is a more important question that should precede it. Before I pose this question, we should set the stage for what is actually happening here.

At a really high level, there are two indicators that tell you if you can track a user:

  • Consent: does a user give consent for being tracked?
  • Privacy protection: is there a form of privacy protection enabled by the user?

Let’s look at an overview of possible combinations here:

Scenario 1 Scenario 2 Scenario 3 Scenario 4
Consent No No Yes Yes
Privacy protection No Yes No Yes

The situation is straight forward when there is no consent (scenario 1 and 2). If a user gives consent for tracking, you can track them. If they don’t, you cannot track them. Scenario 3 also does not pose a problem: a user gives consent, and the user has no privacy protection enabled. As you may have guessed, the interesting scenario is scenario 4.

In scenario 4, you have consent for tracking, but the user also has privacy protection enabled. What will you do in this scenario? Before you decide, consider what reasons a user may have for using privacy protection features. Let’s take the iPhone as an example:

  • A user (like me) may use an iPhone because the user likes built-in privacy protection.
  • A user (like my mom) may use an iPhone because the user just likes the design of the phone.

Now in both scenarios the user will have a form of privacy protection enabled. But technically, there is no difference: both are iPhone users, and both have ITP. I also think some of the users accept any type of consent notice because they know privacy protection will protect them, regardless of their choice in a consent window.

When we move back to scenario 4, what will you do? You can circumvent the privacy protection, and you legally have all the right to do so as there is a legal consent. Or you can accept the fact that a user just does not want to be tracked, and accept that you will lose some of your data.

Ought before can

I’d like to end my post by referring to a good book on ethics: The Ethical Design Handbook. The book offers some good advice in ethics in digital experiences. One of them is ‘ought before can’. In other words: just because you can do something, does not mean you should.

So the question when handling privacy protection signals in browsers should be: should you circumvent an indication that a user does not want to be tracked? If your answer to that question is yes, you can start solving the interesting technical challenge.

Leave a Reply