iOS 17 Is Here: Should Marketers and Digital Advertisers Be Scared?
By Lindsay Munn
In a world of ever-changing technology, marketers need to constantly stay on their toes. After all, a previous iOS update essentially made the email open rate metric obsolete, leading to email marketers scrambling to find new ways to measure impact.
And now, a new iOS update just hit, which has marketers and digital advertisers wondering whether they need to scramble once again to adapt their strategies.
But before we dive into the details of the update, here’s a quick TL;DR of the impact of iOS 17:
- iOS 17 increases privacy for users of Apple Mail, iMessage, and Safari by stripping certain URL parameters used to track and identify users. This is raising concern among marketers due to the widespread adoption of these Apple applications.
- The current impact on email and SMS marketing is negligible because most email and SMS marketing platforms use a redirector, which mitigates the removal of those URL parameters (except when Safari is used in private mode).
- Digital advertising will feel an impact since tracking/user ID parameters are removed when users browse Safari in private mode. However, the scope of this impact is less concerning because fewer users are browsing Safari in private mode.
- Privacy will continue to be a focus in the digital world and technology will offer more enhanced privacy features. Marketers should focus on shifting to a zero- and first-party data strategy to build up customer data profiles to fuel personalization and retargeting.
When Was iOS 17 Released?
iOS 17 was officially released in September, and Apple has already released two subsequent updates to fix bugs. Adoption will grow over time — the adoption rate is expected to be 90% of Apple users by the end of Q1 2024.
The Privacy Predicament
Privacy: as consumers, we want more of it; but as marketers, we know it can make it more difficult to reach customers when major players like Apple increase privacy protection with updates like iOS 17.
And, we want to respect our customers’ right to privacy while still hitting our professional goals and the business targets of our brand. If you’re finding yourself in this current marketing predicament, you’re not alone. Keep reading for:
- A plain language account of what is happening with iOS 17
- Impacts on email and SMS marketing
- Ripple effects on digital advertising and other use cases
- Images that explain the technical stuff to share with your network
- Takeaways to evolve your data and marketing strategy
What Are the Privacy-Enhancing Features of iOS 17?
iOS 17 includes link tracking protection (LTP), which prevents certain tracking data from being captured and tied back to individuals, effectively making it more difficult to know who customers are and what they’re doing on your site.
This means that valuable customer behavioral data contained in post-click browsing sessions (e.g., items viewed, cart updates, etc.) may not always be tied to the individual customer. This data is often used by marketers to fuel personalization and product recommendations.
This also means that when a user is browsing Safari in private mode, the parameters that identify this user are being removed in iOS 17, so data being passed to the advertising platforms is being anonymized. This has larger implications that we’ll discuss later.
How Will iOS 17 Impact Email and SMS Marketing?
First, it’s important to establish how far-reaching the impact of iOS 17 can be:
- iMessage accounts for about 17% of the market in the United States
- Safari is the second most popular browser with 19.85% of the browser market share worldwide
- Apple has 57% of the market share for email clients — the largest piece of the pie
When a user opens a link from Apple mail or iMessage, LTP removes certain tracking parameters from URLs. Most of the parameters being removed are known tracking tags from marketing platforms (e.g., Google, Facebook, HubSpot, Adobe, etc.). LTP happens automatically when Safari is used in private mode and as an opt-in for default browsing mode. Based on our testing, the use of redirectors, UTM parameters, or custom user ID parameters mitigates data loss and parameters remain intact in most cases.
How Will iOS 17 Affect Digital Advertising on Google and Meta?
The impact of iOS 17 on digital advertising for top platforms like Google and Meta could affect what ads users see online, depending on how users access the platforms where ads are shown. Because most users are shown social media ads when using the native application (e.g., Facebook, Instagram, etc.), those journeys will not be impacted, which means attribution data is largely unaffected.
If users are visiting social media platforms in private mode on Safari, then some identifying parameters will be removed. But this is much less likely from a user behavior perspective — how often does someone go to Safari to then go to Facebook?
But when customers go to Google on Safari in private mode and do a basic search for products, this is where we start to see some impact. And let’s be clear on our stance here — if a user is browsing in private mode, then we absolutely want to respect that right. But we need to understand what’s happening so we can adapt our marketing strategy. Let’s look at an example.
What Parameters Does iOS 17 Strip From Digital Advertising in Safari Private Mode?
In a pre-iOS 17 world, we would open Safari and search “coconut water” to return a basic list of products:
When we clicked on the first product ad, we get a URL with a bunch of parameters, some of which are tracking parameters:
Here’s the full URL for reference: https://www.auchan.fr/vita-coco-eau-de-coco-pure/pr-C1181612?source=google&medium=sea&utm_campaign=19691482719&term=&custparamtrafic=19691482719--&qt_id=qid_gad_c19691482719_g_a&gclid=EAIaIQobChMIpNaUjq3NgQMVHYtQBh32_AbFEAQYASABEgI06fD_BwE&gclsrc=aw.ds
In this post-iOS 17 world, the bolded portion of this URL is being stripped, effectively removing the Google tracking tag that identifies the customer.
What Does This Mean?
When iOS 17 strips the gclid parameter, it means the marketer no longer captures the granular data contained in it. The only data they capture is the campaign data they can get from UTMs. According to Google, the following report dimensions require use of the gclid parameter:
- Google Ads account name
- Google Ads ad group ID
- Google Ads ad group name
- Google Ads ad network type
- Google Ads customer ID
- Google Ads keyword text
- Google Ads query
So, the marketer can evaluate performance of a campaign (as that is tracked with utm_campaign), but evaluating performance of an ad group or a search query will become very complicated.
The situation is similar for the fbclid parameter and Facebook reporting.
Long-Term Implications for Digital Advertising
Other implications of iOS 17 on digital advertising deal with what data is being fed to the AI-powered algorithms that fuel ad relevance. The customer will no longer see ads that are relevant, personalized, or based on their individual digital activities. This is because the specific user ID is being removed and the ad platforms are being fed anonymized data about the user when Safari is being used in private mode. However, most customers are willing to trade a personalized experience for their privacy.
Longer term, there could also be implications from “dumbing down” the algorithm with anonymized data and not training the AI on the specificity of each user. This could impact other aspects of advertising, such as lookalike audiences, manual bidding, auto bidding, optimization, dynamic creative testing, Advantage+ shopping campaigns, A/B testing email subject lines, and more.
So, iOS 17 may not affect the big picture of attribution with digital advertising — you’ll still know which advertising platforms are generating various percentages of revenue from your UTM parameters. But, it could affect the ability to market to the right audiences because the user ID data is being removed in some cases.
If you enjoy listening to podcasts while you work, check out this 20-minute roundtable discussion among panelists from different tech companies for a deeper dive on the potential digital advertising implications of iOS 17.
Diving Into the Techy Stuff
Bloomreach Product Manager Peter Jakus ran a series of tests on the iOS 17 developer beta version to see how it reacted to four types of parameters. The full breakdown of his testing approach, findings, and results are detailed in this article.
Others across the internet have been running similar tests to see how iOS 17 behaves in various scenarios. Below are summary images of some of these tests to show what happens to URL parameters.
Using a Redirector in Apple Mail and iMessage
When a user clicks on a link in Apple Mail or iMessage that uses a redirector and is using Safari in private mode, the affected parameters are removed:
When a user clicks on a link in Apple Mail or iMessage that uses a redirector, but does not have private mode on, all parameters remain intact:
Not Using a Redirector in Apple Mail and iMessage
Now let’s see what happens without a redirector. When a user clicks on a full URL in Apple Mail or iMessage (no redirector) using Safari in private mode, the affected parameters are removed:
When a user clicks on a full URL in Apple Mail or iMessage (no redirector) and does not have private mode on, the affected parameters are removed:
Copying and Pasting a Link Into Safari in Private Browsing Mode
What about browsing? When a user copies and pastes a full URL into Safari using private browsing mode, the affected parameters are removed:
When a link that uses a redirector is copied and pasted, all parameters remain intact:
Copying and Pasting a Link Into Safari (Not Using Private Browsing Mode)
What happens to copied/pasted links when just browsing in Safari (no private mode)? When a user copies and pastes a full URL into Safari, all parameters remain intact:
When a link that uses a redirector is copied/pasted, all parameters remain intact:
Sharing a Link to Destination of Choice
What about sharing a link while browsing Safari? When a user taps the “share” function to share a link to a destination of their choice using a redirector, all parameters remain intact:
However, when a user shares a full URL without using a redirector, the affected parameters are removed:
These results are true both for private browsing mode and regular browsing mode in Safari.
What About Other Shopify Apps That I Use?
So, as you can see from the testing, iOS 17 has minimal impact if you always use a redirector. But this probably leaves you wondering: How do I know if my platforms are using a redirector? Are other apps impacted in some way? We’ve compiled a short list of the top applications used by Shopify brands below for reference.
The Impact of iOS 17 on Popular Shopify Apps
Other Impacted Parameters and Vendors
Here is a list of vendors that are likely to be affected, as tested by developer Corey Underwood.
The Bigger Picture Indicated by iOS 17 Privacy Enhancements
What’s becoming increasingly clear with recent updates (iOS 14, 15, and 16) is that personal privacy online and consent management are top priorities, and brands must develop marketing strategies to respect that right to privacy. Technology providers will continue iterating on, improving, and enhancing features that help customers keep their personal data private and choose when/where they want to share certain details with companies.
You could take a short-sighted approach and figure out workarounds to circumvent features that strip tracking parameters. Or, you can work on developing a more long-term strategy that respects privacy, while still creating world-class personalized marketing campaigns. Our opinion? It’s time to evolve and get creative.
How To Evolve Your Marketing Strategy
Rethinking how you deliver high-quality marketing programs that are personalized and tailor-made to your customers starts by moving away from third-party data. Once you free yourself from third-party data reliance, you’re in a position to overhaul your entire approach to not only marketing, but to the interactions you have with customers. Here are some ways to move away from transactions into more meaningful customer relationships:
- Focus on zero- and first-party data collection. Not sure of the difference? Read up on it here. Leverage tools like surveys, polls, and preference questions for SMS campaigns to collect key data points that build up customer profiles. Marry that with the behavioral data you have from their interactions with your site (e.g., views, cart-adds, purchases, etc.) and then roll out small-batch campaigns that are hyper-personalized based on what your customers want, need, and like. Use AI to help you use the customer data that you have to predict what customers want to see from your brand.
- Think small. Even though your distribution lists may feel tiny compared to previous campaigns, if you’re hyper-targeting and personalizing your offers to engaged customers, the results will be greater. Be very specific when asking for consent (e.g., a newsletter sign-up is not a full consent for all email behavioral tracking). Be very selective with email campaigns so that you’re sending fewer, but better quality emails. And above all, test, test, test — see what customers engage with most and iterate and improve on those ideas.
- Increase the value you deliver to your customers when asking for personal information and give them reasons to want to be identified. Asking customers for their data and then blasting them with generic promotions they don’t care about is only going to drive unsubscribe rates up. Think about how you can improve customer experiences post-login to make customers want to create an account (e.g., saved browsing history, wish lists, discounts, etc.). Make them want to be known to your brand because the value they get back is worth the trade-off for sharing their data.
- Use technology to mitigate collateral damage while still upholding privacy standards. For example:
- Use a redirector for all marketing channels (even in advertising), so when a customer clicks on a link to your site, you’re not inadvertently losing data.
- Integrate a conversion API for major ad networks. Bloomreach offers a Facebook Conversions API (FB CAPI) integration to send important events like purchases and leads to Facebook, which allows for better optimization of Facebook Ad campaigns than browser pixels. This integration removes reliance on browser pixels and URL parameters to track customer behavior and enables you to capture customer data directly on your site, in addition to offline and deep-funnel events.
- Use a consent management framework to let customers control the scope of their data that is sent to platforms instead of automatically sending enormous amounts of unnecessary data via cookies and pixels.
The Bottom Line on iOS 17
From what we can see with our testing of the iOS 17 beta version, the actual impact is minimal right now (if your email and SMS platforms use a redirector). However, if you haven’t already started to think about your zero- and first-party data strategy and began creating a modern marketing strategy that doesn’t rely on third-party data, this is your wake-up call.
Now is the time to start implementing a strategic approach to collecting and managing zero- and first-party customer data via owned channels, while also testing and evaluating new ways to reach customers that don't rely on tracking data.
Ultimately, iOS 17 is indicative of a trend in increased privacy for all of us online to protect us from bad actors who exploit our data. Marketers should welcome these shifts that protect us all and afford us the opportunity to become better marketers.
Take your first steps in evolving your marketing strategy by exploring how an all-in-one solution like Bloomreach can help you personalize your campaigns while still respecting customer privacy.