Understandably, there has been plenty of confusion and angst in the marketing community relating to Apple’s announcement of new privacy features in iOS 15, following WWDC. This is probably the moment when our industry makes it into the zeitgeist, and perhaps not for reasons you might be hoping. Users suddenly realize what is really happening when they read an email…
Actually, it’s good news! Consumers are becoming much more aware of the value of their attention and how much they give away when they interact with marketing on the internet, in whatever form. We believe that all users should have a choice on what they see, what data they expose, and who gets to see it. The initial responses to Apple’s announcement seemed to suggest that email was dead, again (how many times has it died already?). But now that the dust is settling, we see that it is a proportional and nuanced response to changing customer requirements and a wake-up call to email marketers, who now have to be much more intentional in how they target customers. Why should marketers expect to be able to track everything a user does without consent?
First, not all the new privacy protection is free. So, this means a substantial number of users will not see all features unless they pay for the iCloud+ plan, including:
Hide My Email: Apple allows users to create unique emails for each service they sign up for, making it difficult for cross-platform trackers to build a profile of a user.
Private Relay: The feature allows users to disable sharing their IP address with trackers or websites, making it difficult to create a fingerprint.
All users will get these standard features to give basic protection from user identification:
Exact IP address can be prevented to be shared with known trackers in Safari.
Mail Privacy Protection gives users more control over tracking pixels used to analyse email behaviour.
Privacy Report in Safari lists all known trackers and the website requesting them.
App Privacy Report was supposed to come in the fall as well but is now being delayed to a later version.
Record App Activity outputs all app activity of the past seven days. This feature is off by default.
You can watch Apple’s presentation of the new privacy functions in here: https://developer.apple.com/videos/play/wwdc2021/10085
When updating to iOS 15, the user will be asked to protect or not protect Mail activity on first open (screenshot may change in the final release):
If the user decides to choose “Protect Mail activity”, the following will happen (when using Apple Mail client, third-party email apps, such as Gmail, are not affected): Email content is loaded automatically after delivery, regardless of whether the user opened the app or not. The emails will be loaded without revealing the IP address and headers.
This will have an effect on the following aspects of Mapp Engage:
Open rates in statistics will be less accurate, as emails going in Apple Mail will always be marked as opened. We will, therefore, infer an open only when a positive engagement, such as a link click, is received.
Automations based on email open may need to be changed depending on your use case.
Any tracking based on user agents and location will not be possible anymore.
Location and type of device is not revealed.
Other links in emails will still work as expected, if the user chooses to actively click them, with the caveats around IP addresses and location noted above. You will still know who clicked your link.
As a sidenote, Gmail’s web app has been hiding IP addresses and locations of opens for some time already, but not (yet) interfering with open rates.
AMP is not affected since the Apple Mail client does not support it and is unlikely to. Apple has taken a stance that users do not want emails doing anything invisibly in their inbox.
We believe that open rates are interesting, but really just a mechanical measurement of the channel. It has never been a fully reliable measurement for a variety of reasons:
Email previews while scrolling through the inbox can show up as opens.
Some mobile OS versions give erroneous opens via the notification center.
Some platforms allow you to click on email links without opening the email (Android notifications on some versions, Gmail web version). Mapp Engage already infers an open if a click is received without a specific open.
Many email platforms block loading of images, and hence pixels, and have done for a long time (Outlook does this by default). As a result, opens get missed.
Email marketers should be much more interested in true engagement; measuring click-through rates is a great way to tell if you are delivering compelling content. It is also wise to invest in good deliverability services to ensure that your messages are getting through. Then focus on the message instead of the medium, as you should be confident that your messages are making it into the inbox. Even picking a good subject line can make a huge difference and once opened, compelling, personalized content should lead to conversions.
Consider another perspective: If you rely too much on opens, you may end up spamming users who have no interest in your marketing. Focus on engagement that can only come from a real live human! It is also a good time to clean up email lists and make sure deliverability services are used to continue to manage the changing landscape. It’s quite likely that the initial activation of the Apple Mail features will result in more unwanted emails being sent at first, which will mean careful management of reputation is needed – again highlighting the need for good deliverability.
Mapp Marketing Cloud focuses on meaningful insight-led customer engagement with “business-level” metrics first, such as ROI and list growth, not “channel-level“ (unless an analyst wants to do a deep dive). In other words, how engaged your customers are, where they are in each campaign, how many conversions, and how much money you are making.
Of course, there are some email techniques that will not work when sent to Apple Mail now (e.g., image-based countdown times, open time optimization, and more). You will need to code different content in these cases. Mapp’s consultants can help you with this, with different variants for different clients.
Almost all the press coverage for iOS 15 has focused on the privacy features for email. Apple continues its work on protecting privacy for web users too, which began in iOS 14. Once again, Apple is not alone in making such moves. Google has been making changes to their Chrome browser and have been promising their privacy sandbox feature for some time.
Any marketer using web tracking will need to be aware of these changes and be able to adjust their approach to ensure privacy is respected:
App & Web Privacy Report will expose known trackers and tracking attempts to the user. This will first be made available to Safari only and expand to app tracking in a future release.
Record App Activity saves the last seven days of any outgoing traffic. This is an optional feature that appears to be targeted more towards technical users.
Safari provides the ability to hide your IP address to limit identification, like the features we see in the email privacy.
If Private Relay is turned on, the user can choose to hide IP addresses for all web traffic, not just known trackers. The scope of Private Relay is still not entirely clear, but according to this video, “in iOS 15 and macOS 12, Private Relay will apply to all web browsing in Safari, all DNS name resolution queries, and a small subset of traffic from apps. Specifically, this will include all insecure HTTP traffic, such as TCP port 80.”
Mapp Intelligence track domains are known and are part of the Safari Privacy Report, but custom track domains are still not detected as trackers. See this article for more information.
If the user uses iCloud+ and decides to log in with a hidden email address, they cannot be tracked across websites. If the customer ID is based on the email address, it will still work to create a profile based on the given email address. As it will not change for the particular account, first-party tracking is not affected.
This will influence Mapp Intelligence where anonymous tracking is used and the user chose to hide their IP address. It means that understanding where a user’s website visit begins and ends will be more difficult, as it relies on the IP address to recognize this.
At this point, the changes affecting Mapp Intelligence are not significant. Tracking is exposed more to the user, but if our customers implemented tracking according to GDPR standards, users should not be surprised. Functionally, everything was working during our tests:
Hidden emails will still use the same email for each individual account, so our customers can still rely on the custom visitor ID.
If Private Relay is used and the IP address is hidden in Safari for all website traffic (default setting), then the IP address will change in between requests or multiple users share the same one. This affects users that opted for anonymous tracking, because in this case we need the IP address to recognize that a series of requests belong to the same user in a ‘session’ (as this is the way to identify the originator of a web request).
Anonymous tracking is not a common use case for app tracking, so the changes by Apple will not have a big impact. We will continue to monitor the behaviour during iOS 15 beta phase.
When hiding IP addresses is active, the default setting is to maintain the general location so that geo targeting still works. The exact IP address will be replaced with one that is valid for the user’s particular area.
It is possible for a user to make additional limitations on how the device determines location and how accurate that is – indeed this is not a new feature. Geo targeting will be difficult if the user switches to “Use Country and Time Zone, because then the location of the user is entirely hidden as well.
App notifications can be grouped and scheduled or muted for an hour or the entire day. Scheduled delivery might, therefore. not work as expected anymore and geo-targeted push notifications might not be delivered on time.
For sure, there are some significant changes here – but all of them are aimed at protecting users and making marketers more intentional and less invasive in their approaches. It is possible that the public awareness of these issues will lead to more usage of technologies such as ad blockers elsewhere, and that other email vendors might follow suit.
But as we have seen, relying purely on opens is a blunt instrument and not always a sign of human life. Maybe your lists will decrease in size as users are made to think more carefully about what they subscribe to, but the upside is that the list you are left with is more likely to be highly engaged.
Mapp is also working to launch the feature for enhanced privacy in the tracking of emails to give your users the ability to opt out of tracking directly, regardless of email client. We are embracing this future and putting the control into the hands of consumers.
Web-based tracking is also limited in some ways, especially if Private Relay is in use. We do not expect this to have such a significant impact as it is a paid feature – and of course there are plenty of other ways that consumers can already block their web activity through VPN services. Thoughtful tracking and metrics can be achieved in other ways, including server to server tracking and anonymous tracking.
We aim to remove open events from Apple devices until a link is clicked.
You may need to adjust your whiteboards and automations.
Open events are generally quite unreliable.
We are launching a feature to allow anonymous tracking in Mapp Engage.
It is a good idea to maintain your email sender reputation using Mapp’s deliverability services.
We have other options for web-based tracking already available. We have details on implementing server-to-server tracking available here.
Improve your content and concentrate on the goals of your campaign, not the mechanical statistics, such as open rates, that come from the channel.
Mapp Marketing Cloud has other channels, and we will keep adding them. You and your users deserve the choice in how engagements happen.
Authors: Andrew Bradley & Stella von der Embse, Mapp Product Management
In addition to VMC (Verified Mark Certificates) and CMC (Certified Mark Certificates), the industry can now benefit from this tool to support businesses with improving both email campaign security and performance.
Halloween is a prime opportunity for marketers to get creative. With its spooky themes and playful spirit, brands can engage customers in unique and memorable ways to make their brand stand out.