To keep users safe, Apple has placed stringent measures on the data publishers can store from web visitors. Publishers should understand Safari Intelligent Tracking Prevention to know how these restrictions will impact marketing attribution and UX.

Safari accounts for nearly a third of browser users  (32.25%), largely because of its share of mobile users. This means millions of your visitors are being impacted by ITP restrictions.

What is Safari Intelligent Tracking Prevention (ITP)?

In 2017, Apple released Intelligent Tracking Prevention (ITP) to protect the privacy of Safari users. Initially, ITP targeted third-party cookies, blocking them completely. Cookies are small files on user data that store preferences and visits. Users can block cookies if they do not want their information stored by sites. They help with page customization and save important data to track, identify, or authenticate a returning user to a website.

This was a huge problem for marketing and tech companies, since cookies helped them determine visitor flow and patterns. It largely limited the cross-site tracking to make it harder for publishers to see user activity across multiple sites. Apple has now moved to restrict certain cookie uses with limitations and restrictions in Safari for its fifth version of ITP.

What is the Purpose of Safari ITP?

According to Apple, the goal of Safari Intelligent Tracking Prevention is to limit the ability of publishers and advertisers to track website visitors, while still enabling websites to function normally.  Safari ITP identifies domains being used to track a user, then purges any tracking data they wish to store on the user’s device.  The EU recently came out with a GDPR requirement that brands must treat cookies as personal information and inform visitors on use. Web publishers have had to include cookie opt-ins since that change went into effect and follow new restrictions to align with that GDPR requirement.

Following a similar line of reasoning, Apple put ITP into place for their Safari users. ITP only impacts Safari users, but this means:

  • 3rd party cookie blocking for cross-site tracking
  • Expires first-party cookies within seven days unless the cookies are accessed within the seven days (at which time the clock restarts)
  • The tracking domain and link decoration for first-party cookies will expire within 24 hours unless the cookies are accessed within that timeframe (at which time the clock is extended for 24 hours)
  • Local storage and non-cookie data stored by Safari expires within seven days unless accessed during that timeframe (at which time the clock will be extended for another seven days)
  • Google, Facebook and other big companies will be required to get consent for storing data and cookies (like passwords) through the Storage Access API.

Every release has brought more rules to restrict cross-site tracking and data storage, which has posed several complications for publishers.