Mozilla Wants Apple To Change Users' iPhone Advertiser ID Every Month (zdnet.com) 101
Mozilla has launched a petition today to get Apple to rotate the IDFA unique identifier of iOS users every month. From a report: The purpose of this request is to prevent online advertisers from creating profiles that contain too much information about iOS users. IDFA stands for "IDentifier For Advertisers" and is a per-device unique ID. Apps running on a device can request access to this ID and relay the number to advertising SDKs/partners they use to show ads to their users. As experts from Singular, a mobile marketing firm explain, "IDFAs take the place of cookies in mobile advertising delivered to iOS devices because cookies are problematic in the mobile world." IDFAs are different from UDIDs, which stand for "unique device identifiers," which are permanent and unchangeable device identifiers. Apple added support for IDFAs specifically to replace UDIDs, which many apps were collecting for all sorts of shady reasons, enabling pervasive tracking of iOS users.
Now go after Microsoft (Score:1)
They do the same thing.
Re: (Score:3)
And then go after Google and Facebook, and watch them laugh at your demands.
Re: (Score:3)
Microsoft at least does IDKFA -- with apple, the K are entirely Apple's, not shared for you. (Hint: you're doomed. A cookie (of the non-tracking kind) to anyone who gets the reference.)
Re: (Score:3)
Who does IDDQD then?
Re:Or take matters into you own hands... (Score:4, Funny)
Advertisers are the problem, so you want to get rid of Apple.
You're a dumbass.
Re: (Score:2)
Without adding some way for publishers and advertisers to identify whether a user has already seen a particular ad, Apple would have bled developers to Android even faster.
iPhone owners spend more (Score:3)
The iPhone currently commands 13.2% of global smartphone market share, vs. 86.8% android market share.
Though the iPhone has a smaller user base, iOS users tend to have more money per user than Android users. Users of iOS spend more not only on paid apps and in-app purchases but also on physical products. (Source: "Survey: iPhone owners spend more, have higher incomes than Android users" by Robert Williams [mobilemarketer.com])
And "global" reach matters little to an advertiser based in the United States who seeks to reach only viewers in the United States.
Re: (Score:2)
Advertisers are the problem, so you want to get rid of Apple.
You're a dumbass.
Actually he's my spirit animal. Coming up with more reasons to get rid of Apple is great pass time. For one all you *definitely paid for shills* who dare to say Apple isn't a problem (how much did the evil mega corp pay you to say that?) is another reason to get rid of Apple.
There's kids starving in Africa. We should just dissolve Apple and buy each of them a nice t-bone steak.
Re:Or take matters into you own hands... (Score:5, Insightful)
... and get rid of your Apple products for life.
...and go straight to Android, where they -
Oh, wait.
Yeah, nevermind.
Perhaps going back to an old school flip-phone isn't such a bad idea anymore?
Re: (Score:2)
At least on Android you can run Firefox. Without any hacks.
Browsers on iOS are merely skins for Safari.
Reasonable And Good Idea (Score:4, Insightful)
I think this is a very reasonable thing to do. Now that we have the government looking hard at all this data collection, now is the time for Apple to step up and do something like this to help out the end user.
Re: (Score:2)
Maybe it would be better to connect the function call to a random number generator.
Then again that might encourage advertisers to look for other ways of fingerprinting the device.
That's the reason that Apple argued in favour of making the HTML5 pingback function mandatory and impossible to disable. Yes Google got the flak for it but Apple made the same argument [webkit.org]. If it's removed then advertisers will just find some other way to do it, making things worse.
Re: (Score:1)
Would you prefer a paywall? (Score:3)
Why would any internet user want to accept tracking by a computer company, ad company?
Because the viewer finds ads less inconvenient than having to key in a credit card number and pay $5 for a month's subscription to view one document on a website that put up a paywall once privacy-respecting ads became no longer viable. Ads based on each viewer's inferred interests pay three times as much as ads based solely on the document's context.
Re: (Score:2)
Well, then make it Opt-In for everyone.
I'd prefer sites to ask me if they can active these 'features" in order to make ad supported delivery of content.
I ca
Choice to pay or be tracked (Score:2)
Well, then make it Opt-In for everyone.
"This article is available to subscribers. For a free day pass, opt in to all tracking providers."
Tracking would default off. The article would display once the viewer makes a choice to pay or be tracked. Close the tab, click the next search result, and the next website would also offer the viewer a choice to pay or be tracked.
Re: (Score:2)
>>Why would any internet user want to accept tracking
>...once privacy-respecting ads became no longer viable...
If the ads are tracking you, they are NOT respecting your privacy.
Re: (Score:2)
Exactly. When ads that respect your privacy became no longer economically viable, the industry switched from ads that respect your privacy to ads that track you.
Credit card processor gets the lion's share (Score:2)
surely, you would prefer paying pennies for articles
A 36 cent charge for an article means 31 cents would go to the credit card processor and a nickel to the publisher. How would you propose to improve the efficiency of micropayments?
Re: (Score:2)
That's why you pay with bitcoin!
Then the publisher gets the full 30c
You get slapped with a $5 fee and have to wait 15 minutes while it clears, but don't worry about the details.
Re: (Score:2)
I agree that tracking need not exist. But one of the following must exist: A. payment, B. tracking, or C. lowering production values to those of a hobbyist in his free time.
Re: (Score:3)
Ask all the people who don't install an ad blocker I guess.
For companies like Apple and Google the issue is that if they do start a war with advertisers, it will get nasty very quickly. Say they decide to remove HTML5 pingback and disable Javascript entirely, the advertisers will just change the links to go via a redirect page that logs the referer. Block the referer and they will encode it in the URL, block that and they will use cookies, block those and by that point everyone will be miserable because mos
Re: (Score:3)
At the end of the day if the user has full control over their device (which they don't with Apple), there isn't anything that adverti
Re: (Score:3)
True in theory.
Devilishly difficult to implement in practice, because what you are proposing is the elimination of all side channel information leakage from the browser to the web host. And all those tiny bit
s/incidental nonchalance/flagrante regalia (Score:2)
I don't think anyone reasonable is not proposing to eliminate all side-channels. 90% of the time, making this observation amounts to scope creep. What sensible people actually propose is to eliminate the fat side channels that are so plump and juicy that anyone who comes along could exploit them with incidental nonchalance.
What you are aimi
oops (Score:2)
"not" in the opening sentence was somehow left over from my immoderate first attempt. No good deed goes unpunished. My bad.
Re: (Score:2)
Would you believe there are people at Firefox/Chrome/Safari/Edge that are doing this right now? :-)
What's more, remember that each such side channel is additive. So you don't need to find a particular fat one in order to whittle at privacy.
Re: (Score:2)
It now occurs to me to add that anyone in possession of 1001 unscrupulous tools has his own nearly insuperable side-channel management issues, should he not want to advertise his arsenal of assholery far and wide.
Little Red Riding Hood: Oh Granny, what a dark hoodie you've got!
Little Red Riding Hood: Oh Granny, what a lot of 2FA dongles are sticking out through the hole in your hoodie pouch!
Re: (Score:2)
>Better to constantly rotate existing IDs than to randomly generate new ones.
Long ago, in the days when Junkbuster was enough, it had a "cookie jar" feature.
I don't know if it was ever completed, but the point was to trade tracking cookies on servers . . . at the time, I simply had a folder with the cookie file name (".cookies"? It's been a while), so they failed anyway.
hawk
Apple isn't going to bother (Score:3)
I think this is a very reasonable thing to do.
Reasonable to you maybe. Not very reasonable to Apple. See below for why.
Now that we have the government looking hard at all this data collection
Which government are you talking about because it sure as hell isn't the US government. Maybe they are in Europe somewhere.
now is the time for Apple to step up and do something like this to help out the end user.
A nice sentiment but I strongly doubt Apple will actually do anything useful in this regard. Google derives the vast majority of their revenue from advertising so if Apple really wanted to stick it to Google, hurting their advertising revenue would be the way to do it. Thing is though that Apple and Google are
Your theory breaks down (Score:4, Informative)
A nice sentiment but I strongly doubt Apple will actually do anything useful in this regard.
They already did.
The iPhone used to offer a unique device ID that never changed, and was the same across all apps.
But Apple realized that was being misused for tracking, so they changed the system (at a time Google was paying them to include Google as the search engine) so that advertisers could just get an advertising ID, that can in theory change any time.
In fact the thing that really scratches your theory - any IOS user can reset the advertising ID manually any time they like, via the Reset Advertising Identifier feature under Settings->Privacy->Advertising.
That was introduced in iOS6...
Re: (Score:2, Informative)
An ID that can be changed at will isn't much different from a fixed one.
Any app that has access to the ID and another form of state can track the change. So basically every single app installed on your phone when you make the change, or any app that requires some kind of user log-in.
Your new IDFA will just be added to the same ad profile as your old one was. It's nothing but a false sense of power given to the user.
Re: (Score:2)
The iPhone used to offer a unique device ID that never changed, and was the same across all apps. But Apple realized that was being misused for tracking, ...
It's stupid for another reason. People sell their iPhones. The UDID stayed the same if you sold your phone, it was literally the device that was tracked. And tracking isn't only used for advertisements, but things like games keeping track of high scores. So if you buy a new phone and sell your old one, someone else suddenly hss all your high scores.
Whatever you think about tracking, the actual device is not what you want to track.
Re: (Score:2)
Pointless though, advertisers will store the UDID in a cookie and thus will be able to reassociate the new UDID with the old one when the user resets it.
Re: (Score:2)
and when I mistakenly said UDID I mean IDFA.
Re: (Score:3)
I'm happy to, but first can you show me a android phone that I can buy with all the google integrations removed? I consider google a bigger threat than apple to my privacy and I do not want to use any service related to them.
Re: (Score:2)
There are plenty of Android phones you can buy with unlocked roms (Like Google's own pixel phones) that makes it trivial to install a clean ROM with no google integration.
You could even pay someone to do it for you if you are terrified of flashing a ROM image.
Seems pointless (Score:5, Informative)
If apple does this people will simply save the ID locally and when the app launches and the ID that the system gives you doesn't match the one you have saved you make a call to record the new ID and bingo you have a running, relatively up to date ID tied to a history of different IDs as the same devic.
Re: (Score:2)
How so? You are certainly allowed to report your IDFA back to the server or it would serve no purpose at all. You are also allowed to report back the ID you get back that is App/phone specific (that is, unique per app, per phone). That alone is enough to create a long running list of IDs associated with a phone on your server. Any of this could be done with fairly innocuous calls that would never raise any eyebrows at all.
Re: (Score:3)
I work in the industry building customer-level cross-device marketing attribution models. This is a complete non-factor for most companies, just like ITP changes, it is a mere annoyance more than anything.
We are able to get 100% match to customers through digital only interactions and >60% match across any number of devices to customers who interact with digital channels but only buy through brick and mortar, without any crazy shit/third parties/etc.
So, while this is a great soundbite, it's ultimately no
Re: (Score:2)
They do not let you change the ID, it is provided by an API as is the one that is per app/per phone. Nothing in auto rotating this would make it materially harder to track users across multiple apps. Its just more effort.
Re: (Score:1)
You are right, Altus is wrong.
Re: (Score:2)
Maybe you can read up on what that switch actually means
https://possiblemobile.com/201... [possiblemobile.com]
Re:Seems pointless - actually you can reset it now (Score:1)
I reset mine at least 5 times a day. A game I play uses the ID to identify me to ads they play so I get in free game stuff.
If I don't reset it, the ads don't play, because I already got my free stuff that day.
If I reset it, I can see another set of ads, which play while I am doing something else, and get more free in game stuff.
Settings->Privacy->Advertising there is a Reset Advertising Identifier button to do this.
Or... (Score:5, Interesting)
Hypocrites (Score:2)
Take the board out of your eye before complaining about the splinter in others.
Only an annoyance - other ways to fingerprint devs (Score:2)
I don't want an advertiser ID AT ALL (Score:1)
Just saying, why not get rid of this antifeature entirely?
Apple claims to be user-first, right?
Re: (Score:1)
Apple has to make money. I believe 'User First' is more like 'Investor First'
Google is built on Advertising dollars, so to expect Apple to avoid those dollars is just crazy.
Apple market evaluation has little to do with how much money they make, and has more to do with investor confidence. Apple's core products are selling less, and eventually that will lead to lower incomes from core products. That leads to lower investor confidence.
Apple is looking to diversify and build services. Part of that will definit