New Apple Policy: 'Web-Tracking Safari Users Will Be Treated Like Hacking'

Apple Safari

NurPhoto via Getty Images

Apple is changing its "web tracking" policies. The company is determined to leave the advertising and marketing industries in no doubt as to how clever data monitoring technologies are viewed in Cupertino. Tracking users "without" consent will make you the enemy—do it and you will find yourselves kicked off the platform, treated like malware—"circumvention of anti-tracking measures" will now be viewed "with the same seriousness as exploitation of security vulnerabilities," and if you get caught, "additional restrictions [will be applied] without prior notice."

John Wilander is Apple's anti-tracking guru, and he announced the changes by Twitter. In essence, the company is following in Firefox's footsteps and clamping down on the loophole practices being deployed by the multi-billion dollar online advertising industry, following users from site to site, from device to device.

The new policy targets "all tracking practices" identified and listed in the policy, and there's a further warning for the industry: "If we discover additional tracking techniques, we may expand this policy to include the new techniques and we may implement technical measures to prevent those techniques."

Basic tracking has already been targeted by Safari and Firefox—there's talk from Microsoft of similar restrictions and even a (half-hearted) crackdown from Google, the ultimate poacher turned (or not really turned) gamekeeper. But this policy is designed to cut the current Tom and Jerry approach to continually finding new ways to work around restrictions—closing loopholes and sanctioning wrongdoers.

Apple acknowledges that its new toughened policy "was inspired by and derived from Mozilla’s anti tracking policy."

Apple's definition of tracking is broad—it doesn't matter, the company says, if such data is not personally identifiable, "it’s still tracking." The intent is to make sure that tracking cross-sites, whether done by actual sites visited for planted identifiers on devices, is in the crosshairs.

All this takes us into the territory of the subterfuge now being deployed to circumvent protections, especially "fingerprinting" users based on their environment and online activity, their location and network. Inferring who they might be without specifically tracking the identity itself. Clever stuff. But prohibited nonetheless.

Apple will now "do its best to prevent all covert tracking, and all cross-site tracking (even when it’s not covert). These goals apply to all types of tracking listed, as well as tracking techniques currently unknown to us."

And so the industry has been warned, and there will be "no exceptions." Even where such limitations impact genuine functionality—single sign-ons being an obvious example—the company will side with user benefits and security if in any doubt.

Enough is enough, Apple has said, and it's about time.

">

Apple is changing its "web tracking" policies. The company is determined to leave the advertising and marketing industries in no doubt as to how clever data monitoring technologies are viewed in Cupertino. Tracking users "without" consent will make you the enemy—do it and you will find yourselves kicked off the platform, treated like malware—"circumvention of anti-tracking measures" will now be viewed "with the same seriousness as exploitation of security vulnerabilities," and if you get caught, "additional restrictions [will be applied] without prior notice."

John Wilander is Apple's anti-tracking guru, and he announced the changes by Twitter. In essence, the company is following in Firefox's footsteps and clamping down on the loophole practices being deployed by the multi-billion dollar online advertising industry, following users from site to site, from device to device.

The new policy targets "all tracking practices" identified and listed in the policy, and there's a further warning for the industry: "If we discover additional tracking techniques, we may expand this policy to include the new techniques and we may implement technical measures to prevent those techniques."

Basic tracking has already been targeted by Safari and Firefox—there's talk from Microsoft of similar restrictions and even a (half-hearted) crackdown from Google, the ultimate poacher turned (or not really turned) gamekeeper. But this policy is designed to cut the current Tom and Jerry approach to continually finding new ways to work around restrictions—closing loopholes and sanctioning wrongdoers.

Apple acknowledges that its new toughened policy "was inspired by and derived from Mozilla’s anti tracking policy."

Apple's definition of tracking is broad—it doesn't matter, the company says, if such data is not personally identifiable, "it’s still tracking." The intent is to make sure that tracking cross-sites, whether done by actual sites visited for planted identifiers on devices, is in the crosshairs.

All this takes us into the territory of the subterfuge now being deployed to circumvent protections, especially "fingerprinting" users based on their environment and online activity, their location and network. Inferring who they might be without specifically tracking the identity itself. Clever stuff. But prohibited nonetheless.

Apple will now "do its best to prevent all covert tracking, and all cross-site tracking (even when it’s not covert). These goals apply to all types of tracking listed, as well as tracking techniques currently unknown to us."

And so the industry has been warned, and there will be "no exceptions." Even where such limitations impact genuine functionality—single sign-ons being an obvious example—the company will side with user benefits and security if in any doubt.

Enough is enough, Apple has said, and it's about time.

Follow me on Twitter or LinkedIn.

I am the Founder/CEO of Digital Barriers, a provider of video surveillance and analytics technologies to security and defense agencies as well as commercial organizatio

...