iOS 14, third-party cookies, and the future of data-driven marketing

For most brands today, the mobile experience has become the center of customer experience. And at the center of the mobile opportunity is the app economy, which continues to grow and evolve at a tremendous pace. In 2019 alone, the iOS App Store had sales of $50 billion. Although we started with apps that primarily provided simple utility, we've seen a rapid maturation toward personalized, data-driven, and highly sophisticated software that helps run every facet of our lives. For many companies, especially in the wake of COVID-19, apps are not just big business; they are THE business.

Concurrently, there is a massive ecosystem of vendors designed to help app owners with every facet of their business, from marketing and measurement to data science and customer support. This vendor ecosystem is continuously changing and growing, with no signs of slowing; from new entrants to acquisitions to ongoing regulatory and compliance matters, the pace of innovation and change is faster than most brands, and development cycles can manage. While many brands have been accelerating digital transformation initiatives, they must now also adapt to a significant policy change from Apple.

This year, at its annual developer conference, a significant announcement that will have a wide-ranging impact on the future of mobile customer experience was sandwiched between the usual product announcements. The IDFA (the ID present on all Apple mobile devices and used across the martech and adtech industries) would now require explicit user permission to use. This change dramatically limits the usability of the IDFA as a form of universal identity that brands and vendors can use to power marketing, measurement, and everything in between.

While the effects are just starting to be felt, this is hardly the first announcement of its kind. Privacy has been recognized as a fundamental human right across the globe in various forms. Still, the right to data protection is a relatively new concept brought about by the digital age and the abundance of data created every day across more sources and systems, touchpoints, and endpoints. Issues of data protection and privacy no longer esoteric matters but now capture headlines across media outlets around the globe. And with an increasing population of people who have never known a world without the internet, privacy and data protection are only becoming more important.

Over the past 20+ years, there have been many important moments in history in digital consumer privacy, which have led us to this point:

These historical moments are driven by common underlying forces shaping the future of customer experience, balancing the necessary tradeoffs between personalization and privacy. In general, we can all agree that the one constant is change along this continuum, which means the opportunity cost of moving slow and being rigid is tremendous. Given the importance of mobile, it's never been more important to build a data strategy that will serve as a durable foundation required to adapt to perpetual change.

Surely there will be many approaches in an attempt to replace the currency that IDFA brought to data consumers. And as Apple moves to limit data brokers and fingerprinting, it will create significant value for other forms of persistent identity such as email and mobile numbers. We've long implored the market to move from a tools-first approach and think data first, and these changes serve as an essential reminder that brands have to develop a coherent data strategy, including a multi-dimensional identity strategy; and to the extent data enrichment is important, verification that data is ethically sourced.

Building a data and identity strategy requires cross-functional input across product, analytics, engineering, and marketing. Since we're focused on identity here, lets first categorize identifiers into two general groups: Universal identifiers and Scoped identifiers.

• Universal Identifiers - These are universal and often persistent identities that are available and don't vary across context; for example, an email, mobile number, or IDFA, which does not vary based on who has access to it.
• Scoped Identifiers - These identifiers are limited in scope because they are mapped to a specific entity. The variability across entities and limitations in accessibility across entities is designed to create privacy-friendly constructs. For example, Apple's IDFV, a first-party cookie ID, a Customer ID, push tokens are all forms of identity that are unique to that entity. 

Much of the mobile vendor ecosystem has been built on accessing a universal identifier or syncing multiple identifiers. Seamless data sharing across interested parties will become more complicated, go away, and possibly require new mechanisms that are not yet invented. And to the extent that data sharing is still possible, ethical sourcing of data will be a critically important concept going forward. The world will go on, and the change may not be immediately visible to consumers, but the impact will be massive.

1. Product Analytics based on a brand's own first-party data can easily be mapped to an IDFV, a Customer ID, first-party cookies, etc.
2. Personalization based on a brand's first-party data can be achieved via IDFV, Email address, Customer ID, first-party cookies 
3. Retention Marketing such as SMS, Email, Push Notifications via owned channels, and delivered via Universal Identifiers such mobile number, email address, or Scoped Identities such as push tokens.
4. Customer Support via tools like Zendesk and Kustomer can be delivered via email address.
5. Paid advertising within the Walled Gardens can be easily accomplished via any of their native targeting solutions, or by uploading user lists mapped to identifiers such as Email and Mobile number.
6. Loyalty programs

1. The bar will be raised on Customer Experience. All apps will insert a registration path to collect customer identity, such as email, to replace access to the IDFA to preserve addressability. Adding additional friction means that brands will need to deliver meaningful value to consumers to clear the registration hurdle. Free games and utility apps will most likely see a drop off in total users but may see an increase in quality. 
2. Mobile programmatic advertising will be disrupted but will go on, and further power consolidation accumulates to the Walled Gardens Advertising to an individual consumer via the use of IDFA or third-party cookies will not be widely possible. However, other signals such as context will still be possible. This may make the ads we all see less relevant, but it will certainly decrease the creepiness factor. Conversely, since the large social platforms have scale and their own data and identity available for targeting, advertisers will continue to move more and more ad spend to these platforms.
3. App download tracking will change- Much has been written by each of the MMPs already on how they will evolve to frameworks such as SKAdNetwork or AppTrackingTransparency. While these solutions will evolve, it will be interesting to watch the innovation coming out of this space.
4. Ethically sourced data will become a thing- Most of the third-party data ecosystem is tied to universal IDs like IDFA or 3rd party cookies, these markets have already seen a massive decline over the past few years, as there are a number of players who operate in the shadows helping apps increase monetization and brands improve targeting. Data markets don't go away, but they will need to become increasingly more transparent, much like our friends at Narrative.
5. Gamification may return- To preserve addressability, we will most likely see apps employ tactics such as incentivized opt-ins or degraded anonymous user experiences.
6. There will be additional demand for Consent Management tools. Companies like Sourcepoint and OneTrust, who make it easy to manage consent for brands, will see an uptick in demand as consent becomes an increasingly important part of the conversation. 
7. Reliable opt-out and adherence to GDPR/CCPA may become more complex. This will be true for mobile-only companies, or for brands who have a large number of unauthenticated mobile app users.

Brands that have a direct relationship with customers have an opportunity to use that relationship to form the foundation for their customer data strategies that are immune to the recent industry changes that aim to limit the ability of those parties that don't have a direct relationship with customers to collect and use their data.

1. Brands have to build a data and identity asset - Brands need to take ownership of their customer data to build a solid foundation for how customer data can ethically be used to deliver the best customer experience.  
2. This foundation must be built on the data brands collect directly from their customers with clear customer consent as a first order concern, not an afterthought on how to be compliant after the fact.  
3. In each interaction with their customers, brands should collect whatever identifiers are available and approved for use by the customer. In some cases, this might be only IDs that are scoped to the brand like 1st party cookies or email addresses, and in other cases, IDs like IDFA might be available.
4. Brands should provide value to customers and build trust with customers.

Keep up-to-date with the latest mParticle updates and breaking industry news by subscribing to mPulse, our weekly newsletter, here.