Apple and the State of Web Tracking

In the post–Cambridge Analytica scandal world, where you go on the web and the way your activity is catalogued are increasingly important. Apple is keenly aware: This week, the company announced that its latest web and mobile Safari browser update will block social media tracking tools. “In Safari, enhanced Intelligent Tracking Prevention helps block social media ‘Like’ or ‘Share’ buttons and comment widgets from tracking users without permission,” Apple said in a statement. After the update, websites will serve users a pop-up asking whether they want to share data with platforms like Facebook; if so, features such as the “like” button will show up. If not, the social media giant won’t be able to access your browsing. Apple announced similar changes last year at WWDC to hinder Google as well as Facebook from following users around the web. Apple CEO Tim Cook also made a point to deny ever working with Facebook on data sharing.

The sites you visit, the directions you search for, and the photos you upload or look at all contribute to a profile of you that advertisers (and data brokers) use for their benefit. Web trackers, hidden software that follows users from site to site, allow various internet outfits to learn who you are, what your interests are, what things you buy online, and what other websites you visit — all in the name of ad sales. But in the wake of Facebook’s privacy failures, different web giants including Mozilla and Apple are trying to limit or thwart trackers, even as they become more and more sophisticated and entangled.

The most common web tracking happens via cookies, code that can remember login information on a website or track web movements to serve ads, among other functions. In 2016, a study found that web tracker usage had wildly soared. According to a team of University of Washington researchers who looked at the trend starting in 1996, web tracking not only became more popular, but also far more sophisticated.

“Today’s users browsing the web’s popular sites encounter more trackers, with more complex behaviors, with wider coverage, and with more connections to other trackers, than at any point in the past 20 years,” the study explains. These more prevalent trackers are scraping up more and more data about users than ever before. “From a privacy perspective, our findings show that over time, more third parties are in a position to gather and utilize increasing amounts of information about users and their browsing behaviors. This increase comes despite recent academic, policy, and media attention on these privacy concerns and suggests that these discussions are far from resolved.”

Early on, most trackers were “vanilla” trackers third-party programs that employed cookies to follow users across the web. In the early 2000s, “forced trackers” peaked. These force users to visit a domain immediately and without agreement, via pop-ups that opened automatically when a user clicked anywhere on a given page. Today, there are many “personal” trackers that rely on cookies, like the social plugin buttons, including the Facebook “like” button that appears across the web. Clicking a Facebook button, such as the “like” or “share” buttons, lets the social network track a user outside of its ecosystem.

Web tracking has expanded into mobile as well. Another study from 2018 that investigated both the desktop and mobile tracking worlds found that the biggest advertising and tracking services — companies like Facebook and Google — shared data they gathered with their subsidiaries and affiliates. For instance, the Facebook Graph API shared data with Facebook ads. Some share it with partners and other companies under their umbrella; others share it with outside companies. The data sharing is most visible when ads pop up for something that a user previously searched for. Studying the privacy policies of big mobile advertising and tracking networks revealed “lax data sharing policies and … that the flow of user private information can violate the user-app trust relationships when it is collected by third parties.”

The websites most engaged in tracking users are not surprising. According to a 2016 study, the largest trackers are Google, Facebook, and Twitter. Web tracking can have unintended effects. Companies who do it defend the practice by saying it’s a way to serve their consumers with content that’s more customized to their interests. But it can actually do the opposite, and when that’s applied to highly visual social media feeds, the results can be overwhelming. As one Apple employee found, creating a bot to help limit drinking ended up surfacing ads for alcohol on Instagram.

A few companies are attempting to counteract the most malicious tracking practices. Ghostery (a privacy browser extension), DuckDuckGo (a web browser that doesn’t track users), and Mozilla have all made hindering web trackers central to their platforms. And within recent years, Apple is throwing its hat in the ring.

Apple has become increasingly critical of Facebook, and more generally social media platforms, tracking user browsing. While this criticism predates Facebook’s 2018 scandals, there is some piling on to the network’s already very bad year. But Facebook is far from the only company that tracks users’ web habits for its benefit. In fact, Apple also tracked users — but in Apple’s case, it was location tracking. Locationgate was arguably 2011’s Cambridge Analytica; it was a privacy storm that ignited media fury and skepticism, prompted politicians to call for an investigation, and caused most people to temporarily worry and then quickly forget the entire debacle. But that doesn’t mean it didn’t happen. In 2011, iPhones were found to be storing user location, creating a digital file of users’ movements and whereabouts. Apple denied any illicit motive or use for the stored data and issued a fix for what it said was a bug. Just like Facebook is doing now, Apple said the issue was a mistake and that it never intended to do anything with the collected data. Like Facebook, Apple was forced to offer something of a public education about how iPhones worked. The uproar died down more quickly, but in the end, Apple faced lawsuits and even had to pay a South Korean man $946.

But time is a flat circle, and now, seven years later, Apple finds itself leading the crusade against tracking. Give it a few more years, and who knows? Maybe Facebook will be a champion for user privacy. Anything can happen.

Tech ICYMI

Winner of the Week: Emoji

Emoji, as a communication tool, had a big week. Not only did Apple introduce a handful of new features for Animoji, it also announced its upcoming Memoji tool. These (seemingly) Bitmoji-inspired updates certainly won’t save any time, but they will allow you to find just the right amount of freckles for your avatar. But that is hardly the end of this week’s emoji news: There is now a red-headed emoji, and a vegan-friendly salad emoji. These are just a few of the new emoji available soon — you can see the full list of what’s coming in Unicode 11 here.

Copycats of the Week: Everyone

The word “copy” can be interpreted as “borrowing” or “taking inspiration from.” Either way, let’s make this quick:

• Apple copied Snapchat’s Bitmoji with the aforementioned Memoji update.
• Instagram is copying YouTube and Snapchat Discover with its upcoming long format videos.
• Facebook is copying Musical.ly with its new lip-sync battle feature.

Every platform is molding into its competitors.

¯\_(ツ)_/¯

Polarizing Meme of the Week: “What Do You Do?”

It started simply enough: On Twitter, people started sharing examples of conversations they have about their jobs — like so:

The meme spread, and quickly took over. Some found it funny, others exhausting. It went from eliciting quiet chuckles to becoming an obnoxious way to brag about doing something cool with your life.

If you are anything like me, the moment came, conquered, and burned out so quickly you didn’t even have time to think up a clever “what do you do?” conversation to share.