+1 vote
by (14.2k points)

1 Answer

0 votes

EDIT December 20, 2020: Facebook issued new guidance on December 16th that explicitly laid out how ATT would impact app-to-web campaigns. App-to-web campaigns are indeed governed by ATT privacy standards, with a few meaningful changes to how app-to-web campaigns are tracked and measured: only 8 events are made available, and performance is aggregated at the campaign level. For more detail around how app-to-web campaigns are changing as a result of ATT, see this post. I'm leaving the original answer intact, but it is out of date.


It shouldn't.

A note to preface this answer: Facebook hasn't issued any official guidance on this. This answer only reflects my best understanding of how ATT impacts data collection for the purposes of marketing.

And some background reading that provides helpful context for this answer:

Background reading on ATT / IDFA deprecation / SKAdNetwork: 

Background reading on the FB advertising pixel: 

So: Why won't ATT impact app-to-web campaigns?

The ATT popup specifically mentions "apps and websites," which has led some people to speculate that app-to-web campaigns -- that is, ads served in apps that click out to the mobile browser -- will be governed by ATT opt-in, thus impairing the ability of the Facebook pixel to track web campaigns that were initiated from in-app inventory.


But this is unlikely to be the case. First, the ATT opt in controls the app developer's access to the device IDFA as an explicit control. But the "spirit" of ATT is really that the developer will not implement any sort of ad tracking within the app if the user has opted out -- for instance, fingerprinting, which Apple specifically flags as being prohibited if the user has opted out (from Apple's ATT FAQ):


Second, Facebook web campaigns are tracked via its advertising pixel, which is implemented on partners' websites as a first-party cookie. While Apple does implement privacy controls for cookies via ITP (intelligent tracking prevention) in Safari, what Safari blocks are third-party cookies (cookies residing on one domain that are published by a different domain). The Facebook pixel is a first-party cookie, and first-party cookies are regulated by ITP (for instance: they are deleted 24 hours after being saved) but are not blocked. This is to say: Apple (through Safari -- Google's Chrome browser will not phase third-party cookies out for some time) already has a mechanism in place to protect privacy on the web, which is ITP, and ITP does not block first-party cookies. It's also important to remember that the IDFA is not accessible from browsers.

And third, Apple specifically states that only data collected from apps is within the scope of ATT. So as long as no user data is passed from the app ad to the web destination (and none is; only UTM tags in the URL are transferred), then ATT doesn't apply to anything that happens once the user leaves the app.


by (14.2k points)
edited by