Not a day goes by without fresh news related to consumer privacy and tracking. Last week Apple began rejecting apps that access the device’s UDID (Unique Device Identifier) and on Monday the Federal Trade Commission issued a report that, among other things, focuses on the need for companies to clearly explain how they collect user data and for what purposes they use that information.
For most developers tracking is an essential element of any monetization strategy. After all, the consumer stands to benefit if the resulting analytics helps build a better product or if tracking supports alternative monetization so the consumer can use the product for free. So why all the fuss about tracking?
The most fundamental problem with tracking mobile app usage today is that most consumers are not aware they are being tracked — or for what purpose. Additionally, the methods by which consumers are often tracked on their mobile devices (including UDID or even MAC addresses commonly used in “fingerprinting” solutions) are directly tied to a consumer’s physical device. Even the less accurate fingerprinting techniques that do not rely on a physical device address could be troublesome as they still establish an individual device profile that can be associated with a physical device down the line (and could ultimately deemed personally identifiable information).
When we explored tracking solutions for our own mobile marketing platform, we chose to avoid tracking techniques that tie to individual, physical devices due to privacy implications. Ultimately, we decided to utilize first-party cookies.
Cookies are the standard tracking mechanism on the Internet, and consumers are already being educated about how cookies work. Further, synchronizing cookies between a browser and an app allows us to identify where an app install originated no matter the source (online, on-device and even offline) with nearly 99% accuracy. This is very powerful for any app marketer who wants to measure and compare all campaigns — not just the ones originating from in-app mobile ad networks.
From a privacy perspective, we believe that tracking via first-party cookies is a superior methodology to any of the other techniques available today:
Cookies can’t be tied to any individual device. Instead of transmitting data that is associated with a physical device address or a unique device profile, we relate to cookies as channel-specific installs (e.g. a cookie originated from a Facebook install vs. a cookie that originated from an organic install). Once the user deletes the cookie, there is no more association to the device.
Cookies are easily removable by the end-user. We utilize cookies both in the mobile browser and, once synchronized, within a mobile app. Users that clear their cookies from their browser can no longer be associated with tracking information in our database. We also provide our customers with a method that enables the “flush” of our in-app cookie when the end-user chooses to opt out. While this can reduce the amount of valuable data available to the developer, we believe that our industry will only overcome privacy concerns if we pro-actively address these issues and provide customers real choice and control. Moreover, it is preferable to lose some tracking information from customers who don’t want to be tracked than to be singled out in yet another Wall Street Journal article for not offering consumers a choice.
If you’re looking to replace your current UDID based tracking with a future-proof solution, our advice is to avoid products or services that rely on information that is directly tied to a device (e.g. MAC addresses), provide your customers with a method to opt-out of your tracking, and clearly explain your data collection practices in an easily accessible Privacy Policy.
In future blog posts we will discuss additional advantages (including improved engagement and consumer experience) to cookie-based tracking as well as provide an overview with pros and cons of the known methodologies.
