Why Zero-Waste is ushering in the era of the CDP 2.0Read blog series

mParticle ProductJuly 16, 2021

Aligning with Apple’s AppTracking Transparency Requirements

We're excited to announce the Milestone 3 release of our support for Apple's AppTracking Transparency. With this release, mParticle customers can now set a default ATT status when one has not been collected, in addition to being able to collect ATT consent status and control data forwarding based on ATT status.

align-with-apple-att

Back in April of 2021, Apple released iOS 14.5, iPadOS 14.5, and tvOS 14.5, which include a set of features, among them the new AppTrackingTransparency (ATT) framework, designed to help users understand how their data is being tracked and used. mParticle has rolled out a series of new features to help our customers stay in compliance with ATT requirements as dictated by App Store Review guidelines.

What is AppTrackingTransparency (ATT)?

The AppTrackingTransparency (ATT) is Apple’s privacy protection framework. It requires IOS app developers to explicitly prompt users for opt-in permission to “track” them. The definition of tracking is defined on Apple’s User Privacy and Data Use page.

Compliance with the latest App Store Review guidelines is predicated on the proper usage of this new framework. Additionally, each app must ensure that all user data processing obeys user ATT consent elections.

mParticle updates to support the ATT framework

aligning-with-apple-att

Starting in September of last year as well as in Feb and May of this year, mParticle has released a series of updates designed to help our customers comply with Apple’s ATT requirements.

In our February 2021 release, mParticle introduced two new fields, which are associated with iOS device data collection in order to provide teams with greater transparency and control.

  • The first is `att_authorization_status`, a string that correlates directly with Apple’s ATTTrackingManagerAuthorizationStatus enumeration and must match one the following values:
    “authorized”
    “denied”
    “not_determined”
    “restricted”
  • The second is `att_timestamp_unixtime_ms`, an optional field that specifies when the end-user first responded to the App Tracking Transparency prompt

These fields govern whether or not IDFA data that has been collected on a user will be added to incoming event batches using our profile enrichment feature. If `att_authorization_status` is any value other than “authorized”, IDFA will not be forwarded to any downstream services, nor will it be forwarded as part of any Audience. The `att_authorization_status` can also be referenced by our Rules feature to limit data collection or restrict data flow.

NEW (July 2021): Configuring a default ATT status

While mParticle recommends that our customers explicitly set the `att_authorization_status` for all of their iOS users, in our July release we have added the ability to select a default `att_authorization_status` via the Apple Tracking Transparency (ATT) Default setting available in the platform. This may be helpful to handle scenarios such as:

  • Existing profiles previously sent to mParticle who have not visited your app since the iOS 14.5 release
  • Apple device data received from additional data inputs, such as partner data feeds, where `att_authorization_status` has not been provided
aligning-with-apple-att

The option to select a Apple Tracking Transparency (ATT) Default setting is available to mParticle Compliance Admin users, and can be found under the “Privacy” settings. Instructions on how to manage mParticle users and roles can be found in our docs.

Checking a user’s ATT status

At any time, mParticle admins can check a user’s `att_authorization_status` using the User Activity view tool. This can be found in the “Information” tab, under “Devices”, for Apple devices where “ID type” is “IDFA”. The `att_authorization_status` is displayed under “Privacy Tracking”.

On a mouseover of the tooltip, mParticle admins can validate if the `att_authorization_status` was explicitly set by the end user or defaulted to by the ATT Default setting, as well as obtain the timestamp when it was set.

aligning-with-apple-att

For more details around how mParticle can help you comply with Apple’s App Tracking Transparency Requirements, please refer to our iOS 14 docs.

Leading the Way in Data Privacy

As the first Customer Data Platform (CDP) to offer capabilities that help customers enforce granular privacy controls in compliance with iOS 14.5 privacy guidelines, mParticle continues to demonstrate industry leadership in data privacy. In 2018, mParticle was also the first CDP to incorporate GDPR compliance capabilities.

Our work to address iOS 14.5 began in Summer 2020 when Apple first announced these privacy changes, and is a result of the collaboration between our DPO’s office, product, engineering, and the partnerships teams.

Incorporating privacy-by-design in your data strategy

Data privacy and governance is quickly surfacing as a critical requirement for brands to address in their data strategy, especially as consumers become more aware and attuned to how their data is being used. Whether it’s to help you abide with Apple AppTrackingTransparency, or compliance regulations like the GDPR, CCPA / CPRA, or LGPD, mParticle provides you with the tools you need to enforce granular data privacy controls in adherence to your privacy policy.

Additionally, as more cross-domain identifiers are removed, including the eventual deprecation of 3rd-party cookies, strategies prioritizing dependence on 3rd-party data will be increasingly unfeasible. mParticle is here to help brands transition to building a first party data strategy, while incorporating a privacy-by-design approach.

Latest from mParticle

See all insights
Buying a CDP Today

Growth

Part Eight: Buying a CDP Today

CDP 2.0 and Zero-Waste

Growth

Part Seven: CDP 2.0 and Zero-Waste

CDPs Everywhere

Growth

Part Six: CDPs Everywhere