Most of the digital world isn’t designed (at
least not by default) to protect privacy. And so as optimizers, we’ve to be
diligent and tiptoe our way into offering meaningful web experiences while
respecting our users’ privacy and complying with laws like the GDPR and privacy
Regulation.
We also have to keep up with the changes to
the data policies and practices of tech companies as newer boundaries of
digital privacy emerge. Apple’s recent update to its cookie data retention
practice is a big one at that.
A lot of our Convert users expressed concern
about it and found it to be one of those “curve balls” that hit you
right in the face. We couldn’t agree more… having
the cookie data of your Mac and iPhone users purged every 7 days (for users
with no site activity), especially when most CRO experiments run for at least
14 days is no less than a nightmare.
But we’ve shipped a solution. We’ll cover it in a second. However, first, here’s a quick look at Apple’s Intelligent Tracking Protection 2.1.
Apple’s Intelligent Tracking Protection 2.1
In its efforts to offer users a more
privacy-focused and secure browsing experience, Apple’s ITP 2.1 has introduced
a seven-day expiry period for all browser-issued cookies created through the
document.cookie API.
Which means
if you use browser-created cookies for your Safari browser users, your cookies
will get deleted in 7 days.
While this change only impacts iOS 12.2 and Safari 12.1 as of now, we expect it’ll be extended to more versions and even more browsers in the future. Here’s what it means for you as a Convert user.
What the New Seven-Day Limit Means For Your Convert Experiments
If you run a 15-day experiment, and a user
visits your site on day 1 and then on day 11 (after a gap of 10 days), then
Convert won’t be able to recognize this person as a repeat visitor (because
Convert’s browser-created cookie would be deleted following the new
restrictions!).
And this visitor will be treated as a new one.
You can understand how this can skew your experiment’s results, especially if you’ve a large audience share using the Safari browser.
Here’s Convert’s Workaround
We considered quite a few ways to resolve this
and finally settled on moving the cookie creation process away from the browser
and into the server.
Since the new cookie
duration restrictions apply only to browser-created cookies, we’re moving the
cookie issuance part to your web server, which means your server will create
the cookies and not the users’ browsers.
You can find the
steps to facilitate such server-side cookie creation here. If you need any help with
making the needed changes to your web server infrastructure, please feel free
to contact us.
We have a segment of
users who’ve been impacted by this and have already implemented the solution.
We’re monitoring how things are going for them, and we’ll let you know if we’ve
any updates.
At Convert, we’re committed to user privacy and do believe that persistent tracking can be intrusive, when not done right. And that’s why our cookies — by design and default — use only the most privacy-friendly practices.
What the Future Holds
Apple is certainly
not the only brand looking to put its browser on a cookie diet.
Word is out that
Google is all set to follow suit with its Chrome 76 variant which will block or clear third party cookies
used for tracking, and aggressively handle fingerprinting to further reduce the
chances of tracking, post third party cookie opt-outs.
Convert Experiences
is happy to say that users can rest easy with their A/B testing drives in this
regard because there are no third party cookies used by our tool.
We will definitely continue to monitor this situation as it builds and stay on top of solutions that respect privacy, but do not unnecessarily complicate the ease of testing for customers.
Originally published May 17, 2019 – Updated January 14, 2022
Mobile reading?
Authors
Dionysia Kontotasiou
Convert’s Head of Integration and Privacy, helping customers with technical queries.