Mar 31, 2021

Mobile Marketing Part 1: What Marketing Leaders Need to Know About Mobile Privacy

Brock Hardman
Natasha Solanki
Fernando Berrios

Brock Hardman, Natasha Solanki, and Fernando Berrios

Mobile Marketing Part 1: What Marketing Leaders Need to Know About Mobile Privacy

The mobile data and advertising landscape is shifting in 2021 with user privacy and protections becoming a focal point.

Engagement on smartphones can provide organizations unprecedented levels of access to data, physical location, and personal files. With this increased access comes a responsibility to manage and secure user data, but companies have been struggling to do so. Smartphone operating systems are therefore placing more awareness on what user data and tracking is being shared with organizations. Also, software is allowing users to prevent the sharing of data when it isn't advantageous to them.

The most critical change planned for 2021 is iOS 14’s identifier for advertisers (IDFA) privacy update. In early 2021, iOS apps will stop sending this unique, anonymous identifier automatically and will ask users to opt in to ad tracking. This changes the anonymized ID which advertising tools are currently using to build user profiles.

This change is considered a catalyst for others to potentially come in and reshape digital marketing. So how can marketers target personalized ads and build customer profiles when users are becoming harder to track across ecosystems?

We’ll walk through how privacy and data has evolved with smartphones, what the newest changes mean immediately for advertisers, and how common marketing tasks can still be completed in 2021.

What’s Happening in Mobile Privacy?

Recent changes to the major mobile operating systems will soon force companies to rethink their approach to user targeting and tracking. For the iOS 14+ and Android 11+ users, there will be new requirements and permissions to allow certain tracking features and attribution data to be shared across systems. Since these updates will be significant to marketers, brands will need to come up with new strategies related to the measurement and engagement data they are used to having access to by default.

iOS 14 IDFA and Location Updates

Companies that rely on the Apple IDFA for advertising and retargeting purposes may soon need to come up with a new plan for identifying users based on attribution data. With iOS 14 updates, apps will now be forced to prompt the user for permission to opt in or opt out of this tracking feature via the new ATT (AppTrackingTransparency) framework. The impact of this will be significant, and current estimates for opt-in rates are only in the 5-10% range. This will affect an enormous number of companies who rely on this identifier to retarget their users and share attribution data across systems. Therefore, it’s imperative for organizations that depend on this unique identifier to prepare for alternative solutions. Otherwise, marketing leaders risk the chance of users having an incoherent advertising experience.

Another new feature of iOS 14 is related to location data. Previously, users would give permission to their exact location by default and could select between always tracking while using the app or a one-time use. With this new version of iOS, users can decide to use their exact location or they can choose a new option called “approximate.” This will give a more general area, without giving away the user’s exact location. Therefore, marketers need to plan for this option by thinking through this scenario and how it might impact the accuracy of their location data. For some brands, there won’t be much impact. But for other apps, users might not want to give their exact location and will opt instead to use a general vicinity.

Android 11 Updates

Similarly, beginning with Android 11, users will now be prompted to opt in to certain features which had historically been automatically opted in by default. These include location services, camera, and microphone. Users will now have the option of selecting “Only this time,” which only allows the app to access those features once. Additionally, users will be able to block an app from requesting permissions if the user denies that permission twice. At which point, for that feature to work, the user will need to manually grant access to the app via the device’s settings.

SkAdNetwork Framework

SkAdNetwork is a framework introduced by Apple in 2018. This framework is used for measuring attribution of mobile ad campaigns and uses an aggregation of three main entities:

1.     The ad network which signs the ad.

2.     The publishing app (which app is displaying the ad).

3.    The app being advertised.

When using SkAdNetwork, the attribution data is only sent to the network whenever all three entities are doing their part of the process. Using this network also means that attribution data will be less granular. There will be a limit on the amount of data you can send per event, and there will also be a time delay (at least 24 hours). None of this is ideal for marketers, who are accustomed to virtually limitless measurements and real-time data. There will also not be any deep-linking capabilities as the only event that gets tracked is the act of downloading an app.


General data privacy regulations (GDPR) is Europe's data privacy and security law that originated in the EU. It applies to any company across the globe that collects data from EU residents. The California Consumer Protection Act (CCPA) is a very similar law, which applies to California residents in the U.S. If you plan on collecting information on an EU or California resident, you must adhere to a very strict set of guidelines which allows each user the ability to perform certain actions on their personal data.

Some of which include the following:

1.    The right to be informed—what data is collected and how is it used.

2.    The right of access—the ability to access the data being collected.

3.    The right to rectification—the ability to change any data which may be inaccurate.

4.    The right to erasure—the ability to delete any of their personal data.

5.    The right to opt-out—users can prevent the sale of their personal data.

As you can see, the trend here is shifting toward giving the user complete control of their data. We now live in a digital age where security and privacy of our most sensitive information is paramount. You can expect to see more laws like this that will affect more than just the people in Europe or California. Inevitably, this will become standard practice across the globe, as more and more territories adopt these practices. The time is now for your business to start preparing for this so you aren’t caught scrambling down the road. This will also give you more time to think through the intricacies of achieving these requirements and what kind of implementation updates you might need to make for your brand going forward.

How Did We Get to This Point in Data Privacy?

Since the launch of modern smartphone platforms, we’ve noticed a few related trends that are shaping and driving the future of the mobile landscape. The first trend is that as the number of smartphone users increases, so does the number of data breaches and exposure of personal and private data.

Mobile Privacy Breaches Since 2011
Mobile Privacy Breaches Since 2011

The second important trend is that of increasing transparency and providing users with more control over their data and privacy. Below is a general timeline of significant privacy related platform and software development kit changes to the major mobile operating systems. Manufacturers of mobile operating systems are adjusting to the desire and expectation of users to have more control and are moving toward solutions that reduce the possibility of their products being misused and exploited by third parties.

Mobile Privacy Timeline 1
Mobile Privacy Timeline 1
Mobile Privacy Timeline 2
Mobile Privacy Timeline 2

What Does the Future of Mobile Privacy Look Like?

As Apple and Google shift their policies to further protect user privacy, marketing companies will need to adapt to these restrictions and innovate new strategies in the coming months. Apple’s new requirement to have users opt into tracking prior to any data being collected will likely lead to 90% of users opting out.

Consumers tend to fear the idea of their privacy being breached so when companies, who in the past have been collecting data on them unknowingly, have to ask for permission most will make a split-second decision to err on the side of their own mobile security.

Using Contextual Targeting

Further complications arise with Apple’s restrictions around the opt-in prompt itself. The restrictions, along with Apple’s threat of removing any app from the App Store that does not comply, have left companies looking to new methods in the future.

Some believe the new guidelines will eventually bring the return of advertising based on the context of the user’s environment as opposed to targeted advertising that relies on the collection of user data. Showing an ad for a clothing line simply because the user is visiting a fashion blog would be an example of how companies could move toward contextual targeting. Although this is not nearly as effective as targeted advertising, it allows companies to at least continue some sort of specialized marketing when users have opted out of personalization and tracking.

Leveraging First-Party Data

Another tool companies can leverage when tracking is not enabled is first-party data. Mandatory registration and logins for an app will assist companies in building profiles on their users. While these are good alternatives or additions to a marketing strategy, the primary goal is to have users opt in to tracking and personalization.

Focusing on Trust First

In order to increase tracking and personalization opt-ins, companies must earn the trust of their users. This trust can be developed from open communication that educates the users on what data will be collected and why. A preemptive education screen shown prior to the native tracking pop up can be utilized to do exactly that. Envision an aesthetically pleasing screen that demonstrates how giving consent is the right decision, along with full transparency. This will decrease the odds of automatic rejection.

Looking to the Future

Although Android developers may not have to adhere to such regulations today, Google is expected to follow in these footsteps soon. As previously mentioned, Android users are now being prompted to opt in to certain features which had historically been automatically opted in by default. The trend in tighter privacy regulations on both platforms suggests that marketing companies should alter their strategies on both mobile platforms in the near future.

We’re helping many clients thinking through how to prepare their marketing organizations for these new regulations. If you have some questions, feel free to reach out to us at

Conversation Icon

Contact Us

Ready to achieve your vision? We're here to help.

We'd love to start a conversation. Fill out the form and we'll connect you with the right person.

Searching for a new career?

View job openings