I am interested to understand how Apple's Mail Privacy Protection feature that seemingly won't allow Marketers to track email opens anymore actually works.
Apple announced Mail Privacy Protection in today's keynote and a blog article:
In the Mail app, Mail Privacy Protection stops senders from using invisible pixels to collect information about the user. The new feature helps users prevent senders from knowing when they open an email, and masks their IP address so it can’t be linked to other online activity or used to determine their location.
In another article the following is stated:
But with iOS 15, iPadOS 15, and MacOS Monterey, if you use Apple’s Mail app, any email you open will now route through a relay that loads any tracking pixels there before sending the email onto you. Since tracking pixels are remotely loaded on Apple’s relay they aren’t associated with your IP address, thus preventing the sender from using them as a tool to spy on you.
But what does that mean to the actual implementation?
Apple can only access user's emails when the Apple Mail app connects to a third-party email server (at least for most users that don't use an Apple email account). So, Apple would do this
sporadically and could fetch these emails to download all the images to their servers. This means a tracking pixel used by a marketer would always be downloaded resulting in
- the email always being marked "opened" (from a tracker perspective)
- the IP being anonymized (going through Apple's proxy / VPN)
- the geo location being anonymized (same reason)
- the open time being anonymized (images are downloaded by Apple at their own discretion)
Once the email is actually being opened by the end user, the images would be loaded from Apple servers. The original tracking pixel would not be requested at this point of time and could not track the activity.
This seems like it could work and would actually do exactly what Apple described. However, I don't think Apple could actually implement it this way for two reasons:
- Storage: Apple would need to download and store all images from all emails that are in a user's inbox, no matter if the user actually opens it or not. This would be a crazy overhead and would produce a lot of cost
- Some dynamic image content might not work anymore. If Apple decides to download an image at some point of time and the user decides to open the email with that image at a different point of time, the original image might have changed. Dynamic images serve a purpose, e.g. for product recommendations or for parcel tracking. Apple could break useful functionality
So my guess is that Apple would instead just serve these images through a relay (basically proxying them through their new VPN service). This would still anonymize the user's IP and geolocation but it would still allow the marketer to track the activity and the time of the open.
Another option would be that Apple tries to identify only the tracking pixel and would download only that. But this would open the door for marketers to just use other, existing images in the email to track an open.
Appreciate your thoughts on this. Thanks!
