Update: Marketo has responded to the changes here
At this year’s WWDC, Apple announced the upcoming release iOS 17 and iPadOS 17, both scheduled for release in September, along with macOS Sonoma, scheduled for sometime in the fall.
These updates will bring a range of security and privacy updates, many of which have significant implications for marketers.
‘Link Tracking Protection’ in Messages, Mail, and Safari
This is the big change for marketers, as Apple has committed to reducing the number of tracking parameters that can be used in URLs across Mail, Messages and Safari.
From Apple’s press release:
“Some websites add extra information to their URLs in order to track users across other websites. Now this information will be removed from the links users share in Messages and Mail, and the links will still work as expected. This information will also be removed from links in Safari Private Browsing.”
In short, Apple plans to remove what they call “known trackers” from links when they are clicked on or shared.
They’ll do this by stripping away certain URL tracking parameters, while leaving the remainder of the URL intact, as shown in this video from Apple.
Which tracking parameters are affected?
Jeff Johnson reported in a recent blog post that Apple will be using a static list of trackers, rumoured to be taken from this list of “Tracking query parameters” from PrivacyTests.org.
| Parameter | PrivacyTests.org Description |
|---|---|
| __hsfp | HubSpot tracking parameter |
| __hssc | HubSpot tracking parameter |
| __hstc | HubSpot tracking parameter |
| __s | Drip.com email address tracking parameter |
| _hsenc | HubSpot tracking parameter |
| _openstat | Yandex tracking parameter |
| dclid | DoubleClick Click ID (Google) |
| fbclid | Facebook Click Identifier |
| gclid | Google Click Identifier |
| hsCtaTracking | HubSpot tracking parameter |
| mc_eid | Mailchimp Email ID (email recipient’s address) |
| mkt_tok | Adobe Marketo tracking parameter |
| ml_subscriber | MailerLite email tracking |
| ml_subscriber_hash | MailerLite email tracking |
| msclkid | Microsoft Click ID |
| oly_anon_id | Omeda marketing ‘anonymous’ customer id |
| oly_enc_id | Omeda marketing ‘known’ customer id |
| rb_clickid | Unknown high-entropy tracking parameter |
| s_cid | Adobe SiteCatalyst tracking parameter |
| vero_conv | Vero tracking parameter |
| vero_id | Vero tracking parameter |
| wickedid | Wicked Reports e-commerce tracking |
| yclid | Yandex Click ID |
Our internal tests so far also confirm that it’s only parameters on this list (and their values) that are being targeted by these changes. Any other custom parameters (such a customer_id=xyz or utm_campaign=xyz) do not appear to be affected at all.
These results also stack up with research shared by Steve Atkins from Word to the Wise, and Peter Jakuš from Bloomreach Engagement.
What is removed and where
URLs with parameters
Steve Atkins shared his research on clicking links in the Mail app, where the actual href of each link contained the parameters, e.g:
<a href="https://www.example.com?customer_id=abc&mkt_tok=abc">Link</a>
His tests showed that the parameters in the PrivacyTests.org table (shown above) were all removed, whereas any parameters not on that list remained. The resulting URL after clicking our example in Mail would be this URL opening in Safari:
https://www.example.com?customer_id=abc
URLs that point to a redirection server
Peter Jakuš also shared his research, which involved clicking links from Mail and Messages and opening them in Safari and Safari Private Browsing on iOS 17.
His links were all using a redirection server, meaning the href of each link in the email was something like this, which is set up to redirect to the URL above once opened in a browser.
<a href="https://click.track.example.com/8743b52063cd65d1633f5c74f5">Link</a>
After clicking this link in Mail, it would resolve to the full URL in Safari normal browsing mode, with all parameters intact:
https://www.example.com?customer_id=abc&mkt_tok=abc
However, if the redirect link was opened in Safari Private Browsing mode, it would resolve to a URL with any parameters in the PrivacyTests.org table (shown above) stripped away:
https://www.example.com?customer_id=abc
We ran some of our own internal tests which corroborate both Steve and Peter’s research. Below is a breakdown of the behaviour across all the affected apps and types of links.
Removal of affected parameters from links in Mail or Messages
| Action taken from Mail or Messages | Links that point to a full URL with parameters | Links that point to a redirection server URL |
|---|---|---|
| Click link → Open in Safari | ❌ Affected parameters are removed | ✅ Resolves to full URL with parameters intact |
| Click link → Open in Safari Private Browsing | ❌ Affected parameters are removed | ❌ Resolves to full URL with affected parameters removed |
| Copy link → Paste (anywhere except Safari in Private Browsing mode) | ❌ Affected parameters are removed | ✅ Full redirection server URL is pasted |
| Copy link → Paste in Safari Private Browsing | ❌ Affected parameters are removed | ❌ Resolves to full URL with affected parameters removed |
| Click “Share…” menu → Share to destination of choice | ❌ Affected parameters are removed | ✅ Full redirection server URL is shared |
Peter Jakuš’s research also indicates that Apple is not ‘pre-visiting’ the links before stripping the parameters, further confirming that no visits with the parameters will register on the server at all.
Removal of affected parameters when browsing the web in Safari
| Action | Links that point to a full URL with parameters | Links that point to a redirection server URL |
|---|---|---|
| Click link | ✅ Parameters remain intact | ✅ Resolves to full URL with parameters intact |
| Tap and hold link → select “Copy Link” → paste into destination of choice | ✅ Parameters remain intact | ✅ Full redirection server URL is pasted |
| Tap and hold link → select “Share…” → share to destination of choice | ❌ Affected parameters are removed | ✅ Full redirection server URL is shared |
Removal of affected parameters when browsing the web in Safari Private Browsing Mode
| Action | Links that point to a full URL with parameters | Links that point to a redirection server URL |
|---|---|---|
| Click link | ❌ Affected parameters are removed | ❌ Affected parameters are removed |
| Tap and hold link → select “Copy Link” → paste into destination of choice | ❌ Affected parameters are removed | ✅ Full redirection server URL is pasted |
| Tap and hold link → select “Share…” → share to destination of choice | ❌ Affected parameters are removed | ✅ Full redirection server URL is shared |
Impact on Marketers
How might these changes impact Marketers and specifically Marketing Operations professionals?
Well, Marketo users reading this may have noticed mkt_tok in the table above.
As Adobe defines, mkt_tok is “the parameter used by Marketo Landing Pages and Munchkin to ensure proper tracking of person activities (like when a person unsubscribes from an email).” Simply, this parameter is vital in tracking the subsequent web session activities for the lead.
Apple’s release means when a recipient opens an email on their Apple device using Apple Mail — the mkt_tok will be stripped.
In other words, tracking that relates to person activities post link-click will be impacted.
According to our tests, it also breaks key system functionality in Marketo, where that functionality relies on the use of mkt_tok. For example, in our tests following the “View as webpage” link, the mkt_tok in the URL is removed, which means the link cannot resolve properly, resulting in the view online failure page.
This is something that Marketo will no doubt be looking to address as quickly as possible.
These changes are part of Apple’s commitment to new privacy features
These changes come as part of Apple’s growing commitment to blocking the use of technologies that track individual user behaviour, as per their Tracking Prevention Policy.
Their policy acknowledges downstream effects of these changes:
There are practices on the web that we do not intend to disrupt, but which may be inadvertently affected because they rely on techniques that can also be used for tracking. We consider this to be unintended impact.
The policy also makes clear that they are aiming to drive adoption of alternative methods for tracking, such as Private Click Measurement or PCM, a technology that has been a part of iOS and iPadOS designed to enable more anonymous click attribution.
What’s next?
Some of the details may change before the final versions are released, but we can be certain from Apple’s press releases and policy details, that they are committed to making these changes in one form or another.
While the finer details may change, it’s clear that these behaviours will be implemented in all of the upcoming releases, so we will be keeping a keen eye on the situation as it develops.
