Starting iOS 13.4, Apple Safari Gets Even More Aggressive Against Third-Party Cookies


The more people browse the web, the more digital footprints they will create.

These are the data that can be used by advertisers to track users wherever they go on the web. Ads are the economy of the web. But when it comes to privacy, trackers are more often work in mysterious ways that may in certain times, violate people's privacy.

Apple has long touted its approach in preserving its users' privacy.

Safari’s Intelligent Tracking Prevention (ITP) allowed a few exceptions when it was introduced back in 2017, and websites were able to use those exceptions to identify users based on what was being blocked and track their activity.

Having made its iOS more polished that its Android counterpart in terms of maintaining users' privacy, the company since iOS 13.1 has introduced stricter third-party cookie blocking features that prevents websites from identifying Safari users and tracking their web activity.

And in iOS and iPadOS 13.4 and Safari 13.1 on macOS, Apple takes this a step further by making ITP to block all third-party cookies by default.

This move shows how Apple is cracking down on any effort to circumvent tracking prevention.

Read: 'Intelligent Tracking Prevention 2' In Apple Safari: Disrupting Digital Advertising

According to Apple engineer John Wilander in a WebKit blog post.

"Cookies for cross-site resources are now blocked by default across the board. This is a significant improvement for privacy since it removes any sense of exceptions or 'a little bit of cross-site tracking is allowed.'"

As Apple is becoming a privacy-focused company, more than ever before, making Safari to block all third-party cookies by default will prevent advertisers from following and tracking the web browser's users around the web.

Most Safari users won't notice the changes, as ITP has been doing this in some capacity since it was first launched.

"It might seem like a bigger change than it is. But we’ve added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari," the Apple engineer added.

Tor, Safari, Firefox, Brave - cookies

Anti-tracking measures aren't anything new.

The Tor Browser for example, was the very first web browser to actually feature a full third-party cookie blocking by default. Then there was Brave, which was followed by Mozilla Firefox, which also included 'Enhanced Tracking Protection' from websites trying to do cryptojacking on visitors' computer.

Safari in joining the club marks a huge change that may disrupt how advertisers advertise and how publishers earn money from showing ads, given that Safari is already conquering a healthy 18% share of the global browser market.

Besides the third-party cookie blocker, Safari also limits local storage for websites' all script-writables for just one week, after which the data will be automatically deleted.

This move could potentially break Offline Web Apps, indicating Apple never really wanted to support them.

Google for its part, has also made a similar commitment to block user tracking via third-party cookies in Chrome, but has planned to achieve that by 2022.

The company can in fact do it sooner if it really wanted to, but it's the advertisers that have asked it in an open letter to drop the idea altogether, because the move would "choke off the economic oxygen from advertising that startups and emerging companies need to survive."

As a workaround, there can be an alternative approach to successfully replace blocking third-party cookies and make advertisers happy, but at the same time capable of protecting user privacy.

After all, Google lives on ads. And by blocking ads, Google is literally choking itself by blocking trackers.

Further reading: WebKit Wants To Further Restrict Web Trackers, And Google Should Follow Suit