Microsoft Edge Secure Network is a new free service offered in the Edge web browser that prevents online entities from gleaning a user's actual IP address. The new service from Microsoft offers similar privacy assurances as Apple's iCloud Private Relay for Safari by hiding a user's identity and preventing unauthorized IP address data collection.
Apple and Microsoft look to curtail the usage of IP addresses as tracking values to identify households or individuals. The basic premise of each service is that they will replace your IP address with a temporary Apple or Microsoft-created IP address. This IP address obfuscation will prevent data brokers, advertisers, or even your ISP from collecting your IP address and browsing activity to use or sell to others for targeting ads.
Companies have used IP addresses as identifying values to track households or individuals when other identifiers like cookies or device identifiers are not available — but using an IP address as a user identifier offers little control for users.
IP offers no privacy control for users
IP addresses can offer advertising companies a unique and semi-persistent identifier value across all devices/environments. It is a ubiquitous value available to anybody running a web service — and digital ad platforms are no exception. Every time a device connects to a server, that server can see a user's IP address.
But this is no different than tracking with cookies or device IDs, right? Not so fast.
The problem with IP address as an identifier is that users do not have the same privacy controls as cookies or device IDs. Users can delete their cookies or reset their device identifiers, effectively breaking the link between the collected data and the identifier. With cookies and device IDs, users have complete control over advertisers to "forget" them — users have no such control over their IP addresses.
Internet Service Providers (ISPs) assign IP addresses — so the user does not control anything. So while cookies and device identifiers have received the lion's share of attention for their susceptibility to privacy violations, data companies will increasingly need to rely on IP addresses to conduct audience targeting.
Other high-profile rebuffs against IP addresses include Google's decision to cease storing or logging IP addresses in their latest version of Google Analytics (GA4). Many publishers use Google Analytics to track user activity on their digital properties, and prior versions of the software collected IP addresses by default.
Google is reading the room and deciding to build the latest version of Google Analytics to future-proof it against any new privacy regulations. Companies can use an IP address as a value to personally identify individuals, creating privacy complications in regions with stringent privacy guidelines like the European Union.
Google's decision to omit IP addresses in GA4 does not directly impact IP addresses as an identifier in the ad tech ecosystem. But it certainly shines a spotlight on the practice of IP tracking. If the most prominent digital advertising company in the world wants to absolve themselves of privacy considerations around IP, should everybody else follow suit?
Big tech vs. IP Address
IP addresses are the next logical identifier for privacy advocates to hone in on after the crusade against cookies and device IDs, but that crusade is still ongoing. The battle against any identifier ultimately begins and ends at the mercy of the companies that control the devices and web browsers we all use.
Apple has made its position on the issue abundantly clear. Their actions have signaled to consumers that tracking users in any form for advertising purposes is terrible. The company is hell-bent on pushing this narrative while simultaneously growing its advertising revenue by 238% to $3.7 billion in 2021, which could rise to $5.5 billion in 2022. Apple has an apparent business reason to make advertising less effective outside the Apple ecosystem. They have done just that by limiting access to their device identifier (App Tracking Transparency) and now limiting identification via IP address (iCloud Private Relay).
Google could have similar business motivations, but it must also balance out antitrust scrutiny with any path forward, so they have taken a much more measured approach to identifier removal from Chrome and Android.
From a regulatory perspective, Google restricting access to identifiers can be seen as an anti-competitive move since advertising on the open web would become less effective. Regulators can view any identifier removal as a tactic to push advertisers into Google's walled garden—lush with opted-in first-party user data.
Instead of immediately removing cookies from the world's most popular web browser (Chrome) and the world's most popular mobile operating system (Android), the company has introduced its Privacy Sandbox for Chrome and Privacy Sandbox for Android initiatives to signal to the world that they understand others may have some input on the matter.
Google has laid out plans to eradicate cookies and device identifiers in a detailed fashion and has started to dip its toes into restricting IP address usage. The Gnatcatcher proposal is in public discussion and combines different techniques to reduce using IP addresses as a tracking vector.
The proposal outlines two methods: willful IP blindness and Near-path NAT. Willful IP blindness allows a server to signal they will mask an IP from the application layer, effectively removing any capability for an app to use an IP for tracking purposes. Near-path NAT proposes running user IPs through an anonymizing service, similar to Apple Private Relay or Microsoft Edge Secure Network.
Both of these approaches have drawbacks. Willful IP blindness requires server operators to implement the proposed techniques and requires audits from third parties to attest the server operators correctly implemented the mechanisms. Near-path NAT requires someone to operate the service, which would have an inherent cost.
Microsoft will allow up to 1GB of data to run through their Edge Secure Network, and Apple Private Relay requires a paid iCloud account. Both companies cannot give away unlimited use of the services for free since operating them has costs. These costs may be why Apple only applies private relay to Safari traffic and not all app traffic.
The future of IP address as an advertising identifier
The most immediate threat to IP address tracking is IP privatizing services offered by Apple and Microsft since they provide an easy built-in method for users to hide their IP. Although, all of these options are limited or have a cost that will limit their usage. But with Microsoft's willingness to provide a partially free service, we could eventually see similar free offerings from Google or Apple.
The other immediate threat is Apple rolling Private Relay out to in-app traffic, which could obfuscate IP addresses from all traffic on Apple devices, not just Safari web traffic. If Apple did expand the coverage of private relay, they could effectively wipe out the market for IP address-based audience data for all iOS users.
If they rolled this feature out to Apple TV, could consumer demand for such a feature bleed over to other connected TV devices? Many advertisers employ IP address audience data to target audiences on CTV, where device identifiers aren't always available.
Advertisers and their ad tech vendors should pay attention to the shifting landscape. Users and regulators will view IP tracking as user-hostile due to its lack of privacy controls. Users have less control over their privacy when companies track their IP addresses than soon to be outdated technologies like cookies and device IDs. Also, the biggest names in tech that control the entry point into the Internet are signaling their intent to block using IP addresses to identify individuals.
The attack on IP address as an identifier is yet another reason for publishers to continue shoring up a 1st party/universal identifier data strategy. Publishers with a large base of logged-in users and integration with universal identifier (email) solutions stand to gain (relative to smaller publishers without logged-in users) from the continued removal of readily accessible advertising identifiers like IP addresses.
Publishers with a scaled logged-in user footprint can leverage seller-defined audiences to signal audience attributes when no user identifiers are available or UID2 to help advertisers target and measure existing audiences based on hashed email addresses.
IP addresses will probably continue to stick around as an identifier in the near term, but digital advertising companies should question their role in a more privacy-conscious future.
Photo by Chris Yang on Unsplash