App Tracking Transparency

What Is App Tracking Transparency (ATT)

App Tracking Transparency (ATT) is a privacy protection framework introduced by Apple in iOS 14.5 (April 2021). It requires apps to obtain explicit user permission before tracking user behavior across other companies' apps and websites.

Before ATT, iOS apps could freely obtain the IDFA (Identifier for Advertisers), a device-specific advertising identifier, and link user behavior across apps. After ATT, before an app can access the IDFA, a dialog is displayed asking "Allow [app name] to track your activity across other companies' apps and websites?"

Research shows that only about 25% of users select "Allow Tracking" in the ATT dialog, with the majority refusing tracking. This has brought major changes to the advertising industry that relied on cookies and tracking pixels.

Technical Mechanisms of ATT

ATT operates through the following technical mechanisms.

• IDFA access control: When an app attempts to obtain the IDFA from ASIdentifierManager, the ATT framework checks the user's permission status. If not permitted, a zero-filled value (00000000-0000-0000-0000-000000000000) is returned.
• Permission state management: Each app's permission state has four levels: "Not Determined," "Restricted," "Denied," and "Authorized." Users can change this at any time from "Settings → Privacy & Security → Tracking."
• SKAdNetwork: As an alternative to tracking restricted by ATT, Apple provides SKAdNetwork. It measures advertising conversions (installs and purchases) at an aggregate level without identifying individuals. While accuracy decreases for advertisers, user privacy is protected.

ATT is limited to iOS devices, but its impact has rippled across the entire industry. Google is also introducing "Privacy Sandbox" on Android and gradually phasing out advertising IDs. While Do Not Track is a preference signal at the web browser level, ATT differs significantly in having enforcement power at the OS level.

ATT's Impact on Advertising and Business

ATT's introduction has brought structural changes to the digital advertising ecosystem.

• Decreased retargeting accuracy: "Retargeting" - showing ads for products a user viewed on an e-commerce site in another app - relied on cross-app tracking via IDFA. ATT has significantly reduced the accuracy of this technique.
• Impact on ad revenue: Meta (formerly Facebook) reported approximately $10 billion in annual advertising revenue loss due to ATT. Smaller app developers also face declining ad revenue.
• Importance of first-party data: Unable to rely on third-party data, companies have recognized the value of first-party data collected directly (membership information, purchase history, in-app behavior). Investment in CRM and email marketing has increased.
• Revival of contextual advertising: "Contextual advertising" - delivering ads based on the context of displayed content rather than user behavior history - is gaining renewed attention.

While GDPR requires consent for tracking as a European regulation, ATT is more directly effective as it is technically enforced by Apple as a platform provider.

Recommended User Settings and Actions

Settings to maximize ATT for privacy protection.

• Bulk deny tracking requests: Turn off "Allow Apps to Request to Track" in "Settings → Privacy & Security → Tracking" to automatically deny all app tracking requests. Individual dialogs will no longer appear.
• Review existing permissions: On the same settings screen, review the list of apps you have previously allowed to track and revoke unnecessary permissions.
• Don't rely on ATT alone: ATT controls tracking via IDFA but does not restrict data collection within apps. It is important to combine it with mobile app permission management to also minimize permissions for location, contacts, and other data.

Android users can reset or delete their advertising ID from "Settings → Privacy → Ads." While it does not have the enforcement power of iOS's ATT, opting out of advertising personalization is possible.

To learn more about this topic, see Smartphone Privacy Settings: 8 Often-Overlooked Items.

Common Misconceptions

Denying tracking with ATT stops all ads from appearing

ATT only restricts tracking for personalized advertising; it does not stop ads from being displayed. When tracking is denied, generic ads (contextual ads) not based on behavior history are shown instead.

Apps won't work properly without ATT permission

ATT tracking permission is unrelated to app functionality. Apple's guidelines prohibit restricting app features for users who deny tracking. All features remain available even after denial.

ATT vs. Do Not Track Comparison

Related Terms

Related Articles