Alternatively, once the ad fraudsters have decided to scam an advertiser using this system, their ad fraud programs make a series of POST requests to the same well-known location pretending to be copies of Safari that have seen conversions from this ad campaign. The only way to detect this fraud would be to match up actual orders with claimed conversions from a particular site, completely bypassing the intended privacy protections. (Which probably wouldn't be that hard in some circumstances, but fraudsters would of course get to target the scenarios where matching up orders is hardest.)
Like, as far as I can tell, this completely fails to provide attribution data that advertisers can trust at all because it relies totally on the honesty of software installed on end-user devices. It will also fail to provide the stated privacy level in many situations, such as when the user keeps the same unique-ish IP address for several days. The only thing it seems to achieve is good PR for Apple, who will get a bunch of stories from credulous reporters about how they're trying to improve user privacy and the evil adtech industry is thwarting them because it wants to know everything about you.
Some of the advertisers we work with have pretty small budget, i.e. less than 50k/month and even them will probably max out the 64 campaigns.
I'm all for having a privacy minded advertising industry but this proposal misses the mark big time.
It helps that Apple doesn't rely on advertisers for the bulk of their revenue, so they can actually pursue this sort of thinking without gutting their business.
this completely fails to provide
attribution data that
advertisers can trust at all
because it relies totally on the
honesty of software installed on
Which is great for Apple, since their bread and butter is locked down devices that users can’t tamper and they can presumable do a better job of filtering bad actors.