> in practice if each small business were expected to audit every one of their inputs, it would be hard to get any business done.
While I agree, that a full audit would be difficult for smaller operations, it took me 2-5 minutes to do a quick check on what is being stored client-side and to come to a logical conclusion if individual users are being tracked or not.
It's a decision, one that you can (probably) make. For me, in the EU, it's no longer a choice and I personally think regulation(GDPR) was needed because, without it, no one took user-privacy seriously.
> As for your second point, yes, that is precisely what I referred to in my original post - that we could deal with the end of IDFA / that we just want to make sure ads are effective - SKAN which provides aggregated statistics is mostly ok for us.
GDPR would also apply here. If there's an option to process less data and achieve a similar result, one should use that option and using a more invasive method(identifying individuals) for tracking would be illegal. It's called "the data minimisation principle"
While I agree, that a full audit would be difficult for smaller operations, it took me 2-5 minutes to do a quick check on what is being stored client-side and to come to a logical conclusion if individual users are being tracked or not.
It's a decision, one that you can (probably) make. For me, in the EU, it's no longer a choice and I personally think regulation(GDPR) was needed because, without it, no one took user-privacy seriously.
> As for your second point, yes, that is precisely what I referred to in my original post - that we could deal with the end of IDFA / that we just want to make sure ads are effective - SKAN which provides aggregated statistics is mostly ok for us.
GDPR would also apply here. If there's an option to process less data and achieve a similar result, one should use that option and using a more invasive method(identifying individuals) for tracking would be illegal. It's called "the data minimisation principle"