Complaints that the Apple ad tracking system IDFA (dentifier for Advertisers) is in violation of EU legislation by an NGO hosted by Max Schrems, a personal information security activist with a lot of track record in lawsuits related to large tech companies such as Facebook. It is reported that it is done.
IDFA is a unique ID number randomly assigned by Apple to user devices. Advertisers can use this number to more accurately target their ads and make a quote based on their effectiveness. In iOS14, each app asks for explicit consent from the user to obtain IDFA. Without consent, it could not be obtained and the device would not be identified. However, this has been delayed until early 2021.
In response to Apple’s policy, Facebud warns of a possible decline in app developer ad revenue, and the French advertising industry is anticompetitively complaining to regulators. In other words, it can be said that the restriction on IDFA acquisition has been accepted as Apple’s privacy protection.
However, NOYB, a personal data protection NGO hosted by Shrem, said IDFA complained to German and Spanish regulators for violating regulations on cookies based on the EU cookie law, or GDPR. In other words, the creation and storage of IDFAs on Apple devices without user consent violates the cookie law, which prohibits the installation of any tracker without user consent.
In response to these complaints, Apple said the allegations were in fact inaccurate and expects privacy authorities to investigate and clarify.
NOYB claims that it is not clear if any technical mechanism can prevent others from accessing it as long as IDFA was created, and Apple itself says that it is not clear whether the tracker is accessed or not, and that the tracker is not first created and installed. Regardless, it said that IDFA should be abolished in its original form.
In the wake of the 2013 Snowdon case, the European Court of Justice lifted the agreement by appealing that the Safe Harbor Agreement, a rule for transferring personal information between the United States and the EU, did not adequately protect personal information. It also won a lawsuit demanding that Facebook ban the transfer of EU citizen personal data from Ireland to the United States. Specifically, the European Court of Justice issued a ruling to invalidate the privacy shield, which can be called a revised version of Safe Harbor. As a result, there is a possibility that the EU will stop transferring data to US tech companies, including Facebook. If IDFA is banned, it could hurt the advertising industry and advertisers, mobile game companies, rather than Apple. Facebook, one of the biggest parties, could also make a move. Related information can be found here .