17 Nov 2021

Testing Apple’s Recent Privacy Changes

Following on from our recent blog where we discussed the changes made to Apple Mail’s privacy settings and the reported potential effects this could have on email campaigns, metrics and email marketing in general, Cumulo9 has undertaken post-release testing of Apple’s iOS MPP impact across our product suite.

Once Apple's new iOS 15 is installed, when someone first opens up the Apple Mail app, they’ll get a message prompting them to either “Protect Mail activity” or “Don’t protect Mail activity”. In theory, selecting Protect Mail Activity prevents senders from seeing if and when someone has opened their email. 

We decided to put it to the test across various Apple devices to see what implications the new privacy changes would have on our products.  The following blog details our testing process and we share some interesting and encouraging results.

Our Testing Methodology

Emails were sent to addresses at key domains (hosted at Apple, Microsoft and Gmail), using both. Those emails were received to the Apple test devices which had an earlier OS installed. Each message contained specific instructions in terms of when it should be opened and if and when links should be clicked.

Those actions were completed in Apple Mail and Outlook on the test devices and the metrics for opens and clicks were recorded, as was user information (such as IP address, email client and device type).

Each test device was then updated to iOS15 and new emails were sent to the same addresses, with the same specific instructions around opening the messages and clicking on links. One device had the option “Do Not Protect Mail Privacy” selected while the remaining test devices had MPP* enabled. The device which had the “Do Not Protect Mail Privacy” option selected was then updated to the “Protect Mail Privacy” option and the same tests were resent.

*MPP stands for Mail Privacy Protector – refer to our earlier blog for more information about this.

The Surprising Results

Even when selecting “Do Not Protect Mail Privacy” the default setting is set to “hide IP address” - users need to access the settings for Mail to specifically disable that. If editing the settings and opting to select “Protect Mail Privacy”, the only added functionality over the default setting is to “block all remote content”.

The good news from our testing is that, for both C9 Signature and C9 Transact, we are still able to accurately determine when emails are opened and read, even with MPP in place on the recipient device. While we can no longer determine the IP address (a proxy IP address is provided so it is not unique per user), in the interest of privacy, that information was never published for C9 Signature and C9 Transact customers to review - so the good news is no value has been lost to our users.

The other information which is now suppressed on email opens is the email client and device used to view the message. While this information was provided to C9 Signature and C9 Transact users, it was not instrumental in driving messaging as seems to be the case for marketing newsletters. As both these core products have been geared to delivering mobile-first email designs for several years (and that functionality is unchanged), there will be no measurable impact from this MPP change either.

Perhaps most surprisingly, we were able to determine that an Apple device was used when the recipient clicked on a link within an email so that data is still accessible in those circumstances.

In short, C9 Signature and C9 Transact are still able to provide reliable open rates, open times, blind read receipts and device data when links are clicked. 

So - What Next?

First up, we will continue to keep an eye on privacy and security developments from all service providers and will continue to test and publish our research to ensure our products deliver value.  Cumulo9’s suite of products has long been designed to provide valuable interaction data without infringing on recipients’ privacy and we will continue to treat this as a top priority.

As discussed, our testing has given us confidence that both C9 Signature and C9 Transact retain accuracy alongside Apple’s MPP.  Therefore - if it is important for you to know when your message has been delivered and also if and when it has been read - Cumulo9 will continue to provide a solution to meet your email or essential transactional email needs.  Contact the team today for more information

News is the first draft of history

Related news

Cumulo9 Products

08 Apr 2024

Wealth Management Security Breach: A Case Study

22 Feb 2024

Major ESPs to start enforcing email authentication

10 Jan 2024

e-Boks and Cumulo9 partner up to improve digital communications

The e-Boks platform helps automate and streamline your digital communication with the highest level of security and compliance.

Cumulo9’s partnership with the global secure digital platform provider e-Boks is a collaboration set to redefine the standards of digital interaction between businesses and their customers. A partnership that leverages the strengths of both organisations to offer a more secure, efficient, and integrated digital communication experience.