With privacy laws shifting to favor the consumer over data-mining companies and marketing service providers, where does that leave brands who are earnestly trying to access user data to improve customer experience and engagement?

The trend the last few years in the fight for consumer privacy revolves around CNAME (canonical name) cloaking  While CNAME cloaking is beneficial, it can present consumer data privacy risks, which is why Apple introduced CNAME mitigation as part of its Intelligent Tracking Prevention (ITP) updates starting in 2021.

So how can you use CNAME cloaking and still comply with changing data privacy regulations? Let’s explore that now.


What is the Major Concern With CNAME Cloaking?


To understand the risks of CNAME cloaking, let’s first look at what CNAME cloaking involves.

Third-party CNAME cloaking is the method of disguising a third-party domain as part of a first-party domain to allow the third-party to track and collect data as if it is the first-party. In most cases this third-party domain is a solutions provider assisting with the online experience such as a content delivery network (CDN) like Akamai or CloudFlare, or perhaps a content management system like WordPress.

The traditional benefit of this approach is that SaaS providers can function as a seamless extension of the first party website without complex enterprise software integration. For example, Apple itself uses a CNAME to allow Adobe to measure traffic on apple.com.

The concern is that MarTech and AdTech providers have increasingly been using CNAME approaches to bypass expanding restrictions from browsers on using cookies for reporting and targeting. Specifically, the expansion of cookie restrictions from third parties to limiting the duration of JavaScript-based first-party cookies (i.e., client-side cookies) have led solutions providers to use CNAMEs to “cloak” their own domain with a subdomain of the first-party domain to set HTTP cookies, and then to share information with services operating across sites.

In response, Apple released new CNAME cloaking mitigation measures for its Safari browser that caps the expiration of first-party HTTP cookies to one week. However, in an attempt to not inadvertently break the many legitimate uses of CNAMEs, Apple’s ITP doesn’t modify cookies that come from CNAMEs that map directly to the first-party website domain or the same CNAME. This means that CNAMEs deployed in this manner are not subject to the one-week expiration, and therefore can persist and collect data for significantly longer periods.


Build With Aqfer to Overcome CNAME Barriers


Aqfer has been using CNAMEs since our inception, but not to share data across sites. Instead, we use CNAMEs to enable seamless integration with a brand’s owned media for reliable consumer identity resolution and capturing engagement data with the brand’s content – a “legitimate interest” under GDPR.

Our Universal Tag doesn’t map CNAMEs to a third-party domain, but typically to the content delivery infrastructure of the web itself, which is often the same CNAME as the first-party site. This avoids being designated by the browser as a cloaked CNAME.

Essentially, Aqfer is not acting as an imposter pretending to be part of the first-party site, but instead is acting as technology extension on behalf of the web site, consistent with our mission to enable brands control their customer data and policies. This approach of acting in the place and on behalf of the first-party website is the linchpin to our ability to provide services that will be robust and effective in the face of ongoing changes to the ecosystem technologies.

Aqfer Universal Tag is purpose-built for resilience against constantly-changing consumer data and privacy regulations. We understand the tension between privacy-enabling technologies and marketer data collection use and have chosen approaches that seamlessly extend essential capabilities for practical solutions deployment.


Why Choose Aqfer For Your Needs?


At Aqfer, we believe that the foundation of the relationship between the consumer and the brand or publisher is first party engagement. The consumer doesn’t care whether it is owned or paid media, but recognizes that content is from a particular brand. Our Universal Tag platform provides a first-party tagging solution that supports the relationship between the consumer and the companies they choose to engage.

Our Build-It-Together approach contributes a high quality, fully vetted fundamental data architecture layer to your IP. From individual use cases like identity resolution or secure data collaboration, to designing complete data infrastructure to support your front end, Aqfer solutions are purpose-built to help you grow with confidence.