During an earnings call this Thursday, Facebook’s Mark Zuckerberg claimed that “actions planned by platform companies like Apple could have a meaningful negative effect on small businesses and economic recovery in 2021 and beyond.”

Zuckerberg was referring to Apple’s decision to prevent apps from tracking users through unique device identifiers without their explicit consent. Apple’s move, which was delayed from the iOS 14 updated to give advertisers more time to prepare, poses a significant risk to Facebook and other targeted advertising companies.

Zuckerberg was not without bias when making this statement. Facebook representatives during the earnings call estimated that Apple would lose about 50% of its iOS revenue from its Audience Network and may have to halt the development of the Audience Network for iOS platform altogether.

The Impact of iOS 14 Privacy Updates

Apple has always been a strong advocate for data privacy on its platform, and the move toward consent-based targeted advertisement is consistent with its beliefs. Further, the new privacy policies under iOS 14 seem more compatible with more explicit privacy regulations like GDPR or CCPA.

While the new update threatens Facebook, Google, and other companies in the business of delivering targeted advertisements, how does this transition to consent-based advertising affect your startup? To quote just about every lawyer ever: “it depends.” But honestly, with a little bit of work, it probably won’t be as significant as Zuckerberg thinks it will be.

Luckily, If your startup is currently using targeted ads and tracking to generate traffic to your website or app, you still have time to plan your transition. In the wake of companies’ complaints in the likes of Facebook, Apple plans on delaying the release of iOS14 ad tracking protection until early 2021.

Until then, here are some critical areas you should consider if you plan to continue offering your app to consumers in the Apple App Store:

Data Collection and Usage

One of the areas of focuses of iOS 14 is the transparency of data collection. Apple will begin to require developers to provide disclosures when certain categories of data are collected. Among these collections includes: contact info, financial info, user content (including emails and text messages), usage data, purchase history, and photos/videos.

Additionally, you must also disclose if the data collected is being used for advertising, analytics, personalization, or app functionality. When evaluating your current data usage policies, ask yourself: “how necessary is this data for what I am trying to accomplish?”

While the question seems relatively simple, more often than not, developers find that they are unsure of why they choose to collect and use certain information. In attempting to identify what data is necessary and to what extent you need to use it, you can build upon your transparency in the App Store and effectively work towards satisfying the data mapping requirements of the GDPR. This practice is an excellent opportunity for US-based companies to fast track yourself into entering the global market.

User-Linked Data and Tracking

iOS 14 will also require developers to disclose how data is linked to accounts, devices, or partners. 

To maintain compliance with this subsection of the privacy update, startups will need to address their use of third party integrations and how these parties handle data from your app.

As we move toward 2021, startups need to open up conversations with their vendors and other partners to ensure that they are taking appropriate safeguards to anonymize user-linked data. If you can keep them in the loop about your plans for compliance, you can avoid the inevitable surprises that will come up when the rest of the update is rolled out.


Even though Mark Zuckerberg claims that Apple’s iOS 14 privacy updates may be determinantal to startups and local businesses, it doesn’t have to be for yours. It is important to remember that there was a time before targeted advertising, and there are many reasonable alternatives to consider. Additionally, building trust with your userbase and remaining transparent about your actions will allow you to gain consent to this protected data and continue business as usual.

Published by Griffin

Griffin McShane is an IAPP Certified Privacy Professional (CIPP/US), OneTrust Certified Privacy Management Professional (OTCP), a freelance web and mobile app developer, and a relentless learner. The totality of his educational experiences provides a multifaceted approach to problem-solving and problem mitigation for startups. He received his undergraduate degree from Providence College in Rhode Island, where he received his computer science and business degree. In tandem with his pursuit of a J.D. from the University of Maine School of Law, he provides a deeper understanding of technology and law to facilitate pragmatic and actionable solutions. Griffin’s current focus areas include technology, privacy, intellectual property, compliance, risk management, legal and business affairs, fintech, and blockchain. He is currently exploring blockchain applications (using the taquito library for Tezos development) and conducting research in work-product protections for cybersecurity teams and decentralized finance as a funding resource for startups local businesses. His tip: Griffin wants to remind you that his articles are for educational purposes and should not be taken as legal advice. If you are looking for more specific legal resources, check out Law4Startup’s free legal documents library! View more posts

Leave a comment

Your email address will not be published. Required fields are marked *

Exit mobile version