Skip to content

3 big takeaways for retailers from Apple’s WWDC 2021 Keynote

David Schripsema

By David Schripsema



This year, at Apple’s WWDC Keynote, they doubled down on their efforts to support the right to privacy. Here are some implications for retailers.

Summary: Over the past decade, Apple has doubled down on their belief that privacy is a fundamental human right. They made three pretty significant announcements at this year's keynote that support that right to privacy, but also impact retail marketing programs in a pretty big way. Rather than lament the constraints this adds to retail marketing, in this post we’re encouraging companies to take a step back and rethink how they do marketing.

What's changed? 

The Apple App Store ecosystem across Mac, iPad, and iPhone facilitated $643 billion dollars in billings and sales during 2020—a 24% year-over-year increase in the midst of an economy crushing pandemic. If this ecosystem was a nation, its GDP would be greater than Poland, Austria, Ireland, Egypt, Denmark, and New Zealand. So every year when Apple hosts its World Wide Developer Conference (WWDC), people pay attention.

One of the cornerstones of that ecosystem in the past decade has been their belief that privacy is a fundamental human right (and I tend to agree!) In support of that cornerstone, they made three pretty significant announcements at WWDC that support that right to privacy—but also impact retail marketing programs in a pretty big way.

Rather than lament the constraints this adds to retail marketing, we’d encourage companies to take a step back and rethink how they do marketing. Gaining your customer’s trust is one of the best things you can do, and we think there are some ways to leverage this moment to do it. Here are the key things that were announced, and why they’re not the end of the world!

With this change, you’re losing out on accurate open rate metrics, average read time metrics, and your click-through rate metrics are going to be limited to global and will be harder to get down to the level of ‘opened and clicked.’

01. Mail privacy protection

If you’re privy to the metrics your company’s email marketing program cares about, you’ve no doubt seen the terms open rate, click-through rate, and conversion. You’ve probably also heard about send time optimization to maximize open rate, email send frequency, and subject optimization.

In the upcoming version of Apple’s operating systems across their mobile and desktop platforms, the built-in mail applications will begin blocking functionality of the tracking pixels that many email send providers use to track open rates. For customers that don’t block the pixels outright, Apple will send the traffic through a relay, stripping out the relevant information about who opened it, what type of device they were on, and many of the other metrics that email programs are built around.

What Apple is doing only affects people opening their email from Apple Mail on iOS, ipadOS, or macOS; however, that represents nearly 30% of email and could account for more than 60% of e-commerce revenue.

What I’m driving at: don’t discount the impact this will have on your programs just because it’s only email opened in Apple Mail. That’s a sizable amount of e-commerce spend.

With this change, you’re losing out on accurate open rate metrics, average read time metrics, and your click-through rate metrics are going to be limited to global and will be harder to get down to the level of ‘opened and clicked.’ It makes it harder to A/B test subject lines, figure out performance of content, etc. And because Apple’s doing it, it’s not a stretch to imagine more of the market will follow.

So what should you do?

Bluntly: send fewer, better emails. Email programs seem great because you can pull the email lever to send a million of them, predict that you’ll see X open rate, Y click through, and Z conversion—which leads to a predictable increase in revenue. This incentivizes teams to focus on getting as many email addresses as possible and blasting as many emails as possible. This is problematic on many levels, but mostly that it gives people email fatigue, encourages laziness on the part of marketing teams, and leaves you subject to the whims of email providers as to where your messaging actually lands (Inbox? Promotions folder? Spam???)

What if instead of just blasting every customer on your list with your product du jour, you instead sent a weekly (or even monthly) email, personalized by cohort, with some long-form content—perhaps produced by some of your best customers—fully laid out and designed. That work takes time and can’t be executed daily by most marketing teams.

A few brands do a great job of this. Rapha and Huckberry are two that come to mind. My personal open rate for emails I get from them is approaching 100%. I know that the email is going to be great to look at, relevant to my interests, and I only get one a week so it’s not a daily slog to get through. In fact, they’ve earned my trust so much that they’ve gotten my personal email address, and not the default one my whole family gives out online and is so overladen with marketing messages that it’s practically a personal search engine for whatever sales are going on, with almost every email left unread/unopened.

02. Hide my email 

Speaking of ‘spam’ email addresses—get ready. Apple introduced a really interesting feature that basically auto-fills the email address window with a randomly generated email address that gets forwarded to your personal address and can be turned off at any time should the messages to it become overwhelming. There are a plethora of services out there that have been doing this for years, but this is the first time I’m seeing it built into the operating system. Especially since they’re also adding support for personal domains so that you can have your own “” email address, I expect a not-insignificant number of digitally native consumers will leverage this functionality to its fullest and are likely also the customers doing a ton of online shopping.

Since this functionality also requires a paid subscription to iCloud, I suspect they're the type of people comfortable spending money online for goods and services, often at a premium. If your customer base indexes more heavily toward Apple users like some of our clients, you’re even more likely to encounter these.

So what should you do?

We encourage our clients to look for the pattern that these dummy addresses take. It’s yet to be seen since the feature isn’t out yet, but the assumption is that they’ll follow similar patterns (e.g. a diceware generated phrase like and therefore you’ll be able to spot them coming in. Then, don’t market to them! Send order confirmations, but keep them out of your customer records and don’t waste money sending emails to addresses that may or may not exist. Earn your customer’s trust that you’re not going to blast them with 3 emails a day, and maybe you’ll end up with their actual real, personal email address.

03. iCloud Relay

Another feature coming to the paid iCloud+ platform is iCloud Relay. Essentially, when you visit a website today, your device sends a picture to the internet of you on your front porch with address visible holding a sign that says “Hey! It’s me! David! Website please!” and then the website sends the information you want back. This means the website now knows a lot about you. It knows what you look like, where you are, what your house looks like, maybe if you have kids depending on what toys are strewn about. This can be done via browser fingerprinting, a cookie, or even a third-party tracking tag from Facebook.

What iCloud relay does is pass a folded-up picture to Apple that just has the URL you want—nothing else. Apple doesn’t unfold it, they assign it a random string and pass it to a third party they trust without telling them who it’s for. That third party opens it up, retrieves the information, folds it up and hands it back to Apple along with the random string. Apple doesn’t open it, but goes “oh, that random string is David” and then hands me the folded website.

This way, Apple doesn’t know what I want but knows who I am, and the third party doesn’t know who I am and only knows what website I want. This is a slightly more advanced form of a VPN, but differs from traditional VPNs in that the only entity with the whole picture (who you are and what you want) is you, while traditionally the VPN provider would just make the request directly and pass it back to you, meaning if they’re compromised, or just want to make a buck selling information about who likes what, your privacy is at risk.

The disadvantage to retailers is that the information about your device—your house— can tell them a lot about you depending on what data broker(s) the retailer is using. This information can help identify who you are without an authenticated session, map you to a cohort for personalization purposes, and share back information to whatever third-party trackers are on the site for retargeting purposes. iCloud Relay essentially prevents that from happening.

So what should you do? 

Incentivize logins and heavily leverage landing pages.

When someone logs in, they’re choosing to tell you who they are, and you can tailor the site experience to their preferences. Gamify their profile and incentivize them to tell you more about them. Think LinkedIn and their “Your profile is 75% complete! Users who get to 80% are more likely to be noticed by recruiters” type messaging, but maybe go further and offer a discount code for a fully filled out profile. Now, rather than guessing based on data from a third-party data broker that may or may not be accurate, a customer is choosing to tell you exactly who they are and what they like and what their purchase history is.

As for landing pages? Even an anonymous person walking through your site came in somewhere. If it was looking at iPhone cases, merchandise those more heavily and suggest Apple Watch add-ons. Someone who came in on a Nike Women’s Sneaker Drop that sold out in seconds? Show them what other customers purchase based on your own data. Rather than relying on knowing who they are and what they’ve done in the past, base the personalization on their behavior for a given session.

In summary 

Privacy is ‘cool’ now. Apple’s pushing it hard, Facebook is making a play at being seen as less creepy, and regulations like GDPR and CCPA are becoming widespread.

Give customers a choice. Tell them what you’re doing and why you’re doing it. Respect the trust they do give you by not abusing their inboxes. Stop spending valuable dollars marketing to people who don’t want to be marketed to, and hone your targeting by improving the quality of your first-party data.

Privacy is here to stay—embrace it!