A Timeline of Apple’s Privacy Changes in Safari and iOS  

Over the past few years, Apple has taken a strong stance on protecting the privacy of its customers by introducing a number of changes to its devices, web browser (Safari), and operating systems. 
 
Here’s a timeline of the key updates Apple has made. 

A Timeline of Apple’s Privacy Changes to Safari and iOS 

September 16, 2015: Apple introduced Content Blockers in iOS 9, allowing users to install third-party apps that can block certain types of content in Safari, such as ads, tracking scripts, and other elements that can cause a page to load slowly. 

June 5, 2017: Apple announced that it will be releasing a new privacy feature called Intelligent Tracking Prevention (ITP). ITP was officially released in September 2017 with the release of Safari 12 and iOS 11. 

February 21, 2018: Webkit releases the Storage Access API. The Storage Access API is available in Safari 11.1 on iOS 11.3 beta and macOS High Sierra 10.13.4 beta, as well as in Safari Technology Preview 47+. 
 
March 14, 2018: ITP 1.1 is announced and will be available in Safari 11.1 on iOS 11.3 beta and macOS High Sierra 10.13.4 beta, as well as in Safari Technology Preview. 
 
June 4, 2018: ITP 2.0 is released. 

February 21, 2019: ITP 2.1 is announced and released with the beta releases of iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave.  
 
April 11, 2019:  Webkit releases The Link Click Analytics and Privacy feature. 
 
April 24, 2019: ITP 2.2 is announced and available in the beta releases of iOS 12.3 and Safari on macOS Mojave 10.14.5.  

May 22, 2019: Webkit announces its Privacy Preserving Ad Click Attribution For the Web. This new attribution method is in the early stages of being proposed as a standard through the W3C Web Platform Incubator Community Group (WICG). 

September 23, 2019: ITP 2.3 is announced and included in Safari on iOS 13, iPadOS beta, and Safari 13 on macOS for Catalina, Mojave, and High Sierra. 

December 10, 2019: Webkit releases a series of updates to ITP in Safari on iOS and iPadOS 13.3, Safari 13.0.4 on macOS Catalina, Mojave, and High Sierra. 

March 24, 2020: Webkit releases a series of updates to ITP in iOS and iPadOS 13.4 and Safari 13.1 on macOS. 
 
June 2020:  Webkit announced it would be releasing its App-Bound Domains feature with iOS 14 and iPadOS 14 to strengthen user privacy during in-app web browsing.  
 
June 2020: During its Worldwide Developers Conference (WWDC), Apple announced that it would be introducing a series of privacy changes in iOS, iPadOs, and tvOS. One of the main changes was to change how its mobile identifier (IDFA) is accessed by app developers, AdTech companies, and mobile measurement platforms (MMPs).  
 
This change was meant to come into force with the release of iOS 14 in September 2020, but Apple delayed its release until early 2021.  
 
November 12, 2020: Webkit announces it will be releasing its CNAME-cloaking defence feature to ITP in Safari 14 on macOS Big Sur, Catalina, and Mojave, iOS 14, and iPadOS 14. All cookies created by a third-party CNAME-cloaked HTTP response will be set to expire in 7 days. 
 
June 7, 2021: Apple announced that more privacy changes will be introduced with the upcoming release of iOS 15, as well as iPadOS 15, macOS Monterey, and watchOS 8. The changes include new privacy features to iCloud+ subscriptions including Private Relay, Mail Privacy Protection, and Hide My Mail. The update will also include changes to Intelligent Tracking Prevention and SKAdNetwork, as well as a new App Privacy Report.  

September 20, 2021: Safari 15 is released with support for automatic HTTPS upgrades, the option to hide IP addresses from known trackers, and enhancements to Private Click Measurement for privacy-preserving ad attribution. 

July 6, 2022: Apple introduces Lockdown Mode in iOS 16 and macOS Ventura, an optional security feature designed to protect users from highly sophisticated cyberattacks such as mercenary spyware. Lockdown Mode limits certain web technologies and allows users to set exceptions for trusted sites and apps. 

June 2023: Apple rolled out significant enhancements to Safari’s Private Browsing and introduced advanced tracking and fingerprinting protections. Private browsing sessions now lock automatically when idle, and trackers face even tougher restrictions. These updates occurred alongside improvements to Lockdown Mode and other privacy-aware features. 

September 2023: Safari 17 (with iOS 17, iPadOS 17, macOS Sonoma) introduces Profiles for separate browsing contexts, Face ID–locked Private Browsing, default blocking of tracking in private mode, link-tracking removal, and separate private-mode search engine settings. Extensions are disabled by default in Private Browsing. 

January 2024 (iOS 17.4, EU only): In compliance with the EU Digital Markets Act, Apple allows users to choose non-WebKit browser engines and default apps within the EU. Browsers like Chrome and Firefox can now use their own engines, and users can pick default app marketplaces and contactless payment apps. 

September 2024: Safari 18 introduces Distraction Control, allowing users to hide intrusive elements like popups or newsletter overlays. This feature applies to iOS 18, iPadOS 18, and macOS Sequoia. 

March 2025: The WebKit team releases Safari 18.4 beta. Notable updates include Declarative Web Push to handle push notifications without requiring a Service Worker (preserving privacy and performance), along with many other enhancements to media, CSS, JavaScript, APIs, and Web Extensions. 

April 2025: Apple patches a critical WebKit WebView privacy-bypass vulnerability (CVE-2025-30425), which could have allowed tracking in private browsing mode by leaking cached or DOM state across sessions. A security update resolves the issue. 

The Impact of Apple’s Privacy Settings on AdTech and MarTech 

The privacy changes Apple have made to Safari and iOS make it much harder to identify users across different websites and mobile apps. 
 
This limitation means that the following activities are much harder to run: 

• Behaviorally targeted advertising 
• Frequency capping 
• Campaign measurement 
• Attribution 
• Fraud detection 

Many solutions have been proposed that aim to run these activities without third-party cookies and the IDFA, but they don’t offer the same scale. 

What Can We Expect From Apple in the Future? 

Apple’s changes to privacy over the past few years have gone from strength to strength. This is especially evident with Safari’s ITP where each new update brings with it more limitations.   
 
As a result, many AdTech and MarTech companies are coming up with workarounds to ensure their technology still works in Safari, albeit in a limited capacity.  
 
These workarounds have not gone unnoticed by Apple.  
 
In response, Apple has implemented changes to its privacy features to shut down many of these workarounds and further prevent cross-site tracking in Safari. 
 
We can expect to see the same situation unfold with the IDFA.