It’s been an interesting few days. After writing my initial post on Link Tracking Protection, this inspired Jeff Johnson to do his own research and dig around the beta developer build and find the file the remote service was pulling in.
Since I had some time become available, using his directions I also installed MacOS 14 and was able to confirm the presence of the QUERY.PARAM.wplist file. Initial testing does confirm that this is likely the file leveraged by Safari to issue it’s redaction on the URL parameters.
Below is a list of vendors whom (as of this point in the beta) are likely to be effected. As the service will update as new files become available, I expect this list to change over time. The exact impact to each service will vary depending on how critical these identifiers are to their services. In some cases campaign reporting may still be valid, but user counts could tank. In other cases the entire analytics hit may fail. Each vendor will need to review their products and determine the relevant impact to their offerings.
| Query Parameter | Vendor |
| __hssc | HubSpot |
| _hsenc | HubSpot |
| __hstc | HubSpot |
| __s | Drip |
| _openstat | OpenStat |
| dclid | Google Display & Video 360 (DoubleClick Click Identifier) |
| fbclid | Facebook Click Id |
| gclid | Google Search Ads 360 (Google Click Identifier) |
| hsCtaTracking | HubSpot |
| igshid | |
| mc_eid | MailChimp |
| mkt_tok | Marketo (Adobe) |
| ml_subscriber | MailerLite |
| ml_subscriber_hash | MailerLite |
| msclkid | Microsoft Ads Click Id |
| oly_anon_id | Omeda Olytics |
| oly_enc_id | Omeda Olytics |
| rb_clickid | Unsure – Google returns a lot of Russian results. |
| s_cid | Adobe Site Catalyst Campaign Tracking |
| twclid | Twitter Click Id |
| vero_conv | Vero Campaign Tracking |
| vero_id | Vero Campaign Tracking |
| wickedid | Wicked Reports |
| cycled | Unsure |
This initial list seems largely limited to impacting campaign tracking. Google’s UTM parameters, which don’t contain user identifiers, so far appear to be unaffected. Analytics packages may be impacted, dependent on the specific rules they are using to determine channel attribution.
A New Setting for Safari
When I did my Safari overview, I hadn’t yet been able to test the browser on the beta operating system. Now that I have, I have more news to share. In addition to Link Tracking Protection applying to the Private Browsing window by default, users will be able to enable the advanced privacy features for all browsing via a new setting in Safari’s Advanced Settings pane.
After enabling the setting, it does indeed remove identifiers such as Google’s gclid and Microsoft’s msclid from the URL upon clicking through an ad. It also engages all of the networking privacy features and I began to appear to the websites as being in New Jersey and New York (both of which are 15 hours away by car from my current location).
As always – Beta is for testing. Features can change dramatically based on testing and feedback. Still, should the current configuration go live advertisers are likely to have a rough second half of the year attribution wise.