- Users will have to "opt-in" to allowing websites to track their browsing behavior on Safari, including sites with a "share" button usually provided by companies like Facebook or Google.
- Apple will also limit "fingerprinting," or the ability companies to follow specific device activity.
- There will also be higher level protections against outside companies accessing information on a users' contacts, photos, calendars and reminders.
Apple is introducing more controls to allow Safari users to control who gets their personal information online, including limiting data tracking across websites, the company announced on Monday at Apple's annual conference for software developers, WWDC.
The move helps Apple respond to increasing user concerns about privacy online, but could make it harder for websites and advertisers to target ads efficiently.
One advertising agency executive told CNBC Apple's new limits on tracking put Facebook and Google in a "precarious place" because it would block their ability to follow users across the web as well as attribute how many individual users were clicking on links or what kinds of people were looking at ads.
In addition to not having attribution info, the other big impact will the limits on the data ad providers get from multiple sources in order to target advertising, said Forrester vice president and principal analyst Thomas Husson. Apple's decision to introduce more privacy controls differentiates them from other tech companies like Facebook and Google and could make customers more loyal, he said.
"While in their interest, such an approach is perfectly aligned with Apple's DNA and business model," Husson said. "Apple is definitely ahead when it comes to using privacy as a competitive advantage."
One of the main updates asks users to opt-in to allow websites to track their browsing behavior on Safari, including sites with a "share" button or comments section provided by companies like Facebook or Google.
To demo the new feature, Federighi showed how Safari showed a pop up notice asking a user to allow Facebook to have access to cookie and website data before they were allowed to comment on a website. Though the website was not run by Facebook, its comments section allowed people to use Facebook Login to post their thoughts.
"Now that it applies immediately, frequently visited sites — and not just Facebook — should be impacted," Forrester's Husson said.
Apple will also limit "fingerprinting," or the ability for companies to pinpoint precisely which device is visiting a website. That will make it "dramatically more difficult" for data companies to collect user information, Federighi explained, but could also make it harder for websites advertisers to measure how many people saw a particular piece of content.
Other protections include adding higher level protections against outside companies accessing information on a user's contacts, photos, calendars and reminders.
"There can be a lot of sensitive data on your devices, and we think you should be in control of who sees it," Apple's senior vice president of software engineering Craig Federighi said.
"We believe your private data should remain private," Federighi said.
The changes will have the most dramatic effect on mobile usage and tracking. Safari is the second most popular web browser with about a quarter of U.S. internet users using the browser on mobile and desktop according to the federal government's Digital Analytics Program. It is also the default web browser on Apple's massively popular iPhone. The company sold 52 million iPhones in the quarter ended March 31.
Apple found itself embroiled in privacy issues after a New York Times report alleged Facebook shared its user data with Apple and other device makers without explicit consent. Facebook made deals with these companies to allow them access to user account information and activities. In exchange, the device makers included its Messenger, "like" buttons and other Facebook features in their products.
While Facebook blocked developers from accessing friends' user information in 2015, it did not stop hardware companies from receiving the information. Facebook defended the decision, saying the contracts with device makers only gave limited use of user information for different versions "the Facebook experience" as opposed to third-party applications.