Apple has announced more privacy updates for Safari, and once again, click IDs are in the spotlight. With Safari 26 expected in September 2025, speculation has already started about whether identifiers like gclid and fbclid will disappear from all browsing sessions. Some early tests suggest that may be where Apple is heading, but it isn’t confirmed yet and the difference between what’s announced and what’s actually shipping has caused plenty of confusion.
How We Got Here
In Safari 17, Apple began stripping click IDs in specific contexts like Private Browsing. This marked the moment when Apple started targeting URL-based identifiers.
Looking ahead, Apple has announced further changes with Safari 26, due for release alongside iOS/macOS in September 2025. This is where much of the current debate sits, with industry watchers testing preview builds to understand what’s really changing.
Initially the release notes caused some panic, with many assuming that the click ID stripping across all browsers was a certainty in this new release, however, as it turns out it’s still up in the air. While there have been signs of stripping expanding into regular browsing, it was not implemented in the public beta. What is certain though is that we can see this as an indication of where Apple may be heading.
The one constant throughout: UTM parameters remain untouched. Apple treats them as non-identifying, so campaign tagging with utm_source, utm_medium, utm_campaign or parameters like cid still works.
One wrinkle worth calling out: Apple has decided to align Safari version numbers with the year of release, matching the way iOS and macOS are versioned. That means while Safari 18 is today’s release, the next version won’t be Safari 19 but instead, it will jump straight to Safari 26. Why not Safari 25, since it’s coming out in 2025? Who knows, maybe Apple likes to keep us guessing. Either way, it’s worth being aware of this change so the jump in version numbers doesn’t cause confusion when you’re reading announcements or documentation.
What It Means for Analytics Teams
For Adobe Analytics and CJA, any workflows that rely on query-string IDs for stitching or classification will show gaps. If and when Apple expands click ID stripping Safari traffic will arrive without those parameters, leaving conversion paths incomplete unless you’ve built alternative attribution logic.
In GA4, auto-tagging loses much of its value. Without gclid, the link between ad clicks and conversions weakens, pushing more weight onto whatever UTM structure you’ve defined. The precision of your campaign naming conventions suddenly matters much more.
What Advertisers Will Notice
The advertising side feels the knock-on effects too if Apple broadens the click ID stripping to all browsing sessions. Expect more unattributed conversions from Safari users, smaller remarketing pools, and weaker optimisation in Google Ads and Meta Ads Manager as their machine-learning models receive less clean data. ROI reporting also becomes harder: the spend is the same, but the evidence of what’s working fades.
How Digital Teams Can Prepare
Even if Safari hasn’t yet stripped click IDs in standard browsing, the signals are clear. Now is the time to prepare:
- Audit your dependencies: Identify where gclid, fbclid, or similar IDs are used in reports, classifications, or integrations and plan to replace them.
- Double down on UTMs: Standardise naming conventions, enforce governance, and make sure every campaign is consistently tagged.
- Work with vendor solutions and server-side setups: Server-side GTM or Adobe Edge on their own can’t bypass Safari’s stripping, but vendors are rolling out workarounds. Google Ads, for example, offers Final URL Suffix to preserve click IDs in custom parameters. Others are likely to follow. Best to keep an eye out for new workarounds.
- Leverage first-party identifiers via Conversion APIs: Equally important is the adoption of first-party identifiers through Conversion APIs. Meta CAPI, Google Enhanced Conversions, and similar integrations make it possible to send hashed emails or login IDs back to ad platforms, giving them a stronger signal than click IDs ever could. The effectiveness depends on the network: Meta and TikTok benefit immediately because users are usually logged in when viewing or clicking an ad, whereas Google Ads sees more mixed results—attribution is strong when the user is signed into Google properties like Search, Gmail, or Chrome, but less reliable elsewhere.
- Test directly once Safari 26 is released: Early announcements and previews only go so far. Behaviour often changes between beta and final release. Run your own validation against real Safari traffic to confirm what’s stripped, what survives, and how attribution is affected in your setup.
- Benchmark Safari vs non-Safari traffic: Monitor attribution differences across browsers to understand the scale of the gap and adjust expectations.
Apple’s direction is clear: identifiers that tie ad clicks to individuals are on borrowed time. What started with Mail, Messages, and Private Browsing has already expanded, and early tests suggest click-ID stripping may be next for all sessions. With Safari 26 arriving under its new naming scheme, digital teams should treat this as a warning shot rather than a catastrophe. Those that invest now in robust UTM governance, vendor-supported attribution solutions, and first-party integrations will be far better positioned when Apple makes its next move.