The IDFA is intentionally limited to prevent many malicious use cases. For instance, each vendor will see a different IDFA for the same device, so you can not collect IDFAs to track users across applications.
It is for tracking, but not all tracking is malicious. It is used for things like attributing an ad impression to an app install, to measure how effective an ad campaign is at getting people to install an app. This information doesn't really tell you anything about individual users, but is still useful when aggregated.
Are you confusing it with the IDFV (identifier for vendor)? As far as I know the IDFA is explicitly shared across apps for ad targeting to work (including most of the examples you mention).
> This information doesn't really tell you anything about individual users
Except when you correlate it with other information that does identify individual users and suddenly you've deanonymized this "anonymous" ID.
Scum like Facebook, Google, data brokers and advertising companies base their entire business on this and that needs to stop.
The point of IDFA is to allow the user to express a system wide preference, and also to allow the identifier to persist across installs.
Although the overwhelming majority of people distrust tracking, a significant minority >20% do not. Every time the discussion comes up here we see people who say they like targeted advertising.
Apple wants to exclude other mechanisms and have an opt-in mechanism to support this 20%. They are one step away from making it opt-in but were delayed by political pressure from Facebook.
If Ad Tracking companies improve their practices, perhaps they can persuade more people to opt-in.
Apple has reached this point by slowly eliminating other sources of fingerprinting from their apis, and adding rules insisting that IDFA be the only identifier used.
The only issue here is that IDFA is not yet opt-in. Otherwise, Apple is way ahead of the game. All other platforms allow some kind of fingerprinting.
It is shared across web and apps but only for one vendor. So you can track the performance of an ad campaign on getting installs of your app, for instance.
> So you can track the performance of an ad campaign on getting installs of your app, for instance.
So in order for it to work you'd need to also be the developer (vendor) of the initial app which displays the advertisement for your second ad? Otherwise how would it work if let's say your ad is displayed in app from vendor A (and they get their own IDFA), now when your (vendor B) app is installed you see a different IDFA. How would you associate the two?
It is for tracking, but not all tracking is malicious. It is used for things like attributing an ad impression to an app install, to measure how effective an ad campaign is at getting people to install an app. This information doesn't really tell you anything about individual users, but is still useful when aggregated.