我在 Play 商店中有一个简单的应用程序,它无法访问用户的个人信息(仅使用蓝牙和网络)。
我一直在考虑使用 Firebase 分析来深入了解人们如何使用该应用以及我可以改进的地方。但是,我在理解所有涉及的法律义务方面存在严重问题。据我所知,我需要一个隐私政策,这不是问题。但据我所知Firebase Analytics Policy我需要遵守 European Union User Consent Policy .
据我所知,该应用程序需要显示某种形式的对话框,用户可以在其中同意或不同意数据收集。问题是,恐怕大多数人会说不,他们是对的。但我想问我是否真的需要这样做,因为我认为我从未见过一个应用程序要求我提供这种协议(protocol)(虽然我可以看到很多网站都这样做)。
最佳答案
即使 Google 没有就需要做什么提供确切答案,他们在 Firebase 条款和欧盟用户同意政策页面中提供了很多指导。
You are required to notify your App Users by disclosing the following information:
- The Google Analytics for Firebase features you have implemented.
- How you and third-party vendors use first-party cookies, or other first-party identifiers, and third-party cookies and similar technologies, such as identifiers for mobile devices (including Android Advertising ID and Advertising Identifier for iOS), or other third-party identifiers, together.
- How App Users can opt-out of the Google Analytics for Firebase features you use, including through applicable device settings, such as the device advertising settings for mobile apps, or any other available means.
--> 最重要的是不要忘记选择退出。
For end users in the European Union:
- You must use commercially reasonable efforts to disclose clearly, and obtain consent to, any data collection, sharing and usage that takes place on any site, app, email publication or other property as a consequence of your use of Google products; and
- You must use commercially reasonable efforts to ensure that an end user is provided with clear and comprehensive information about, and consents to, the storing and accessing of cookies or other information on the end user’s device where such activity occurs in connection with a product to which this policy applies.
&
If the EU user consent policy applies to your website or app, two of the key things to consider are:
- Do you have a means of obtaining consent from your end users? If not, you’ll need one.
- What message should you present to your users to get consent?
-->获得同意
现在,Google 甚至提供了一些关于此类消息可能在应用中的样子以及通知代码如何工作的基础知识:
We use device identifiers to personalise content and ads, to provide social media features and to analyse our traffic. We also share such identifiers and other information from your device with our social media, advertising and analytics partners who may combine it with other information you’ve provided to them or they’ve collected from your use of their services. See details OK
// This code works on Android API level 1 (Android 1.0) and up.
// Tested on the latest (at the moment) API level 19 (Android 4.4 KitKat).
// In the main activity of your app:
public class MainActivity extends Activity {
(...)
@Override
public void onStart() {
super.onStart();
final SharedPreferences settings =
getSharedPreferences("localPreferences", MODE_PRIVATE);
if (settings.getBoolean("isFirstRun", true)) {
new AlertDialog.Builder(this)
.setTitle("Cookies")
.setMessage("Your message for visitors here")
.setNeutralButton("Close message", new OnClickListener() {
@Override
public void onClick(DialogInterface dialog, int which) {
settings.edit().putBoolean("isFirstRun", false).commit();
}
}).show();
}
}
}
当谈到法律理论时,欧洲隐私智囊团在“关于智能设备上的应用程序的意见 02/2013”中是这样说的 [WP29] .简而言之,就是
“important to note the distinction between the consent required to place any information on and read information from the device, and the consent necessary to have a legal ground for the processing of different types of personal data. Though both consent requirements are simultaneously applicable, each based on a different legal basis, they are both subject to the conditions of having to be free, specific and informed (as defined in Article 2(h) of the Data Protection Directive). Therefore, the two types of consent can be merged in practice, either during installation or before the app starts to collect personal data from the device, provided that the user is made unambiguously aware of what he is consenting to”
这并非不可能,但由于我每天都在 iubenda 处理这些主题(我们最近完成了 all integrations regarding Firebase ),我明白一开始它可能看起来势不可挡。
这里有一些经验法则:
- 确保告知应用内、Play 商店以及您的营销网站上的隐私惯例
- 需要阻止破坏性标识符,直到通知被接受,需要指出选择退出
附注下次您可能想去 StackExchange 网络中询问有关 Law 或 UI 的问题,因为这与编程部分的关系很小。如果您对此感兴趣,您可能会喜欢 follow iubenda along on our journey让像你我这样的开发者更容易完成这些任务:)
关于android - Firebase 分析和同意对话框,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45994304/