PDA

View Full Version : Apple to Launch New App Usage Tracking Tools for Developers to Balance User Privacy




MacRumors
Jun 8, 2012, 02:12 PM
http://images.macrumors.com/im/macrumorsthreadlogo.gif (http://www.macrumors.com/2012/06/08/apple-to-launch-new-app-usage-tracking-tools-for-developers-to-balance-user-privacy/)


Last year, Apple announced that it was phasing out developer access to UDIDs (http://www.macrumors.com/2011/08/19/apple-phasing-out-developer-access-to-udids-in-ios-5/), the unique iOS device identifiers that allowed developers and advertisers to not only track usage of their own content, but also in some cases track users' movements across apps and browsing sessions. The company earlier this year began rejecting apps (http://www.macrumors.com/2012/03/25/apple-begins-rejecting-apps-for-using-the-unique-device-identifier-udid/) that continued to use the UDID rather than implementing unique identifiers that would enhance privacy by remaining unique to the developer's app.

http://images.macrumors.com/article-new/2012/06/ipad_udid.jpg


The Wall Street Journal now reports (http://online.wsj.com/article/SB10001424052702303665904577454653752815434.html) that Apple is preparing to release new tools to assist developers with tracking usage of their apps without using the UDID, maintaining user privacy while still making it easy for developers to gather usage data on their apps.Apple Inc. is planning to release a new way for mobile app developers to track who uses their software, according to people briefed on Apple's plans, the company's latest attempt to balance developers' appetite for targeting data with consumers' unease over how it is used.

The new tool, which could be detailed in the coming weeks, aims to better protect user privacy than existing approaches, these people said.The report notes that Apple has been inconsistent about blocking apps that use the UDID for tracking purposes and that the new tools will provide developers with ways to collect important data anonymously without being linked to the UDID that when combined with data from other apps could be used to identify the specific user of a given device.

No other details on the tools have yet been revealed, but the company could share more information at next week's Worldwide Developers Conference.

Article Link: Apple to Launch New App Usage Tracking Tools for Developers to Balance User Privacy (http://www.macrumors.com/2012/06/08/apple-to-launch-new-app-usage-tracking-tools-for-developers-to-balance-user-privacy/)



charlieegan3
Jun 8, 2012, 02:14 PM
I hope this doesn't mean lots privacy lawsuit articles on macrumors...

Apple, please get this right.

Kaibelf
Jun 8, 2012, 02:16 PM
I hope this doesn't mean lots privacy lawsuit articles on macrumors...

Apple, please get this right.

Seems to be a decent balance that will shut up the paranoid people in BOTH camps (consumers AND devs) who keep thinking the sky is falling. :cool:

Rudy69
Jun 8, 2012, 02:23 PM
It's about time :) I can't wait

DrFu79
Jun 8, 2012, 02:24 PM
nice :D thanks :apple:

Dr McKay
Jun 8, 2012, 02:24 PM
Advertisers are already kicking up a stink because IE10 will have "Do not Track" enabled by default in the settings, claiming it'll hurt them because they can't track users and deliver targeted ads.

Shrink
Jun 8, 2012, 02:27 PM
Seems to be a decent balance that will shut up the paranoid people in BOTH camps (consumers AND devs) who keep thinking the sky is falling. :cool:

If I am reading your post correctly, I would not agree that the desire to retain what remnants of privacy that remains constitutes paranoia.

I realize that I sacrifice privacy every time I go online or use certain apps, but anything that attempts to preserve some vestige of that privacy gets my vote.

It ain't paranoid if people are watching you...:D

xAnthony
Jun 8, 2012, 02:30 PM
This is going to be interesting...

RalfTheDog
Jun 8, 2012, 02:31 PM
I understand, advertisers are asking to have IOS users and potential IOS users shot with a trank gun, taken to a secure location, then users and potential users are to have GPS/RF tracking devices implanted.

Local vets and wildlife centers are competing to see who gets the contract.

Peace
Jun 8, 2012, 02:32 PM
Man ! Tim Cook sure is doubling down on secrecy isn't he ? Wow.

:p

LaWally
Jun 8, 2012, 02:43 PM
Something that will "better protect user privacy than existing approaches" should come with an on/off switch controllable by the user. No developer has any right to know how I am using their app, as much as they might like to know.

Kaibelf
Jun 8, 2012, 02:47 PM
If I am reading your post correctly, I would not agree that the desire to retain what remnants of privacy that remains constitutes paranoia.

I realize that I sacrifice privacy every time I go online or use certain apps, but anything that attempts to preserve some vestige of that privacy gets my vote.

It ain't paranoid if people are watching you...:D

I'm talking about the people who say "oh my god there was a ping file on my phone - Apple's going to steal my baby in the night! :eek:"

nagromme
Jun 8, 2012, 02:52 PM
Advertisers are already kicking up a stink because IE10 will have "Do not Track" enabled by default in the settings, claiming it'll hurt them because they can't track users and deliver targeted ads.

Well, they’re right: it will hurt them.

A little.

And I just can’t feel any sympathy. I am not for sale unless I choose to be!

Yvan256
Jun 8, 2012, 02:53 PM
Something that will "better protect user privacy than existing approaches" should come with an on/off switch controllable by the user. No developer has any right to know how I am using their app, as much as they might like to know.

As a developer I would like to know if a specific device is using my App, where he lives (only the country/state/province/etc, no need for GPS coordinates), maybe local time, etc.

It's not about tracking you, it's about getting statistics about who's using the App.

Here's an example: Imagine I make an App and that I find out 90% of my users are in Canada, I might want to add more Canada-specific features to it.

And if I then find out that in those 90% of users, 70% are in Québec, I would make sure my App is 100% bilingual.

And then I find out that 85% of those users are girls/women, I might fill re-skin the interface to pink colors and add ponies. Just kidding.

But you see how that might be useful to developers. I'm guessing the "unique ID" will be unique for at least each device+app. Maybe even device+app+installation. Delete the app, re-install it and you might even get a new ID.

akac
Jun 8, 2012, 02:57 PM
Something that will "better protect user privacy than existing approaches" should come with an on/off switch controllable by the user. No developer has any right to know how I am using their app, as much as they might like to know.

They can do that now. UIDs have nothing to do with how you're using an app. What it does do is allow a company to pinpoint multiple apps on one device. UDIDs were supposed to change when you restored a phone or other type of behavior - but they stopped doing that after iOS 2 I believe.

There is a lot of misunderstanding what a UDID is. Its just a generated ID that is device - not app - specific. Any app can create a ID that is app specific. Any app can even share that ID across multiple apps very easily (OpenUDID). Not unless you ever transmit your name and stuff alongside the UDID can they associate you as a person to an ID. 99% of the usage of UDIDs were completely anonymous. Its that 1% that was bad.

But even OpenUDID (which Apple can't stop because its not using a device ID) can do nearly everything a UDID can - including that 1% of bad behavior.

The only way Apple can make it more private is if they re-introduce a UDID - but allow the user to make it return garbage or some nil value AND developers use that exclusively. Otherwise I, as a developer, could hypothetically use this new UDID, but if it returns nil I use OpenUDID. Of course if it returns some random number then I won't actually ever know either, so that's one thing Apple could do.

shurcooL
Jun 8, 2012, 02:59 PM
I must be the only one who doesn't mind seeing targeted ads instead of irrelevant ones.

Mak47
Jun 8, 2012, 03:09 PM
Advertisers are already kicking up a stink because IE10 will have "Do not Track" enabled by default in the settings, claiming it'll hurt them because they can't track users and deliver targeted ads.

Companies that rely heavily on targeted ads are in big trouble if all the "Do not track" options actually work and are easy to use. Companies like Google and Facebook rely heavily on targeted ads because they're the only ones that have any potential to be effective.

Advertisers won't spend money on generic web ads, they already know they don't work. If they don't spend money, the Googles and Facebooks of the world don't turn a profit.

LaWally
Jun 8, 2012, 03:17 PM
As a developer I would like to know if a specific device is using my App, where he lives (only the country/state/province/etc, no need for GPS coordinates), maybe local time, etc.

It's not about tracking you, it's about getting statistics about who's using the App.

Here's an example: Imagine I make an App and that I find out 90% of my users are in Canada, I might want to add more Canada-specific features to it.

And if I then find out that in those 90% of users, 70% are in Québec, I would make sure my App is 100% bilingual.

And then I find out that 85% of those users are girls/women, I might fill re-skin the interface to pink colors and add ponies. Just kidding.

But you see how that might be useful to developers. I'm guessing the "unique ID" will be unique for at least each device+app. Maybe even device+app+installation. Delete the app, re-install it and you might even get a new ID.

Of course I can see how it would useful to developers. That is not the point. The point is I should not have to be a "target" of your statistical gathering just because I buy your app. If users of your app want to opt-in that's fine by me. I just want to have a way to opt-out.

moabal
Jun 8, 2012, 03:42 PM
This is just for third party apps right? The UDID will still exist so I can register my device's UDIDs for iOS 6 Beta. Can someone confirm this?

marcusj0015
Jun 8, 2012, 04:17 PM
Ok, but what's with that "Software version: 3.2" ****?

Illusion986
Jun 8, 2012, 04:19 PM
I do not want to be tracked but at the same time this seems to be a necessary feature as developers can target app features and ads toward people using them in a more specific area/country or what ever and sell more apps and/or make more money of adds. Because if devs didn't make money i don't think we would see that many apps simple as that.

nutjob
Jun 8, 2012, 04:36 PM
Being tracked by Apple is so cool! Hope they don't me charge extra for it.

Consultant
Jun 8, 2012, 04:36 PM
Something that will "better protect user privacy than existing approaches" should come with an on/off switch controllable by the user. No developer has any right to know how I am using their app, as much as they might like to know.

Paranoid much? An ID does NOT show "how I am using their app".

rmwebs
Jun 8, 2012, 04:40 PM
Glad this is being done, there really was no other option. Some apps need a way of recognising the user, for things like remotely saved data. By having this, apps dont need to make you register for a username/password and can just instantly pick up that its device XYZ.

The problem with the old method of the device id was that if you sold your iPhone/iPad/iPod, the new owner inherits that device id, so its no longer unique to you. Hopefully this new method solves that sufficiently.

Exotic-Car Man
Jun 8, 2012, 04:57 PM
The company earlier this year began rejecting apps (http://www.macrumors.com/2012/03/25/apple-begins-rejecting-apps-for-using-the-unique-device-identifier-udid/) that continued to use the UDID rather than implementing unique identifiers that would enhance privacy by remaining unique to the developer's app.

Does this mean that apps that used their own type of UDID are safe? I don't recall this detail; I thought all apps that used UDIDs were being blocked. For instance, if an online app scrambled a UDID when a user went online, would that app be accepted?

KevShallPerish
Jun 8, 2012, 05:51 PM
Ok, but what's with that "Software version: 3.2" ****?

The iPad's original starting software version was iOS 3.2

marcusj0015
Jun 8, 2012, 06:05 PM
The iPad's original starting software version was iOS 3.2

... That was my point, if that iPad's THAT old, why would there be a screenshot of it? sounds like old news, but maybe they reused an old screenshot, idk.

LaWally
Jun 8, 2012, 06:41 PM
Paranoid much? An ID does NOT show "how I am using their app".

Your comment would have been just as effective without the snarky "paranoid much" intro.

jmilone
Jun 8, 2012, 07:47 PM
Seems to be a decent balance that will shut up the paranoid people in BOTH camps (consumers AND devs) who keep thinking the sky is falling. :cool:

Well I can see both sides of this. As a consumer I would be ok with them know how much I use their app, but anymore than that I would be iffy.

a0me
Jun 8, 2012, 09:18 PM
As a developer I would like to know if a specific device is using my App, where he lives (only the country/state/province/etc, no need for GPS coordinates), maybe local time, etc.

It's not about tracking you, it's about getting statistics about who's using the App.
But then some developers would argue that they need GPS coordinates and private info in order to improve their app based on usage and their users' demographics.
Which is fine if the users choose to opt in for giving away that info, and only if.

charlituna
Jun 8, 2012, 09:30 PM
There is a lot of misunderstanding what a UDID is. Its just a generated ID that is device - not app - specific. Any app can create a ID that is app specific. Any app can even share that ID across multiple apps very easily (OpenUDID). Not unless you ever transmit your name and stuff alongside the UDID can they associate you as a person to an ID. 99% of the usage of UDIDs were completely anonymous. Its that 1% that was bad.

There's no misunderstanding around here. We all get that it is a device specific ID numbers etc. Which is the issue. Because a group of developers could get together and compare notes on that ID and create an aggregate profile of a user that is at least bordering on privacy violations. We've seen what has happened before when Apple trusted developers not to misuse their power. We got things like Path uploading your address book when it wasn't needed to do anything in the app. Even just a few folks doing it is bad. Better that Apple shut it down and force the developers to play nice now before something major gets out there via this kind of abuse.

foodog
Jun 8, 2012, 10:36 PM
Man ! Tim Cook sure is doubling down on secrecy isn't he ? Wow.

:p

I'm pretty sure they don't want this to be secret.

petsounds
Jun 8, 2012, 11:38 PM
But then some developers would argue that they need GPS coordinates and private info in order to improve their app based on usage and their users' demographics.
Which is fine if the users choose to opt in for giving away that info, and only if.

Apps already have to request user permission for location access. If this rumor is true, and it probably is, this is about making it easier for developers to provide a more consistent experience for users from device to device. Don't worry, Apple is not Google. The original inclusion of the UDID was just poor thinking on Apple's part, and now they're probably trying trying to find a solution that is a fair tradeoff for both users and developers.

Speaking as a developer, I'm all for an anonymized ID. I have no desire to track users, but I have a desire that users should never have to log in more than once to server-based apps. A persistent ID would facilitate this.

inscrewtable
Jun 8, 2012, 11:43 PM
Hang on a minute technology snuck up too fast suddenly we have a debate on the level of snooping permissible, how much and by whom.

The debate seems to be about where to draw an inevitable line.

I put on the table for serious consideration that any tracking (anon or not) of any kind for any reason by anyone be entirely and completely transparently opt in only.

I say this not only because there have already clear violations of law regarding this issue whether by accident or design.

This line drawing is only taking place because technology has made it possible.

The obvious argument for allowing tracking is the benefit it affords to developers in order to create better products. Product that they are sure we want because they have the digital proof.

But step back, have we been a bit conned, how precisely does the use of the application or whatever information is gleaned actually result in a better product, (without defining 'better'). How did people used to do it in the old days.

How did Apple get it so right and everyone else so wrong after everyone else had a big head start and had Apple on the ropes in 1999. It took Apple longer but with the iPod they started a tsunami.

I don't want some two bit app developer improving his product by analysing faceless data and grinding that data through his bottom line machine. Then if one is allowed they all have to do it to.

This Orwellian future leaves no room for the lone visionary. The genius who gives people what they wanted before they knew they wanted it.

Just something to consider.

Peace.

Eric5h5
Jun 9, 2012, 12:50 AM
Advertisers are already kicking up a stink because IE10 will have "Do not Track" enabled by default in the settings, claiming it'll hurt them because they can't track users and deliver targeted ads.

Except for the fact that obeying "do not track" is voluntary...guess what's really going to happen?

--Eric

gnasher729
Jun 9, 2012, 07:24 AM
Speaking as a developer, I'm all for an anonymized ID. I have no desire to track users, but I have a desire that users should never have to log in more than once to server-based apps. A persistent ID would facilitate this.

The UDID (Universal DEVICE ID) has been misused in the past, sometimes out of stupidity, sometimes out of malice. Stupidity: When a games server keeps track of scores based on a DEVICE ID, so when you sell your iPad, the buyer inherits your scores. Malice: When multiple developers act together to gather information about the use of a device - being anonymized doesn't help, because I'll get targetted as the owner of that device. My name is totally irrelevant to these people anyway.

What you really want is an ID for ("the combination of this user and my application"). That gives you as a developer exactly what you need. It would also be impossible to match against other apps that I bought, so nobody could find out that I bought your app and their app. The only information that you would have about me is that I am some unknown person who uses your app.

skywalkerr69
Jun 9, 2012, 10:29 AM
This is a good thing. Some developers actually ban you from using their services by the UDID (like instagram) Hopefully this changes too.

pmz
Jun 9, 2012, 11:23 AM
As a developer I would like to know if a specific device is using my App, where he lives (only the country/state/province/etc, no need for GPS coordinates), maybe local time, etc.

It's not about tracking you, it's about getting statistics about who's using the App.

Here's an example: Imagine I make an App and that I find out 90% of my users are in Canada, I might want to add more Canada-specific features to it.

And if I then find out that in those 90% of users, 70% are in Québec, I would make sure my App is 100% bilingual.

And then I find out that 85% of those users are girls/women, I might fill re-skin the interface to pink colors and add ponies. Just kidding.

But you see how that might be useful to developers. I'm guessing the "unique ID" will be unique for at least each device+app. Maybe even device+app+installation. Delete the app, re-install it and you might even get a new ID.

Again, you "would like to know", but thats at my discretion, if I want you to have that privileged information.

H2SO4
Jun 9, 2012, 11:59 AM
As a developer I would like to know if a specific device is using my App, where he lives (only the country/state/province/etc, no need for GPS coordinates), maybe local time, etc.

It's not about tracking you, it's about getting statistics about who's using the App.

Here's an example: Imagine I make an App and that I find out 90% of my users are in Canada, I might want to add more Canada-specific features to it.

And if I then find out that in those 90% of users, 70% are in Québec, I would make sure my App is 100% bilingual.

And then I find out that 85% of those users are girls/women, I might fill re-skin the interface to pink colors and add ponies. Just kidding.

But you see how that might be useful to developers. I'm guessing the "unique ID" will be unique for at least each device+app. Maybe even device+app+installation. Delete the app, re-install it and you might even get a new ID.
Or you could ask them up front rather than tracking them without their knowledge?

Mr. Gates
Jun 9, 2012, 04:47 PM
I want a juicier rumor than this

switcher75
Jun 9, 2012, 05:10 PM
If Apple can take secrecy to the Nth degree, and they do, why should I have to put up with being tracked simply because I use an apple device and purchase an app from the app store?
What I do and where I go online, or anyplace else, is my business and NO ONE ELSES, just so long as it's legal. If Apple and its developers can't handle that point of view, tough, there are other people to do business with.

marksman
Jun 9, 2012, 07:22 PM
Advertisers are already kicking up a stink because IE10 will have "Do not Track" enabled by default in the settings, claiming it'll hurt them because they can't track users and deliver targeted ads.

I guess they will have to go old school and target ads to websites and not to consumer profiles. I own a marketing and advertising company and I totally support the idea that any such tracking should be clearly opt in by the consumer.

----------

As a developer I would like to know if a specific device is using my App, where he lives (only the country/state/province/etc, no need for GPS coordinates), maybe local time, etc.

It's not about tracking you, it's about getting statistics about who's using the App.

Here's an example: Imagine I make an App and that I find out 90% of my users are in Canada, I might want to add more Canada-specific features to it.

And if I then find out that in those 90% of users, 70% are in Québec, I would make sure my App is 100% bilingual.

And then I find out that 85% of those users are girls/women, I might fill re-skin the interface to pink colors and add ponies. Just kidding.

But you see how that might be useful to developers. I'm guessing the "unique ID" will be unique for at least each device+app. Maybe even device+app+installation. Delete the app, re-install it and you might even get a new ID.

There are other ways to find out who your users are and what they want besides secretly tracking them.

Gasu E.
Jun 9, 2012, 09:01 PM
Of course I can see how it would useful to developers. That is not the point. The point is I should not have to be a "target" of your statistical gathering just because I buy your app. If users of your app want to opt-in that's fine by me. I just want to have a way to opt-out.

I understand, but you should be willing to pay more than users who do allow me to collect feedback. As a developer, users who provide me with information that helps me improve the product are worth more to me; therefore I am willing to charge them less. I am perfectly willing to allow you to opt out, but please don't complain that you are being treated differently from more cooperative users.

Xenc
Jun 10, 2012, 02:24 AM
Thanks Apple, was waiting on that one.

dshan
Jun 10, 2012, 09:24 AM
Does this mean that apps that used their own type of UDID are safe? I don't recall this detail; I thought all apps that used UDIDs were being blocked. For instance, if an online app scrambled a UDID when a user went online, would that app be accepted?

They haven't removed the Kindle app from the store and it uses the UDID as part of the key for DRM encryption/decryption. Maybe they're only removing apps that use the UDID to track users?