Flurry Blamed for Change in iPhone SDK Analytics Terms of Service

[MacRumors]

One of the recent changes in Apple's iPhone SDK terms of service was limitation on collecting and sending analytics data. Many had speculated that Apple may be trying to limit competition from other ad networks, however, Steve Jobs is blaming analytics company Flurry for the change.

According to Jobs, it was a privacy issue:

Quote:

Well we learned this really interesting thing. Some company called Flurry had data on devices that we were using on our campus -- new devices. They were getting this info by getting developers to put software in their apps that sent info back to this company! So we went through the roof. It's violating our privacy policies, and it's pissing us off! So we said we're only going to allow analytics that don't give our device info -- only for the purpose of advertising.

The incident that Jobs was referring to is likely a report from January in which Flurry pinpointed approximately 50 "tablet devices" that were being used on Apple campus.

Quote:

Using Flurry Analytics, the company identified approximately 50 devices that match the characteristics of Apple's rumored tablet device. Because Flurry could reliably "place" these devices geographically on Apple's Cupertino campus, we have a fair level of confidence that we are observing a group of pre-release tablets in testing. Testing of this device increased dramatically in January, with observed signs of life as early as October of last year. Apple appears to be going through its cycle of testing and polish, which is expected from any hardware or software company as it nears launch.

Article Link: Flurry Blamed for Change in iPhone SDK Analytics Terms of Service

[Small White Car]

Well, even though this apparently made Apple mad for personal reasons, it's still good that Apple wants to stop stuff like this.

As Steve said, there's no reason an app shouldn't be asking you before sending data like that back home.

[goobot]

so it looks like no new tv?

[NebulaClash]

When it comes to privacy, I trust Steve's core standards. Ask before using data -- I can live with that. And if that means controlling standards when some companies want to misuse private data, clamping down works for me.

[DipDog3]

Whatever the reason, I don't want some ad network knowing where I am at all times. That is just creepy.

[powers74]

Pissing off Apple... Not good.

[i.mac]

these flury folks did two things really and equally bad:

1. ' It's violating our privacy policies, '

2. 'and it's pissing us off! '

Even if you do not agree, got to love it!

[JeffDM]

Quote:

Originally Posted by DipDog3

Whatever the reason, I don't want some ad network knowing where I am at all times. That is just creepy.

That's why I generally don't let programs use Location Services. Maps is my current exception, because it is needed. The few other apps that ask don't really need it to provide me what I want out of the app.

[spillproof]

But it was fun knowing that something new was being used in the deep caverns of Apple lair.

[andiwm2003]

Yep, that is the reason why I like the closed app store system.

It's easier to make sure that apple respects my privacy than trying to control ten thousand developers.

[el_grapadora]

What people forget is that analytics is not just about selling stuff. It's also about developing apps to cater to a particular device. Yes, through the App Store records, I can see for which OS users are downloading the product, but it doesn't allow me to figure out how people are using the device.

For instance, if I'm developing a Twitter client, I can use analytics (e.g., Omniture—not sure if Google Analytics does it) to figure out what features in a given app are being used by a particular device. I can remove some features from the iPhone version to reduce clutter, while leaving them in or adding them to the iPad version. I can also cross reference that data against my website data to see if iPhone users are accessing my support pages disproportionately more from the app than other users.

So, yeah, location info creeps me out. I refuse to use Foursquare. I shut off location services until the moment I need to use Maps/GPS. But having been on the app and web development side of things, I think the analytics restrictions are really short-sighted. I mean, c'mon Apple: you can revolutionize mobile telephony, but you really couldn't develop an app to prevent data transmission on pre-release devices?

[Andronicus]

release the hounds...

[DARKJ3DI]

but how else will we civilians know of upcoming Apple devices

[marksman]

Back to work at Dairy Queen for Flurry.

[chris7777]

When these analytics companies want to start sending us, THEIR personal data, instead of sneaking it in, then it might be acceptable, but we all know their reply to even suggesting it.

I just despise the notion that its ok to spy on people based on financial opportunity, But all of these data collection agencies go to great extremes to keep their own internal data secret from the public.

So in their eyes, their "rights" superceed ours.

[el_grapadora]

Quote:

Originally Posted by chris7777

When these analytics companies want to start sending us, THEIR personal data, instead of sneaking it in, then it might be acceptable, but we all know their reply to even suggesting it.

You realize that these evil analytics engines are on the very page you're looking at, right? There are tags for Google Analytics and Quantcast on the page I'm typing on right now. To my knowledge, the MR staff are not evil corporate overlords (though if they were. . . )

All I'm saying is that there's a difference between sending personally identifiable data (they could locate the iPhones on the Cupertino campus?!) and general, untraceable analytics data (I'll bet the MR staff could find out what device most of us use to get here) that sends useful data back to developers.

[AlmostThere]

Providing that the data available to iAd and every third party ad platform is exactly the same, in terms of feedback and analytics, there isn't a problem. It is only if Apple gives iAd some sort of advantage that there is cause for complaint.

[JeffDM]

Quote:

Originally Posted by andiwm2003

Yep, that is the reason why I like the closed app store system.

It's easier to make sure that apple respects my privacy than trying to control ten thousand developers.

But in this case, it didn't happen without a security breach first.

[Deniolan]

Quote:

Originally Posted by el_grapadora

You realize that these evil analytics engines are on the very page you're looking at, right? There are tags for Google Analytics and Quantcast on the page I'm typing on right now. To my knowledge, the MR staff are not evil corporate overlords (though if they were. . . )

All I'm saying is that there's a difference between sending personally identifiable data (they could locate the iPhones on the Cupertino campus?!) and general, untraceable analytics data (I'll bet the MR staff could find out what device most of us use to get here) that sends useful data back to developers.

Yes - but this article, and Steve's comments are a little silly - and they're all smokescreen to place a well thought out reason for yet another restriction to the iPhone SDK - that probably has little merit as to the real reason for the changes to the agreement.

I am a developer, and I use flurry. Flurry sends completely anonymous usage statistics to their servers much like Google Analytics collects random usage data for websites. For this site, for example, the site developers can go get usage data on what versions/types of browsers are being used, what paths users are following, and YES, via IP address reverse lookup - they can also see geographically where people are coming from.

Flurry does the same for app developers. It collects information about how many people are using which versions of the OS, which devices are being used (iPod, iPhone, iPad, etc), and geographically (to a maximum city/state level) where people are coming from. If you use the flurry location library, the BEST estimate you can get is a city/state of where an instance of the app was used - you can't get street level detail. Further, this is only reported if the user CHOOSES to report location. The other flurry library, without location, only reports the country the user is coming from.

In the end, I fundamentally disagree with Steve. His basic argument was that when they were testing, data was sent back to Flurry servers that said "A Device type of x is being used in Cupertino, CA" - and flurry reported on it.

Guess what Steve, your engineers are very bright - exercise their brains. You can sure tell if Flurry is being used in an app, because you can see the existance of the library in the submitted application.

It is also widely known that Flurry reports data from each session at the start of the next session, and Flurry's servers addresses are also well known. Also - a huge percentage of all mobile apps, Android, Apple, etc - all use Flurry or some other means to report this data. Flurry is one of the most trusted and NO PRIVATE information is shared via their library - just anonyous usage stats.

Rather than go off the deep end and take away valuable statistics that developers use to monitor trends, usage patterns, and devices so that they can better support their users, why don't you do the following:

• Instruct your engineers testing beta devices to always touch "Don't Allow" when a location box pops up. This prevents location reporting.
  
• Take the address of flurry's servers and block it from your internal wireless network that you use for testing. This would mean that even if you allowed the location, the flurry library inside of the app you are "testing" would not be able to report information back to Flurry's servers.

This is smokescreen. IMHO, Steve is pissed off (and he should be) that his engineers didn't have the forethought to make sure they were keeping their device specifics protected and he's blaming flurry. Are you seriously telling me that on Apple's own website, they are not using analytics to tell what percentage of their users are using IE, what percent are using Safari, what percent are using Firefox, and approximate geographic locations of where their users come from? This is no different. Just a hogwash pot/kettle smokescreen.

As for privacy, I would much rather a respected authority like Flurry be reporting on these statistics than some rogue developer who is also sending my address book information along with his home-brewed statistics solution... All Steve is doing is opening the door for people to start brewing their own statistics solutions that are much more in violation than just "identifying a beta device on our campus".... give me a break.

Cheers.

[pubjoe]

Quote:

Originally Posted by Deniolan

In the end, I fundamentally disagree with Steve. His basic argument was that when they were testing, data was sent back to Flurry servers that said "A Device type of x is being used in Cupertino, CA" - and flurry reported on it.

The point wasn't that the data was only collected. It was flurry's use of that data that broke the privacy agreement.

As soon as they opened their mouths about devices' locations to the press, they breached a user agreement. The agreement being the little window that popped up asking if you want to use your location.

No one's ever tapped "allow" expecting their location data to be shared with press.

[Rodimus Prime]

Quote:

Originally Posted by Deniolan

Yes - but this article, and Steve's comments are a little silly - and they're all smokescreen to place a well thought out reason for yet another restriction to the iPhone SDK - that probably has little merit as to the real reason for the changes to the agreement.
....
Cheers.

I agree 100%. Apple screwed up and now they are going to blame Flurry for it.

Apple Devs allowed location of the devises. Also apple internal servers could of block the wifi ones.

The other think apple could easily of done is on testing devices have them use false identifier and report them as an existing device. That would make leak information impossible to collect.

[jon86]

Quote:

Originally Posted by pubjoe

... No one's ever tapped "allow" expecting their location data to be shared with press.

Exactly. I would have thought that reporting the information would make a bit of a mockery of the privacy policy and I think that's what Steve is most annoyed about.