[falcolas]

As pointed out in the article, not using the SDK does not preclude authenticating with a Facebook account. It just requires a bit more work on your end to protect your non-Facebook users.

So it does come down to what you care about.

[diminoten]

"Don't use" and "only use for people who actively opt-in" are two separate things, so no it doesn't come down to what you care about.

I'm saying give people choice, let them figure out what they care about. Making the choice for them is bad business and bad ethics. You don't know better than your users.

[falcolas]

Non-Facebook users are unable to opt out of Facebook tracking if you use the Facebook sdk. That’s the point of using the oauth standard, it allows those users a choice not available with the sdk.

[diminoten]

You can choose to load the SDK or not, e.g. only when the "Log In With Facebook" button is pushed.

[falcolas]

A little bit of research indicates that this is still a non-trivial amount of work from the developer; that the developer has to make the choice to protect the privacy of their non-Facebook users by dynamically loading the Facebook SDK.