[marmada]

I feel like I'm in the minority here -- but I don't understand the problem.

Software developers want to know whether their existing marketing methods are effective. The FB SDK helps with this. You always have the choice to not install the app (if you don't want to).

This also helps developers make sure their marketing is effective and reaching the right people, which seems like a win-win to me.

[Nicksil]

>Software developers want to know whether their existing marketing methods are effective. The FB SDK helps with this.

As you mention, this is something the software developer want, not necessarily the user.

>You always have the choice to not install the app (if you don't want to).

This argument may have some teeth if directed toward a user in our industry. Depending on the scope of the particular software in question, the majority of users is likely to be those outside the software industry; the layman. The argument falls flat when the other person doesn't have the necessary understanding to be able to perform thoughtful analysis.

>This also helps developers make sure their marketing is effective and reaching the right people, which seems like a win-win to me.

That may be one reason this practice is in-use. I don't see how it makes the difference: the software developer continues these practices with no consideration of their user, much less the user's consent or indication anything is going on at all. It's all about what the software developer wants, not the user and that's not OK.

[MrGilbert]

> It's all about what the software developer wants, not the user and that's not OK.

I work in Software Development. Most of the time, the user doesn't know what he or she wants. They might feel that something is just not right, but don't know why, or cannot express why, because they don't know. Or don't care: I used to send out surveys, and the response rate was usually around 300 out of 50.000 confirmed users. That's... not much. At least for me, if I need to make major decisions.

My main takeaway with metrics is that I'm fine to give metrics to the vendor, as long as it's only me and the vendor, and as long as I know what it's used for. Also, it depends a lot on what is tracked.

Starting and closing the app, ways the user took to get to a certain point - I'm fine with that. But dare you transmitting my file names over to your server. Or any data I enter. That's none of your business.

[sneak]

You wanting more data does not give you license to assume consent for using a device you do not own to spy on a user. Even if a majority would have consented, assuming consent means that you are now co-opting some number of devices which do not belong to you to do things the owners of those devices do not want to happen.

It’s extremely unethical, and should be illegal.

[MrGilbert]

Well - the user is using the device with a part that I created. If the user doesn't want to participate in enhancing the product, we need to go the old school way of enhancing products: Research. We need to conduct studies, do testing with test persons, etc. This can be done, sure. But then your off-the-shelf app won't be available for 99 cents or for free, but cost more like 19.99 USD.

Might help streamlining the market, so I‘m open for that.

[geofft]

This very same argument would apply to, say, "5% of the price of my dinner goes towards healthcare for the waitstaff. That's something the company wants, not something I want."

There are much better argument for it being spyware, e.g., that it spies. It's not a very strong argument that a thing is bad simply because it helps the provider of the thing.

[gpderetta]

It is not the same argument. Money is fungible, you know exactly what you are paying and the cost to you, how the money is used is not usually your problem [1]. In this case you have no idea how much and with what you are paying. The app could be exfiltrating all kind of information and you have no way of knowing.

[1] although people might have issues with unethical or illegal uses.

[Nicksil]

>This very same argument would apply to, say, "5% of the price of my dinner goes towards healthcare for the waitstaff. That's something the company wants, not something I want."

I'm not sure I follow. If you're paying the same amount in either scenario, how are you adversely affected when a portion of your bill is allocated to a healthcare account?

>There are much better argument for it being spyware, e.g., that it spies. It's not a very strong argument that a thing is bad simply because it helps the provider of the thing.

I'm lost here, as well. Your argument is that I haven't made any arguments stronger than "that it spies"? I agree that stating only "that it spies" would be lacking critical thought and analysis, but my arguments have been more specific. The whole "it spies" assertion, generally speaking, is the basis for the more detailed responses I've submitted to this discussion.

[giantDinosaur]

I certainly don't want 5% of the price of my dinner going to healthcare costs. Don't tell me that's something that actually happens where you live?

[mcpeepants]

Do you expect 100% of the cost of your meal to be the raw ingredients? Surely in (almost?) every single retail or service transaction, part of what you are paying is going towards operational costs, taxes, and yes... employee health insurance.

[paranoidrobot]

Is your objection the 5% or that it's going to healthcare costs?

[marcus_holmes]

I think the objection is that for most of western civilisation, healthcare costs are paid for by taxes not employers

[geofft]

OK, but those taxes are paid by someone (usually business taxes). I am strongly in favor of government-funded healthcare but the number of countries where the government can be funded by, like, drilling oil is very small, so I think my argument stands - some portion of the money I spend on dinner is going not towards things that directly produce my dinner but things that someone else thinks is worthwhile. Even if I agree with it, it's not my decision.

[mewpmewp2]

User benefits from effective marketing. If software dev knows who their audience is better it means product will reach the correct customers more efficiently. It is win for everybody.

[oarsinsync]

Marketing platform and the product being marketed benefit from effective marketing.

That the user was “sold” to is not inherently positive. Not all products are good. Not all users can afford products they’re buying. Not all users necessarily understand they’re paying in ways they’re unaware of.

Straying away from social media in this example, cigarettes and alcohol feel like good candidates here.

[josefx]

It has to say something about the effectiveness of your marketing if the only way you even observe it having an effect is by installing spyware on every users system.

[manigandham]

Nobody said it was the only way, but better measurement means optimizing ad spend to better target users and lower prices.

[wyattpeak]

If companies genuinely believed that they'd advertise loudly that they were using the ad platform. The fact that they do it surreptitiously speaks volumes.

[Joeri]

What’s wrong are two things: lack of transparency and lack of choice. They could just ask where people got the app, and offer them a choice not to disclose, but they choose to not offer the user that choice and to not transparently communicate the choice has been withheld.

That’s user-hostile.

The problem with saying “just don’t install the app” is that you have to be informed first, and that even then you have no real choice. If you want to take part in digital social networks you must surrender control and privacy. If your data is a valuable commodity you should be able to decide who gets what, just like you decide with your money. But you can’t, not really.

[saagarjha]

It is not clear to users which apps use the Facebook SDK, so they can’t avoid them even if they wanted to. And so many do include it that it’s hard to find alternative apps…

[Jare]

> You always have the choice to not install the app

You also have the choice to consider the practice questionable, unethical, a systemic problem once it becomes widespread; to highlight it in public posts and forums, to protest how widespread it has become, to believe that it should be illegal in the context of consumer and privacy protections, to lobby for making it illegal, etc.

[yumraj]

> You always have the choice to not install the app (if you don't want to).

Before this article came out was this information available to the users to help them in making this decision.

No, it was not! Hence the problem.

[marcus_holmes]

I think it's pretty clear that if you're not paying for the application, then you're the product not the customer. Even the most ignorant users have probably got that message by now.

If the app is paid-for, it's less forgivable to be using this kind of spyware.

[ric2b]

Your flawed logic applies whether it's paid or not: just don't install it.

Apparently you don't think actually knowing if the app includes the SDK is relevant, this is victim blaming of the highest tier.

[Nextgrid]

Spotify is a paid app that includes it.

[ballenf]

Usually when you say “win-win”, one of the wins is for each side.

[omk]

The user has not explicitly allowed this information to be collected, yet the software developer wants to. That I think is the definition of spyware.

If I were to project this pattern 10 steps further, a software developer may want to know the gender and emotional state of the user installing their software using the front camera. That would also be a spyware, but it's on the higher end of the spyware spectrum.

[Barrin92]

>The FB SDK helps with this. You always have the choice to not install the app (if you don't want to).

up until now I wasn't even aware of the facebook sdk or that say, spotify is sharing my data with facebook even if I don't use their login option so it's pretty hard to make a informed decision.

Is this even legal under GDPR?

[Nextgrid]

To the best of my knowledge, no. Even if we assume advertising attribution falls under legitimate interest (which isn’t certain), it would still only allow them to call out to Facebook once after install to report whether the app was installed from an ad. As of right now the Facebook SDK calls out every single time the app is opened or brought back in foreground.

[petre]

> Is this even legal under GDPR?

I guess you could always complain about it to your country's data protection watchdog and then we'll all find out?

[smacktoward]

“It is difficult to get a man to understand something, when his salary depends upon his not understanding it.”

- Upton Sinclair (https://en.wikipedia.org/wiki/Upton_Sinclair)

[dang]

It's probably time to retire Upton to the Internet Hall of Fame next to Betteridge.

[nikofeyn]

> Software developers want to know whether their existing marketing methods are effective.

so what?

[sneak]

The problem is that it happens silently and without consent of the owner of the hardware.

It’s win-win for facebook and the app developer. It’s only lose for the actual user.