Under the Radar

00:00:00 ◼   ► Welcome to Under the Radar, a show about independent iOS app development.

00:00:04 ◼   ► I'm Mark Warmant.

00:00:05 ◼   ► And I'm David Smith.

00:00:06 ◼   ► Under the Radar is never longer than 30 minutes, so let's get started.

00:00:10 ◼   ► So this week in the news, there was a bit of a kerfuffle over the AccuWeather app embedding

00:00:15 ◼   ► a location tracking ad network in its app.

00:00:19 ◼   ► And it did some things that were, I think, pretty clearly not good.

00:00:25 ◼   ► Pretty clearly not respectful of users, privacy, things like trying to derive the location

00:00:30 ◼   ► with a third party ad firm, even if they denied location access and everything else.

00:00:34 ◼   ► And so we wanted to talk about, not necessarily that specifically, but about the general topic

00:00:39 ◼   ► of as an app developer, what kind of responsibilities or obligations you have on like a moral level

00:00:47 ◼   ► or like a social or even like an app wide environmental level.

00:00:54 ◼   ► And the various pressures that can affect those decisions or that can make these decisions

00:00:59 ◼   ► difficult.

00:01:00 ◼   ► You know, and because like the justification for this particular offense was, well, we

00:01:06 ◼   ► need to know your location for the app to work.

00:01:09 ◼   ► It's a weather app, so we need to know your location to tell you the weather where you

00:01:11 ◼   ► are.

00:01:12 ◼   ► But then once we have your location, are we obligated to only use it for that purpose?

00:01:18 ◼   ► You know, if we pass that along to advertising SDKs in an advertising funded app, we can

00:01:24 ◼   ► have more targeted ads and make more money per user.

00:01:28 ◼   ► And then there's other problems like if you use analytics packages, then they have access

00:01:34 ◼   ► to all this data.

00:01:35 ◼   ► And what are they doing?

00:01:36 ◼   ► And what are they doing with your data once they have it?

00:01:38 ◼   ► What data are they collecting?

00:01:39 ◼   ► And it's a complicated topic in the app world, I think, because these days, you know, as

00:01:46 ◼   ► we've talked about at length on this show, you really can't rule out any method of monetization

00:01:51 ◼   ► for the most part if you want to succeed financially in the app store.

00:01:54 ◼   ► Like you have to be open to trying a lot of different things, including many cases, ads,

00:02:01 ◼   ► and the sale of data in some way.

00:02:03 ◼   ► Lots of apps are funded that way, whether we like it or not.

00:02:07 ◼   ► For some apps, that might be the best way to fund them.

00:02:09 ◼   ► So it's a tricky topic because we can't just say like, oh, everybody should just, you know,

00:02:17 ◼   ► charge a real price and then not be funded by any of these ways.

00:02:19 ◼   ► Because we all know that doesn't work for a lot of things.

00:02:22 ◼   ► For I'd say probably most apps, it doesn't work.

00:02:25 ◼   ► But there's also, I feel like, pretty clear responsibilities that we have either, you

00:02:30 ◼   ► know, ethically or just to make things good and nice or sometimes even by policy from

00:02:37 ◼   ► Apple.

00:02:38 ◼   ► I feel like we have responsibilities that we need to follow on a few different fronts.

00:02:42 ◼   ► >> Yeah.

00:02:43 ◼   ► So I feel like this is a tricky, this is one of the things that I feel like I struggle

00:02:49 ◼   ► with most often in my development.

00:02:52 ◼   ► That a lot of the technical and the design and those sides of the challenges that I face

00:02:57 ◼   ► are like relatively straightforward, relatively easy to understand and unpack.

00:03:02 ◼   ► But these types of questions become much more awkward.

00:03:07 ◼   ► And it's especially awkward because many of them slightly hinge on the existence of

00:03:12 ◼   ► my ability to do all the other work.

00:03:14 ◼   ► That designing and building interesting apps is only something that I can really do if

00:03:20 ◼   ► the business and financial side of it makes sense as well.

00:03:24 ◼   ► And so some of these things get tricky.

00:03:26 ◼   ► And like there is certainly, and a lot of these things, where the awkward place comes

00:03:32 ◼   ► is in the sort of the gray area between, you know, actively doing things to harm your users'

00:03:39 ◼   ► privacy in an active, intentional sort of conscious way.

00:03:45 ◼   ► It certainly feels like not a good thing.

00:03:48 ◼   ► Don't do that.

00:03:49 ◼   ► I'm not going there.

00:03:51 ◼   ► And on the flip side, it certainly is easier, I would probably say, to do things and structure

00:03:57 ◼   ► things such that many of these things are just things you can't think about or worry

00:04:03 ◼   ► about.

00:04:04 ◼   ► So this is the approach in many ways that Apple takes in a lot of their products where,

00:04:10 ◼   ► to their detriment in some ways, they intentionally don't aggregate or keep certain information

00:04:18 ◼   ► on their servers.

00:04:19 ◼   ► You know, a lot of the trickinesses they sometimes have where all your photos are analyzed for

00:04:26 ◼   ► features locally rather than in the cloud, which is good for privacy but can be problematic

00:04:31 ◼   ► in other ways.

00:04:32 ◼   ► But if they, by Apple taking that conscious choice to say, "I'm not going to allow

00:04:37 ◼   ► myself access to this," then I don't have to worry about the appropriate way to treat

00:04:43 ◼   ► that.

00:04:45 ◼   ► But in the middle is where it gets complicated because many of my applications make use of

00:04:54 ◼   ► ad platforms.

00:04:55 ◼   ► That's how I make a substantial part of my income from my apps is by showing ads.

00:04:59 ◼   ► And back in the day when Apple had iAd, I used iAd, and I was glad to use it because

00:05:05 ◼   ► I had a certain amount of confidence that Apple was doing the right things in terms

00:05:12 ◼   ► of user privacy.

00:05:13 ◼   ► And in many ways, that worked out.

00:05:16 ◼   ► It was great for when it was there, but then Apple took it away.

00:05:18 ◼   ► It wasn't viable for Apple to do in the long run.

00:05:21 ◼   ► And so if I want to do advertising now, I'm more in the position of choosing from the

00:05:26 ◼   ► lesser of two evils rather than which one is the good and the bad.

00:05:31 ◼   ► And so I just have to make a guess.

00:05:34 ◼   ► In my case, we've talked about previous episodes, I use Google Ads for my primary monetization

00:05:40 ◼   ► whenever I'm doing advertising now because I figure Google is at least a big company

00:05:45 ◼   ► who is responsible to shareholders, is fairly well analyzed and looked at.

00:05:51 ◼   ► And so if they're doing things that are super sketchy, it'll come to light fairly

00:05:56 ◼   ► quickly, and I'll be able to take steps accordingly.

00:06:01 ◼   ► That's ultimately what I went down with.

00:06:03 ◼   ► But in all these things, some of these things are just going to be impossible to avoid.

00:06:12 ◼   ► Like the fact that in this situation where this platform that was in this weather app

00:06:17 ◼   ► was using, I think it was Wi-Fi information.

00:06:20 ◼   ► So knowing what the various signal strengths of named Wi-Fi hotspots allows them to triangulate

00:06:29 ◼   ► your position to some level of accuracy.

00:06:32 ◼   ► And in an amusing way, this actually goes all the way back to, I think, the first iPhone.

00:06:36 ◼   ► This was the only way location services worked, was this type of stuff where you can triangulate

00:06:41 ◼   ► location based on Wi-Fi hotspots, assuming you're near a Wi-Fi hotspot.

00:06:47 ◼   ► And that's great.

00:06:48 ◼   ► So you could say, well, maybe Apple should lock this down and not make this available,

00:06:52 ◼   ► or add an entitlement to apps so you have to actively ask, would you like this app to

00:06:59 ◼   ► have access to your Wi-Fi information?

00:07:01 ◼   ► And sort of that might help, but at the same time, then I just think, well, any time I

00:07:05 ◼   ► make a web request to an ad network, that web request is coming from an IP address.

00:07:10 ◼   ► And that IP address is, in the same way, somewhat geographically located.

00:07:15 ◼   ► I mean, I know that's not-- it's less precise and less fine-grained, probably, than Wi-Fi,

00:07:22 ◼   ► but it still probably can give you a location to within a zip code, maybe, or similar.

00:07:29 ◼   ► And that information is always going to be available.

00:07:32 ◼   ► And so it starts to become this kind of-- you're chasing your tail a little bit if your

00:07:37 ◼   ► goal is to say, I'm never going to do anything that will allow my user's location to be shared

00:07:43 ◼   ► with a third party.

00:07:44 ◼   ► Like, it's probably not going to happen.

00:07:46 ◼   ► But I don't know.

00:07:47 ◼   ► I struggle a lot with this tension of, I want to be respectful and do things that are in

00:07:53 ◼   ► that sense.

00:07:55 ◼   ► But ultimately, you're always going to have to, at some point, make a choice that says,

00:08:01 ◼   ► either I'm going to have to just say no to this opportunity for monetization or this

00:08:08 ◼   ► opportunity that I might have, or I'm just going to have to try and make the best choice

00:08:13 ◼   ► I can and just live with that and understand that when you do that, you're taking on the

00:08:18 ◼   ► responsibility for that.

00:08:19 ◼   ► Like, I understand that when I include Google's SDK in my app, if Google does something bad,

00:08:26 ◼   ► I'm on the hook for that.

00:08:27 ◼   ► And it's not like I can be like, oh, Google, you did something bad, but I didn't and be

00:08:32 ◼   ► absolved of that.

00:08:33 ◼   ► It's like, I'm still responsible for that.

00:08:35 ◼   ► But ultimately, that's kind of the trade-off that we're going to just have to make, I think.

00:08:39 ◼   ► Yeah, because it's so often not a question of, like, do I want to do the right thing

00:08:46 ◼   ► or not?

00:08:47 ◼   ► I mean, honestly, that should always be a question.

00:08:49 ◼   ► But so often, it's hard to make that decision objectively because the financial or market

00:08:55 ◼   ► pressures are very strong in the other direction.

00:08:58 ◼   ► And in the case of any kind of ad-funded or data-funded app, basically the more creepy

00:09:04 ◼   ► that you are or that you allow someone else to be inside your app, the more creepy you

00:09:09 ◼   ► are, the more money you make.

00:09:12 ◼   ► And that's a sad state of affairs, and that has a massive negative incentive there.

00:09:17 ◼   ► But that is the reality of that kind of business, that the more data you can give a smart ad

00:09:24 ◼   ► network, the more targeted ads they can serve to that person both in your app and also then

00:09:29 ◼   ► in other apps that their network is in.

00:09:31 ◼   ► They track people between apps.

00:09:34 ◼   ► And you're right.

00:09:35 ◼   ► Even if you just make a web request to the server, even if the API inside the app is

00:09:41 ◼   ► doing nothing incredibly creepy and not capturing much more data than just sending a web request,

00:09:45 ◼   ► yeah, if you have an IP address, you can track people between apps and between sites on the

00:09:49 ◼   ► web and everything else, and you can do creepy stuff.

00:09:52 ◼   ► And you can usually identify somebody if you try hard enough.

00:09:56 ◼   ► And so some degree of this is inevitable, but I feel like this is one of the ways in

00:10:05 ◼   ► which it's hard for me to fully know the market forces because I'm fortunate enough to be

00:10:10 ◼   ► in a position where I can make these decisions myself, whereas most developers are in a situation

00:10:17 ◼   ► where it's not their call, how creepy their app is or how creepy their company or their

00:10:22 ◼   ► ad network is, or they might just be in a bad situation where they tried other things

00:10:28 ◼   ► and other things didn't work for them.

00:10:30 ◼   ► And so the only way they could make a living making apps or making a particular type of

00:10:34 ◼   ► app is to put in creepy stuff.

00:10:37 ◼   ► And that's a really sad state of affairs.

00:10:39 ◼   ► And I recognize, again, some people might consider that inevitable or their only choice.

00:10:45 ◼   ► I would challenge that in a lot of cases to say, "Is that really your only choice?"

00:10:49 ◼   ► But the reality is for some people, they're going to say yes, and that might be the case

00:10:53 ◼   ► for them.

00:10:54 ◼   ► And so it's really hard for me to preach this to anyone else to say, "You shouldn't do

00:11:00 ◼   ► creepy stuff."

00:11:01 ◼   ► But there are certainly degrees of what you can do.

00:11:06 ◼   ► When I tried ads in my app for the first time last fall, about a year ago, I did Google

00:11:11 ◼   ► ads for the same reason, what you just said, basically, same reason, which was they were

00:11:16 ◼   ► the biggest ad network by far.

00:11:18 ◼   ► So I knew that they would sell the most inventory and that I trusted that Google probably would

00:11:25 ◼   ► be less creepy than some of the other players in that business and that if Google did anything

00:11:31 ◼   ► bad, we'd hear about it.

00:11:33 ◼   ► And I think that was mostly correct.

00:11:35 ◼   ► But at the time, though, there were all sorts of...

00:11:39 ◼   ► I'm sure there still is.

00:11:41 ◼   ► But I had to choose between all sorts of different networks and there were all these packages

00:11:44 ◼   ► that would roll together multiple networks, aggregate them, and basically serve each ad

00:11:51 ◼   ► to the highest bidder.

00:11:52 ◼   ► And so you'd have to integrate six or seven mobile ad SDKs in your app, run them all,

00:11:58 ◼   ► and then take bids from all of them at request time and do some kind of meta choice thing.

00:12:06 ◼   ► That seemed to be the default choice that most people took at the time, and I'm sure

00:12:10 ◼   ► it still is that way today.

00:12:14 ◼   ► And the reason why you would do that, I had the freedom, really, the authority for my

00:12:19 ◼   ► business to say, "I'm not willing to cross that line to get maybe 20% more money," or

00:12:26 ◼   ► whatever the number would be.

00:12:27 ◼   ► But again, a lot of people don't have that freedom to make that choice.

00:12:31 ◼   ► And so it is the norm to just throw in as many ad SDKs as you possibly can, have something

00:12:38 ◼   ► aggregate them all, and you're giving away every possible bit of data you possibly can

00:12:44 ◼   ► in that process to all these different parties to have them maybe serve you an ad for you

00:12:48 ◼   ► to maybe make 20% more on your relatively low ad revenue.

00:12:53 ◼   ► And that's just really, it's hard for me to reconcile what I want to be true about the

00:12:59 ◼   ► marketplace with what people are actually doing, whether they have to or not.

00:13:05 ◼   ► Again, it's hard for me to say that, but it's very hard for me to look at this and say,

00:13:10 ◼   ► "Oh yeah, well, I guess it has to be this way."

00:13:13 ◼   ► There has to be something else to it.

00:13:16 ◼   ► In my app, I made the decision recently, basically this past fall and winter, after doing Google

00:13:25 ◼   ► ads for a little while, they weren't going very well, we talked about it on the show,

00:13:28 ◼   ► so I ditched them and I made my own ad network, basically, where I'm just selling ads for

00:13:32 ◼   ► podcasts, and that works for my app for a few reasons that it probably doesn't work

00:13:35 ◼   ► for really any other apps.

00:13:37 ◼   ► So obviously this is not a generalized solution to this business problem.

00:13:41 ◼   ► But one of the things I decided back then was I'm no longer okay with this.

00:13:44 ◼   ► I did it, I kind of swallowed the bitter pill because I thought I had to, but once I found

00:13:50 ◼   ► a better option, I stopped doing it.

00:13:53 ◼   ► And I hope that more people are able to find those better options and are able to give

00:13:59 ◼   ► themselves the freedom to say, "You know what, I'm willing to decline 15 or 20 percent

00:14:05 ◼   ► of this revenue in order to cut myself from seven ad SDKs down to one that's reasonably

00:14:12 ◼   ► trustworthy."

00:14:14 ◼   ► And unfortunately, just a lot of people are either not able to make that choice or don't

00:14:19 ◼   ► care and are willing to just throw away their users' privacy.

00:14:22 ◼   ► Yeah, because I think ultimately, and it could just be a rationalization, but I think in

00:14:30 ◼   ► the end what I found for myself is I wrestle with these kinds of things.

00:14:35 ◼   ► And part of what brings me to the Apple platform and this ecosystem is, in general, a pervasive

00:14:44 ◼   ► culture of respecting the user in many facets.

00:14:49 ◼   ► This is the privacy and that side of thing is certainly a significant part of it, but

00:14:54 ◼   ► you respect the user in the way you design your user interface and their time and their

00:14:58 ◼   ► attention and those types of things as well.

00:15:00 ◼   ► And it's a fairly user-centric focus.

00:15:03 ◼   ► That attracts me to here, but I understand that some of these things are, yeah, it's

00:15:08 ◼   ► a necessary tradeoff, that I've tried many other forms of monetization if I want to keep

00:15:13 ◼   ► doing this.

00:15:14 ◼   ► If I want to keep providing, my users, I think, don't care about this as much as I do in general.

00:15:22 ◼   ► That's the impression that I get.

00:15:23 ◼   ► And in some ways, that's a good thing.

00:15:27 ◼   ► Probably it's a positive thing for our relationship for me to be more worried about this than

00:15:32 ◼   ► they are.

00:15:33 ◼   ► They shouldn't have to think about this or care about this, that I need to worry about

00:15:37 ◼   ► it more.

00:15:38 ◼   ► And if I continue to do that, then that's probably overall going to bode well.

00:15:42 ◼   ► But I think what I found at least is probably a useful measure for where someone is on this

00:15:48 ◼   ► is, I think it's more a question about your posture towards things like this than necessarily

00:15:56 ◼   ► some of the choices that you'll have to make in those gray areas.

00:15:59 ◼   ► Because in my case anyway, it's like my posture is that I want to do the bare minimum that

00:16:07 ◼   ► I can from exposing my users' data and privacy while still being viable financially.

00:16:17 ◼   ► I'm not trying to maximize the money I can make.

00:16:21 ◼   ► I'm trying to be viable in that.

00:16:24 ◼   ► In general, with moral or questions like that, where there's this line that you don't want

00:16:30 ◼   ► to cross, it's the question of, are you trying to see how close you can get to that line

00:16:36 ◼   ► without crossing it?

00:16:39 ◼   ► Or are you trying to keep as far away from it as you can, being aware that it's still

00:16:43 ◼   ► there?

00:16:44 ◼   ► And I think as long as your posture is still one of trying to distance yourself away, that

00:16:47 ◼   ► yeah, when you're integrating ad platforms, rather than integrating six and trying to

00:16:54 ◼   ► maximize your money that way, maybe just do one.

00:16:57 ◼   ► Maybe minimize your opportunities for doing things or for nefarious things happening.

00:17:02 ◼   ► And honestly, in some ways, limiting your exposure to it.

00:17:04 ◼   ► The impression I got from this AccuWeather situation is that this wasn't the only SDK or ad SDK

00:17:11 ◼   ► that they had in their app.

00:17:12 ◼   ► They just had several.

00:17:13 ◼   ► And in many ways, I kind of feel bad for the developer because my guess is this is a very

00:17:19 ◼   ► good chance.

00:17:20 ◼   ► This is not like they got pinned for something that they weren't necessarily aware of or

00:17:26 ◼   ► wasn't a conscious choice.

00:17:27 ◼   ► But if you just go for the maximization strategy, include dozens and dozens of SDKs, fill your

00:17:34 ◼   ► app with them, and then hope for the best and have your goal be to maximize things.

00:17:39 ◼   ► And stuff like this is inevitably going to happen because there's just so many different

00:17:43 ◼   ► avenues for problems.

00:17:45 ◼   ► And I will say, and it's certainly something that's relevant for this audience and the

00:17:49 ◼   ► show is it is something that is one of the wonderful benefits of being an independent

00:17:55 ◼   ► developer, I think, is being able to make that choice in a way that you think, like

00:18:01 ◼   ► you were just saying, sometimes you just wouldn't have the opportunity to make that choice.

00:18:05 ◼   ► That if your organization says we need to maximize doing this, then that's great.

00:18:12 ◼   ► And then also, yeah, just keep in mind that whenever I talk to these types of topics with

00:18:19 ◼   ► non-developers, I'm always struck by how in general most people just don't mind about

00:18:26 ◼   ► it and they don't really think about it or care about it.

00:18:28 ◼   ► And I mean, if you think about how many people post pictures to social networks, to Facebook,

00:18:34 ◼   ► to Instagram, to Twitter, to places like that, every one of those pictures, if it's taken

00:18:40 ◼   ► with a phone, will have precise GPS coordinates in it that almost certainly those social networks

00:18:46 ◼   ► can use to determine where you are and how you move around.

00:18:51 ◼   ► And most of those social networks are powered by advertising, so they have this data anyway.

00:18:56 ◼   ► But at the same time, I think most people would say, well, I'm not going to not post

00:19:00 ◼   ► pictures to social networks, even though every time I do that, I'm giving very precise location

00:19:05 ◼   ► information to all my social networks.

00:19:08 ◼   ► And so it's probably not as big of a deal as we make it out to be as developers, but

00:19:14 ◼   ► I think it's important to have a thoughtful, conscious posture towards it and then just

00:19:19 ◼   ► accept that this might just be some of the realities of where we are.

00:19:24 ◼   ► I would also say, too, it's worth, you know, I did say that a lot of times you aren't in

00:19:30 ◼   ► the position to make this choice, but you are usually in the position to choose the

00:19:37 ◼   ► kind of job that you do and the kind of company you work for.

00:19:41 ◼   ► And yeah, you know, certain times the market's harder than others, certain places the market's

00:19:44 ◼   ► harder than others, but people often go to the excuse, you know, oh, I can't leave this

00:19:49 ◼   ► job that ethically does questionable things because I can't get a job anywhere else or

00:19:54 ◼   ► it's not so easy to quit your job.

00:19:55 ◼   ► And that's true.

00:19:56 ◼   ► It isn't so easy to quit your job and go somewhere else.

00:19:58 ◼   ► But that is within your control.

00:20:01 ◼   ► And a lot of people assume that there's nothing else out there for them when they actually

00:20:06 ◼   ► don't know that, you know, they haven't actually tested that or looked or tried to get other

00:20:11 ◼   ► jobs.

00:20:12 ◼   ► So doing bad things or things that you consider ethically problematic at your job, you can't

00:20:19 ◼   ► just say, well, that was my job to do it.

00:20:20 ◼   ► You know, like I was just doing my job.

00:20:22 ◼   ► Like that does not excuse you from that.

00:20:25 ◼   ► And you know, there are other options out there.

00:20:27 ◼   ► There is work out there to be had that does not require you to compromise your ethics

00:20:32 ◼   ► or do creepy things.

00:20:33 ◼   ► And I highly encourage you, if you're in a bad situation, to look at those options.

00:20:38 ◼   ► Seriously consider them.

00:20:39 ◼   ► Just brush off the idea that, oh, well, those jobs aren't around me or I can't get those

00:20:45 ◼   ► jobs or there aren't enough of those jobs.

00:20:46 ◼   ► No, those jobs exist everywhere.

00:20:48 ◼   ► Anyway, we are sponsored this week by Linode.

00:20:51 ◼   ► Linode helps you get your servers up in seconds with fast, powerful web hosting.

00:20:56 ◼   ► And Linode plans now start at just five dollars a month for a full Linux server with one gig

00:21:00 ◼   ► of RAM in the Linode cloud.

00:21:03 ◼   ► Linode has over 400,000 customers, including David and me, who are all serviced by their

00:21:07 ◼   ► friendly 24/7 support team if you need it.

00:21:10 ◼   ► You can email, call, or even chat over IRC.

00:21:12 ◼   ► If you need help with anything about your servers, Linode is there for you.

00:21:16 ◼   ► The control panel is beautifully designed with a focus on ease and simplicity.

00:21:20 ◼   ► It allows you to deploy, boot, resize, and clone your VPSs in just a few clicks.

00:21:25 ◼   ► And they have comprehensive guides and support documentation to teach you everything you

00:21:29 ◼   ► need to know for setting up and managing virtual servers.

00:21:32 ◼   ► So whether you're just getting started with one server or you have a complex system that

00:21:36 ◼   ► you're deploying, I mean, I have, I think, 20 servers at Linode.

00:21:40 ◼   ► And I was there for years with just one.

00:21:43 ◼   ► And I've seen everything in between.

00:21:44 ◼   ► And it scales up, up and down.

00:21:46 ◼   ► It's wonderful.

00:21:47 ◼   ► I love Linode.

00:21:48 ◼   ► I put all my stuff there, and I highly recommend it.

00:21:51 ◼   ► So check it out.

00:21:52 ◼   ► They have fantastic pricing available.

00:21:53 ◼   ► Again, a server with one gig of RAM is just five bucks a month.

00:21:57 ◼   ► You can scale it up to 16 gigs of RAM for just 60 bucks a month.

00:22:00 ◼   ► They are offering twice as much RAM that you will get elsewhere for the same price.

00:22:05 ◼   ► As a listener of this show, if you sign up at linode.com/radar, you will support us and

00:22:09 ◼   ► you will get $20 towards any Linode plan.

00:22:12 ◼   ► And with a seven-day money-back guarantee, there's nothing to lose.

00:22:15 ◼   ► So go to linode.com/radar.

00:22:17 ◼   ► To learn more, sign up and take advantage of that $20 credit or use promo code radar2017

00:22:23 ◼   ► at checkout.

00:22:24 ◼   ► Thank you so much to Linode for supporting this show.

00:22:28 ◼   ► So I wanted to kind of bring around a little bit too, in addition to like ad networks and

00:22:32 ◼   ► stuff, the larger topic of just what we shove into our apps on someone else's behalf, I

00:22:41 ◼   ► really think this deserves a lot of scrutiny.

00:22:44 ◼   ► And I'm not saying no one should ever embed third-party code.

00:22:49 ◼   ► I decided for myself I will no longer embed third-party closed source code.

00:22:53 ◼   ► And I actually use very little third-party code at all anyway, but that's just a coding

00:22:56 ◼   ► preference.

00:22:57 ◼   ► But like there are features in my app that I could add, like I could add Chromecast audio

00:23:01 ◼   ► support.

00:23:03 ◼   ► But embedding Chromecast requires a closed source Google SDK to be added to my app, and

00:23:08 ◼   ► I'm no longer okay with that, so I don't offer that feature.

00:23:12 ◼   ► And I have to just be okay with not having that feature, even if it hurts me competitively

00:23:15 ◼   ► in some ways.

00:23:16 ◼   ► But there are also certain things, like I decided I didn't want third-party analytics

00:23:20 ◼   ► anymore because analytics companies, even the big fancy ones like Fabric and Google

00:23:28 ◼   ► and stuff like that, actually that is now Google, isn't it?

00:23:33 ◼   ► That's a lot of data you're sending them.

00:23:35 ◼   ► And a closed source package collecting all that data from all these people for the purpose

00:23:40 ◼   ► of an advertising company to benefit from it, and you get these things for free, allegedly.

00:23:45 ◼   ► That's creepy.

00:23:46 ◼   ► And that is not doing anybody any favors, really, except you're saving some money

00:23:50 ◼   ► on analytics.

00:23:53 ◼   ► When you're faced with the decision of adding these, again, I just encourage you to give

00:23:57 ◼   ► them a lot of scrutiny, to think, "Do I really need this thing?

00:24:01 ◼   ► Do I really need to embed this?

00:24:03 ◼   ► Or am I giving away the farm to get some minor benefit to me?"

00:24:09 ◼   ► There's a trade-off there.

00:24:11 ◼   ► There's a balance there.

00:24:12 ◼   ► And I think if you're going to be putting yourself in the position of giving away lots

00:24:17 ◼   ► of your users' data to some other company that the users are not expecting or that they

00:24:21 ◼   ► might not even know about as they're using your app, I feel like you have a responsibility

00:24:25 ◼   ► to not only try to avoid that at all costs, but also if you do have to do it, to really

00:24:30 ◼   ► make sure that there's a really good reason for why you have to do that.

00:24:34 ◼   ► Things like your app has to do that to survive financially.

00:24:39 ◼   ► That's a good reason if you can make the other things work out or if it's not being

00:24:43 ◼   ► too creepy.

00:24:44 ◼   ► But if it's like, "It'll be a little more convenient for me to embed this one SDK

00:24:48 ◼   ► or to use this one service or to get these types of analytics if I give away all of my

00:24:53 ◼   ► users' data to this other company to do God knows what with," that's not a good

00:24:57 ◼   ► trade-off.

00:24:58 ◼   ► And that's the kind of thing that I think a responsible developer needs to avoid.

00:25:01 ◼   ► >> Justin: Yeah.

00:25:02 ◼   ► And I think even just there's practical reasons, too.

00:25:06 ◼   ► If I look in a lot of my crash logs, at this point, the only crashes that exist in my apps

00:25:15 ◼   ► are from the ad frameworks that I have to include in my apps to show ads.

00:25:22 ◼   ► And those are just crashes that I'm just going to have to accept the fact that I can

00:25:28 ◼   ► never fix, that those are just going to be there.

00:25:30 ◼   ► And so minimizing those opportunities is probably good.

00:25:33 ◼   ► And similarly, there's the size side of this, that every framework you add to your

00:25:38 ◼   ► app makes your app bigger.

00:25:40 ◼   ► And this can get kind of silly if the majority of the size of the download of your application

00:25:47 ◼   ► is from third-party frameworks.

00:25:50 ◼   ► That's probably not good.

00:25:51 ◼   ► I mean, both from the—that's wasteful of bandwidth and so on.

00:25:56 ◼   ► But it's also probably hurting your app in other ways as well.

00:26:01 ◼   ► Even if your app is still below the cellular download level and so on, the number of times

00:26:07 ◼   ► someone will download an app from the app store and never open it is not substantial.

00:26:12 ◼   ► And it wouldn't surprise me if the time between hitting download and being able to

00:26:17 ◼   ► hit open as that increases, I would be not at all surprised if the number of—the abandonment

00:26:24 ◼   ► rate, I guess you would call it, increases as well.

00:26:27 ◼   ► And so keeping your app size small has benefits for you in other ways.

00:26:30 ◼   ► But yeah, it's like you want to be very mindful of any of these things when you're

00:26:35 ◼   ► pulling them in because you are making so many of these tradeoffs for stability, for

00:26:39 ◼   ► size, for privacy, and you just have to live with whatever is going in there as a result.

00:26:45 ◼   ► Yeah, like ultimately it's your responsibility as a developer.

00:26:50 ◼   ► Like this all falls on you.

00:26:53 ◼   ► Even if you put something in your app that doesn't even keep you that you don't know

00:26:56 ◼   ► about, that's still on you.

00:26:58 ◼   ► It's your responsibility to know what you're putting in your app.

00:27:01 ◼   ► And you know, like the incident we're talking about with AccuWeather, like they kind of said

00:27:05 ◼   ► at the beginning that like, "Oh, they didn't know this was happening."

00:27:07 ◼   ► It was something like that.

00:27:08 ◼   ► But like that's still their fault.

00:27:10 ◼   ► That's still their responsibility.

00:27:11 ◼   ► And it's absolutely their problem.

00:27:14 ◼   ► Like anything you embed in your app, any data you give away, you are the one responsible

00:27:19 ◼   ► for that.

00:27:20 ◼   ► You are the one doing that.

00:27:21 ◼   ► You can't shirk that responsibility.

00:27:24 ◼   ► You can't say, "Oh, well, how did you embed this thing?"

00:27:26 ◼   ► No, that's -- your users don't care.

00:27:28 ◼   ► Apple won't care.

00:27:29 ◼   ► Lawyers won't care.

00:27:30 ◼   ► No one will care the reason you embedded that.

00:27:33 ◼   ► All they'll care about is that your app did that.

00:27:36 ◼   ► And so you have to use the utmost care for just social responsibility as well as your

00:27:42 ◼   ► own liability to really minimize the ways in which you are letting other people run

00:27:49 ◼   ► code in your app that you might not be able to see or that you might not know about or

00:27:53 ◼   ► where there is a clear incentive for them to be creepy and abusive.

00:27:58 ◼   ► >> Yeah.

00:27:59 ◼   ► And it's one of the things that I will say that I love -- I'm always very glad when I

00:28:05 ◼   ► see Apple adding new system-level protections for most of these things because it eliminates

00:28:12 ◼   ► something that I need to worry about.

00:28:15 ◼   ► That like -- I mean, it's still kind of remarkable to me that back in the original days of the

00:28:19 ◼   ► iPhone OS SDK, apps could scan your address book without the user being aware of it.

00:28:28 ◼   ► And like it's kind of -- when they finally fix this, but the reality is previous to that,

00:28:34 ◼   ► any time you included a third-party SDK into your app, it was entirely possible they were

00:28:40 ◼   ► taking that user's entire contact book and uploading it.

00:28:44 ◼   ► You would have no way to know that that was happening.

00:28:47 ◼   ► And so like I always love it when Apple goes -- like they solve some of the problems in

00:28:51 ◼   ► ways that I can't by when they introduce their protections.

00:28:54 ◼   ► And like I would not be surprised if Apple introduces some kind of, you know, privacy

00:28:59 ◼   ► protection around Wi-Fi state and Wi-Fi information as a result of this sort of news article cycle.

00:29:06 ◼   ► And if they do, that's awesome.

00:29:07 ◼   ► Like any time that they do those types of things, I love it because it makes my life

00:29:11 ◼   ► easier and it's one less thing that I need to worry about as a result.

00:29:16 ◼   ► >> Exactly.

00:29:17 ◼   ► All right, thanks for listening everybody.

00:29:19 ◼   ► I'm going to talk to you next week.

00:29:21 ◼   ► >> Bye.

00:29:22 ◼   ► [BLANK_AUDIO]