Under the Radar

00:00:00 ◼   ► - Welcome to Under the Radar,

00:00:02 ◼   ► a show about independent iOS app development.

00:00:04 ◼   ► I'm Mark O'Arment.

00:00:06 ◼   ► - And I'm David Smith.

00:00:07 ◼   ► Under the Radar is never longer than 30 minutes,

00:00:09 ◼   ► so let's get started.

00:00:11 ◼   ► So it is that time of year again,

00:00:12 ◼   ► it is the end of the year,

00:00:13 ◼   ► and interestingly for us, I think as iOS developers,

00:00:18 ◼   ► right now it means that it's time for us

00:00:20 ◼   ► to think about our privacy and our data tracking

00:00:24 ◼   ► and all the things as we've just had to go in

00:00:26 ◼   ► and fill in our, what is it,

00:00:29 ◼   ► Apple is calling them the privacy nutrition labels.

00:00:32 ◼   ► - Something like that.

00:00:32 ◼   ► - Or something with our app,

00:00:33 ◼   ► and some of these have turned out to be somewhat comical,

00:00:35 ◼   ► like if you look at the Facebook app one,

00:00:37 ◼   ► I feel like almost as a protest,

00:00:39 ◼   ► they just went in and checked every checkbox,

00:00:42 ◼   ► just like for funsies,

00:00:44 ◼   ► like they just had an intern go and check

00:00:46 ◼   ► every single checkbox,

00:00:47 ◼   ► because that seems like what they did.

00:00:50 ◼   ► They are collecting all the information.

00:00:52 ◼   ► - In a way, it's actually kind of smart,

00:00:54 ◼   ► because legally, they probably want to,

00:00:57 ◼   ► I bet the legal department wanted to cover their butts

00:01:00 ◼   ► and be like, all right,

00:01:01 ◼   ► we are just gonna say we collect everything

00:01:03 ◼   ► for every possible purpose,

00:01:05 ◼   ► because we want the ability to do that

00:01:07 ◼   ► without getting into trouble with Apple, or legally,

00:01:09 ◼   ► and also, I think it's smart,

00:01:11 ◼   ► because nobody expects Facebook to be good

00:01:15 ◼   ► in this way anyway,

00:01:16 ◼   ► so in a way, it doesn't even matter

00:01:18 ◼   ► what Facebook says on theirs,

00:01:19 ◼   ► and also, by making it so insanely long,

00:01:23 ◼   ► they remove all meaning from any of it,

00:01:25 ◼   ► which is actually, I think this is actually a little bit

00:01:28 ◼   ► of a flaw in Apple's design,

00:01:31 ◼   ► that certain things that are very commonplace,

00:01:33 ◼   ► like crash reporting,

00:01:35 ◼   ► these things are so common,

00:01:37 ◼   ► and Apple gives them so much size

00:01:39 ◼   ► and visual prominence in the display of this thing,

00:01:42 ◼   ► that actually, it's actually kind of hard

00:01:43 ◼   ► to get an idea of what in this app privacy label thing,

00:01:47 ◼   ► what is there that I need to notice and care about,

00:01:50 ◼   ► because there's so much noise in it,

00:01:51 ◼   ► and Facebook's approach is actually kind of genius,

00:01:53 ◼   ► because they filled it with so much noise

00:01:56 ◼   ► that you really get no information from that whatsoever.

00:01:59 ◼   ► - Yeah, no, it's a weird thing,

00:02:02 ◼   ► and I definitely, I will say,

00:02:03 ◼   ► having now gone through the experience for most of my apps,

00:02:06 ◼   ► and putting in my own information into it,

00:02:09 ◼   ► it is, I see what Apple is trying to do here,

00:02:12 ◼   ► but it is really confusing,

00:02:14 ◼   ► and some of the things show up in a way that is really,

00:02:19 ◼   ► not, I think deceptive's the wrong word,

00:02:21 ◼   ► but it's kind of in that way,

00:02:22 ◼   ► where if you do anything that,

00:02:25 ◼   ► if you record someone's IP address,

00:02:29 ◼   ► in many ways, you are collecting their course location,

00:02:33 ◼   ► probably, in terms of,

00:02:34 ◼   ► that is something that you could ultimately work out

00:02:37 ◼   ► back to being your location,

00:02:39 ◼   ► but if you put in that you are saying

00:02:42 ◼   ► that it's course location,

00:02:44 ◼   ► then it shows up just in the initial thing,

00:02:46 ◼   ► when the user opens the app store,

00:02:47 ◼   ► it says, "This app tracks your location,"

00:02:49 ◼   ► and it's like, "Really?

00:02:53 ◼   ► "It's tricky for me,"

00:02:54 ◼   ► 'cause obviously, I've just,

00:02:55 ◼   ► I solved that problem by just making sure

00:02:58 ◼   ► that I never log or track an IP address anywhere,

00:03:01 ◼   ► and anything, and I can just avoid

00:03:03 ◼   ► making it look like I'm tracking your location,

00:03:05 ◼   ► but that's the one where I feel,

00:03:07 ◼   ► there's a bunch of these questions,

00:03:08 ◼   ► and some of these things are like, "I don't know."

00:03:11 ◼   ► Is this user analytics, or is it diagnostic information?

00:03:15 ◼   ► Is it,

00:03:16 ◼   ► is there a lot of the categories and things,

00:03:20 ◼   ► and what should be counted, and what shouldn't?

00:03:21 ◼   ► I feel like is,

00:03:22 ◼   ► I appreciate that Apple is trying to be very specific

00:03:26 ◼   ► and descriptive, but almost, it becomes,

00:03:30 ◼   ► I have the same problem that the user will have

00:03:32 ◼   ► when they look at their Facebook one,

00:03:34 ◼   ► like when I'm looking at all the check boxes,

00:03:35 ◼   ► and I'm just like, "I don't know."

00:03:37 ◼   ► Which category does this go into?

00:03:39 ◼   ► Is this actually something that I need to worry about,

00:03:41 ◼   ► or is it actually just totally fine?

00:03:44 ◼   ► I've found it to be a little bit frustrating,

00:03:46 ◼   ► and the degree to which,

00:03:49 ◼   ► if you, for my subscription management,

00:03:53 ◼   ► I use RevenueCat, and they have, thankfully,

00:03:57 ◼   ► they have, most third-party services seem to have these now,

00:04:01 ◼   ► they have their little checklist of,

00:04:02 ◼   ► if you use our service,

00:04:03 ◼   ► this is what you probably have to check.

00:04:06 ◼   ► But some of these things get a little questionable,

00:04:08 ◼   ► where it's like, if you use random identifiers

00:04:11 ◼   ► to attach to a user, is that tracking the user,

00:04:15 ◼   ► 'cause it's not personally identifiable,

00:04:18 ◼   ► and it's not tracked across anything else,

00:04:21 ◼   ► but it's a way for them to keep track of them.

00:04:22 ◼   ► Is that a user ID, is it a device ID?

00:04:24 ◼   ► Anyway, so this has been my life recently,

00:04:27 ◼   ► of trying to unfurl a little bit of what check boxes

00:04:32 ◼   ► I'm actually supposed to check,

00:04:33 ◼   ► and I really, it feels like there's gotta be a better way

00:04:36 ◼   ► than the hundred-check box approach that Apple settled on.

00:04:40 ◼   ► - It also, when I designed the Overcast privacy

00:04:44 ◼   ► and tracking screen for each podcast recently,

00:04:47 ◼   ► this is a thing, if anybody's not familiar,

00:04:48 ◼   ► where you can go into each podcast screen in Overcast,

00:04:50 ◼   ► and it'll tell you which services

00:04:52 ◼   ► its files are hosted through,

00:04:53 ◼   ► 'cause each one of those services gets your IP address

00:04:55 ◼   ► when you request a file.

00:04:57 ◼   ► That's just how podcast downloads work.

00:04:59 ◼   ► And so, and I try to categorize all the known services

00:05:02 ◼   ► that I could find as like, what are these things?

00:05:05 ◼   ► So I could display on that screen,

00:05:06 ◼   ► all right, this thing goes through Libsyn,

00:05:08 ◼   ► this is a hosting service, it provides stats.

00:05:11 ◼   ► This thing goes through PodTrack,

00:05:12 ◼   ► this is a tracking service,

00:05:13 ◼   ► and this service provides dynamic ad insertion,

00:05:16 ◼   ► and this service provides cross-site tracking,

00:05:18 ◼   ► and I tried to categorize those into these,

00:05:21 ◼   ► into a handful, I think it's four or five broad categories.

00:05:24 ◼   ► I try to distill it down to like,

00:05:26 ◼   ► what do you really wanna know about this?

00:05:28 ◼   ► Like, dynamic ad insertion,

00:05:30 ◼   ► I say something along the lines of like,

00:05:31 ◼   ► this can dynamically insert ads into your podcast

00:05:33 ◼   ► which may be targeted to your region, or to your behavior.

00:05:38 ◼   ► It's something like that.

00:05:39 ◼   ► And that's what people wanna know.

00:05:41 ◼   ► People don't care, for the most part,

00:05:44 ◼   ► if a hosting service like Libsyn collects regional stats

00:05:48 ◼   ► based on IP address lookups to know

00:05:50 ◼   ► how many of your listeners live in the USA

00:05:52 ◼   ► versus the UK or whatever.

00:05:54 ◼   ► That kind of stuff, most people don't care about.

00:05:56 ◼   ► So there is this kind of hierarchy of like,

00:05:58 ◼   ► what do people really care about

00:05:59 ◼   ► and what do people not care about?

00:06:00 ◼   ► What's more kind of just noise and technical details?

00:06:03 ◼   ► And it's hard to make, it's kind of a judgment call,

00:06:06 ◼   ► and different people have different amounts

00:06:07 ◼   ► of what they care about and don't care about,

00:06:09 ◼   ► but one thing that I tried to do

00:06:10 ◼   ► in my design of that screen was,

00:06:13 ◼   ► if there's something, if it's one of the categories

00:06:15 ◼   ► that I think people should know about

00:06:17 ◼   ► that might be alarming or unexpected

00:06:19 ◼   ► in the context of podcast downloads,

00:06:21 ◼   ► like being able to track you between different sites,

00:06:25 ◼   ► being able to say, inject an audio ad

00:06:28 ◼   ► into a podcast you play from a major publisher

00:06:30 ◼   ► about something that you looked at on Amazon,

00:06:33 ◼   ► which they totally can do.

00:06:36 ◼   ► Like some of these podcast servers can totally do that.

00:06:39 ◼   ► And so there's like two or three things

00:06:41 ◼   ► that if a podcast has one of those capabilities

00:06:44 ◼   ► in the services that it's hosted by,

00:06:47 ◼   ► I will change the icon of the privacy screen

00:06:50 ◼   ► from the little eye circle for info

00:06:53 ◼   ► to the little warning triangle.

00:06:55 ◼   ► To just kind of say like, this podcast has something

00:06:56 ◼   ► you should maybe look at and know about

00:06:58 ◼   ► if you care about this privacy stuff.

00:06:59 ◼   ► And the reason I did that is because every podcast

00:07:01 ◼   ► has some degree of, well, this is a hosting site,

00:07:03 ◼   ► they're gonna see your IP address,

00:07:05 ◼   ► but some of them just have stuff you care about

00:07:07 ◼   ► versus stuff you don't.

00:07:08 ◼   ► And I feel like that's kind of where Apple

00:07:09 ◼   ► has fallen down a little bit with the design

00:07:10 ◼   ► of this App Store privacy label stuff

00:07:12 ◼   ► is that there's a lot of stuff in here

00:07:14 ◼   ► that almost no one's gonna ever care about.

00:07:15 ◼   ► Or that's kind of just inherent to how apps work.

00:07:18 ◼   ► And some of that I feel like the display of this,

00:07:24 ◼   ► once an app has more than two or three things

00:07:27 ◼   ► that it collects, the display of this information

00:07:29 ◼   ► does not adequately convey what of this

00:07:32 ◼   ► should I maybe be alarmed by or should I know about

00:07:34 ◼   ► more prominently than everything else

00:07:36 ◼   ► versus what's an entire exhaustive list

00:07:39 ◼   ► of what all they could possibly do.

00:07:41 ◼   ► - Yeah, and I think it's this weird,

00:07:43 ◼   ► yeah, it's like what you wanna know is,

00:07:44 ◼   ► is something creepy happening or is it just normal

00:07:49 ◼   ► and something that you shouldn't have to worry about?

00:07:51 ◼   ► And obviously that's a hard problem to,

00:07:53 ◼   ► well, what's creepy depends on who you are

00:07:55 ◼   ► and what your threshold for things is

00:07:59 ◼   ► where it's creepy when you, if you search

00:08:01 ◼   ► for something on Amazon and then you hear an ad for it

00:08:03 ◼   ► in a podcast you're listening to,

00:08:05 ◼   ► that's a little creepy, but--

00:08:07 ◼   ► - More than a little to me, but--

00:08:08 ◼   ► - Yeah, sure, it's very creepy.

00:08:10 ◼   ► - But to some people they'd be like, eh, whatever.

00:08:12 ◼   ► - But it's even like knowing, yeah, it's,

00:08:15 ◼   ► I think as a developer what I find frustrating about this

00:08:18 ◼   ► is like I wanna be, it's like I wanna be a good guy, right?

00:08:22 ◼   ► Like I wanna, I intentionally and consciously

00:08:25 ◼   ► collect as little information as I possibly can

00:08:29 ◼   ► about my users and I do my best to use third party providers

00:08:34 ◼   ► that are, when I have to use a third party provider

00:08:36 ◼   ► that I use a third party provider that is like,

00:08:38 ◼   ► has a good privacy policy and is being respectful,

00:08:43 ◼   ► like I try and do that and I feel like this system

00:08:47 ◼   ► in some ways, I just was getting frustrated

00:08:49 ◼   ► 'cause I don't, it's like if you check all the boxes,

00:08:52 ◼   ► if you're just like Facebook, then, like, oh well,

00:08:55 ◼   ► but if you, it's like the extreme version is obviously,

00:08:58 ◼   ► and I think there's been a lot of this,

00:09:00 ◼   ► like everyone loves when they're like,

00:09:02 ◼   ► I didn't have to check any boxes

00:09:03 ◼   ► and it's like data tracked, none.

00:09:05 ◼   ► And it's like as a badge of honor,

00:09:07 ◼   ► like I don't think that's actually practical

00:09:09 ◼   ► for a large swath of applications

00:09:12 ◼   ► if you're actually accounting for and like referencing

00:09:17 ◼   ► any possible interaction that you have in that application.

00:09:22 ◼   ► And so it's just a bit frustrating when I feel like,

00:09:24 ◼   ► I don't know, like I don't, I wanna click as little of these

00:09:28 ◼   ► as I possibly can, but, and I don't even really know

00:09:31 ◼   ► necessarily how many of them I do need to check

00:09:34 ◼   ► just because some of it's so ambiguous

00:09:36 ◼   ► and kind of confusing.

00:09:37 ◼   ► So it's been a slightly frustrating sort of period for me.

00:09:40 ◼   ► And especially I think doubly complicated by this,

00:09:44 ◼   ► so like in WidgetSmith recently,

00:09:46 ◼   ► I found myself in this position where like,

00:09:49 ◼   ► I wanted to collect some very basic information

00:09:53 ◼   ► about my users, which is like, it's analytics, right?

00:09:56 ◼   ► Like this is, and this is where you are confronted

00:09:59 ◼   ► by this question of like what's creepy

00:10:01 ◼   ► and what isn't creepy and how do I do this?

00:10:05 ◼   ► And I think what's especially complicated with WidgetSmith

00:10:07 ◼   ► is I have to collect, like I wanna collect private,

00:10:11 ◼   ► anonymous demographic information at scale immediately.

00:10:16 ◼   ► Like I'm, and I don't have an existing web service for this.

00:10:21 ◼   ► And so I've spent the last couple of weeks building

00:10:24 ◼   ► my own little like ultra privacy conscious tinfoil hat

00:10:29 ◼   ► wearing privacy framework.

00:10:32 ◼   ► And well, of course I have to share the name

00:10:34 ◼   ► because once I had the name it was perfect.

00:10:36 ◼   ► It's called Underlytics.

00:10:38 ◼   ► (laughing)

00:10:40 ◼   ► Which I loved because both my name

00:10:43 ◼   ► and the fact that it collects almost nothing,

00:10:46 ◼   ► but it collects just enough.

00:10:48 ◼   ► And it's just been really interesting to kind of think

00:10:50 ◼   ► through as I've been building this is,

00:10:52 ◼   ► it's like all I need is some very basic stuff.

00:10:54 ◼   ► Like I'm mostly I'm just looking at like,

00:10:56 ◼   ► what size phones do people have?

00:10:59 ◼   ► Because that's really, really helpful for me

00:11:01 ◼   ► as I develop things to make sure like if 2% of people

00:11:05 ◼   ► are using the iPhone SE screen and there's a feature

00:11:07 ◼   ► I wanna build that requires it,

00:11:10 ◼   ► like that would be awkward on that,

00:11:11 ◼   ► like I might not worry about it.

00:11:13 ◼   ► Or like those kinds of things.

00:11:15 ◼   ► And so it's like tracking that kind of information

00:11:18 ◼   ► is really interesting and kind of interesting

00:11:20 ◼   ► trying to as an engineering experience

00:11:22 ◼   ► has been kind of challenging too because,

00:11:25 ◼   ► you know, it's like I'm talking about building a system

00:11:28 ◼   ► that even though it only records sort of reports in

00:11:32 ◼   ► once a day I think is the way that I structured it

00:11:35 ◼   ► when I was building this, you know,

00:11:36 ◼   ► it's suddenly a system that has to deal with,

00:11:39 ◼   ► you know, sort of tens if not hundreds

00:11:41 ◼   ► of requests per second sort of out the gate.

00:11:44 ◼   ► And or even that was a question

00:11:47 ◼   ► because it's like part of me had this funny thought of this,

00:11:48 ◼   ► like I don't actually care about it.

00:11:50 ◼   ► I don't want, I don't really care about

00:11:52 ◼   ► any individual person's report

00:11:54 ◼   ► as I'm already immediately like anonymizing it

00:11:56 ◼   ► and like aggregating it immediately.

00:12:00 ◼   ► So maybe I'll just have, you know,

00:12:03 ◼   ► like a random number generator

00:12:04 ◼   ► and you only get to report analytics if you are, you know,

00:12:08 ◼   ► if you could get a one out of a one to 100 number generator

00:12:12 ◼   ► or something, so I just collect, you know,

00:12:14 ◼   ► a hundredth of the data, but it's probably

00:12:16 ◼   ► because it's randomized,

00:12:17 ◼   ► it's probably still statistically useful.

00:12:19 ◼   ► But anyway, so that's been my week.

00:12:22 ◼   ► It's kind of banging my head up against trying to,

00:12:25 ◼   ► like trying to do the right thing,

00:12:26 ◼   ► trying to be a good guy in this,

00:12:27 ◼   ► but being frustrated by the fact that I can't just,

00:12:31 ◼   ► I think most people would just say

00:12:32 ◼   ► you just drop Firebase or something, right?

00:12:34 ◼   ► Like all of these, like there's dozens

00:12:36 ◼   ► of these analytics frameworks

00:12:38 ◼   ► that you could just drop into your app.

00:12:39 ◼   ► But then it's like, if I do that,

00:12:41 ◼   ► I need to check like 12 boxes probably

00:12:43 ◼   ► in the privacy report, which is like frustrating.

00:12:47 ◼   ► And instead you have, and I'm spending a week

00:12:49 ◼   ► building something that like no user will ever see

00:12:53 ◼   ► and I barely see, but I have to be thoughtful

00:12:56 ◼   ► about it in the first place either way.

00:12:59 ◼   ► - We are sponsored this week by Pingdom from SolarWinds.

00:13:02 ◼   ► While you've been listening to this podcast,

00:13:03 ◼   ► how would you know if your website had gone down?

00:13:06 ◼   ► Would you know if customers couldn't click

00:13:07 ◼   ► that buy now button or access your content?

00:13:09 ◼   ► You might stumble across the problem by luck,

00:13:11 ◼   ► but that's no good.

00:13:12 ◼   ► You need a system to monitor.

00:13:13 ◼   ► You need something to tell you everything

00:13:15 ◼   ► is running smoothly on your site

00:13:17 ◼   ► and more importantly, when it's not.

00:13:19 ◼   ► You need Pingdom.

00:13:21 ◼   ► Pingdom detects around 13 million outages every month.

00:13:24 ◼   ► That's more than 400,000 outages every day.

00:13:27 ◼   ► They help keep your sites and the sites you love online.

00:13:30 ◼   ► I use Pingdom.

00:13:30 ◼   ► I've used them for probably a decade now.

00:13:33 ◼   ► I've used it to monitor like everything

00:13:35 ◼   ► that anybody would ever know that I made.

00:13:37 ◼   ► You can even use Pingdom to monitor sites that aren't yours.

00:13:40 ◼   ► Like if you wanna monitor like Apple's WBC site

00:13:43 ◼   ► for monitoring when things change

00:13:45 ◼   ► or monitoring when like a hot new item goes for sale

00:13:49 ◼   ► on a website, you can monitor that with Pingdom.

00:13:51 ◼   ► It's pretty cool.

00:13:52 ◼   ► So it doesn't matter if you're an individual

00:13:54 ◼   ► or a startup or a huge company.

00:13:55 ◼   ► You need alerts about any critical website issues

00:13:58 ◼   ► that you have and then you can customize

00:14:00 ◼   ► how you're alerted depending on the severity of an outage.

00:14:02 ◼   ► Plus, Pingdom can track and analyze your website's load time.

00:14:05 ◼   ► You can see what's affecting user experience.

00:14:07 ◼   ► So for sites of any size, you need Pingdom

00:14:10 ◼   ► and Pingdom has a no fuss approach to getting started.

00:14:12 ◼   ► All you need is the URL that you wanna monitor.

00:14:14 ◼   ► They take care of the rest.

00:14:16 ◼   ► Go to Pingdom.com/RelayFM right now

00:14:19 ◼   ► for a 14 day free trial with no credit card required.

00:14:23 ◼   ► When you wanna sign up, use the code radar at checkout

00:14:26 ◼   ► to get a huge 30% off your first invoice.

00:14:29 ◼   ► Thanks to Pingdom from SolarWinds

00:14:31 ◼   ► for their support of this show and RelayFM.

00:14:33 ◼   ► Yeah, for Overcast, I did something similar

00:14:37 ◼   ► but longer ago and much smaller scale

00:14:40 ◼   ► where I didn't wanna have any kind of third party

00:14:44 ◼   ► analytics frameworks in my app.

00:14:45 ◼   ► I did a long time ago, many years ago,

00:14:48 ◼   ► but I dropped those a while back

00:14:50 ◼   ► because it didn't feel right to have to embed

00:14:53 ◼   ► third party code and send stuff to some service

00:14:57 ◼   ► that I think at the time I used Crashlytics for a little while

00:15:00 ◼   ► I think it was owned by Twitter at the time.

00:15:02 ◼   ► It was a whole weird thing.

00:15:03 ◼   ► Why Twitter needs that, I don't know, but it doesn't matter.

00:15:07 ◼   ► And it was weird because it was collecting

00:15:11 ◼   ► way more information than I actually needed

00:15:13 ◼   ► and it was doing so in a way that was totally

00:15:16 ◼   ► out of my control both in the binary side of my app

00:15:18 ◼   ► and on the analytics side.

00:15:19 ◼   ► And so I decided back then, I'm just gonna build

00:15:22 ◼   ► something myself that's really basic and minimal.

00:15:24 ◼   ► And when you do that, yeah, it's a little bit of work,

00:15:27 ◼   ► you have to occasionally do things to it

00:15:28 ◼   ► and it isn't just as easy as dropping something in,

00:15:31 ◼   ► but you also retain full control over all the data

00:15:35 ◼   ► you're collecting, all the data you're not collecting,

00:15:37 ◼   ► and all the binary side of things.

00:15:39 ◼   ► I was able to make a really simple, elegant client side

00:15:43 ◼   ► version of how it collects this information

00:15:45 ◼   ► because I knew exactly what I needed and what I didn't.

00:15:47 ◼   ► Like for instance, as you are adding analytics events,

00:15:50 ◼   ► and I use it for things like not only whatever

00:15:54 ◼   ► your device size and OS version and stuff like that is,

00:15:56 ◼   ► which helps me decide what features to support

00:15:58 ◼   ► and what OS I need to support and everything,

00:16:00 ◼   ► I also use it for basic things like if you add a new podcast,

00:16:04 ◼   ► what region of the app did you get that from?

00:16:07 ◼   ► Did you get it from the search box?

00:16:08 ◼   ► Did you get it from the directory?

00:16:09 ◼   ► Did you get it by adding by URL?

00:16:11 ◼   ► That way I know what do people actually use?

00:16:14 ◼   ► Like from recommendations, and that helps me

00:16:16 ◼   ► make better recommendation features and stuff like that.

00:16:18 ◼   ► Like with this little technical detail I did was,

00:16:20 ◼   ► these things are just kept in memory until the next sync.

00:16:23 ◼   ► These events normally are added to a dispatch queue,

00:16:26 ◼   ► and the dispatch queue adds them to an array,

00:16:29 ◼   ► and during a sync, I just suspend the dispatch queue.

00:16:32 ◼   ► If the sync succeeds, I clear out the queue,

00:16:34 ◼   ► and no matter what, I resume the queue afterwards.

00:16:37 ◼   ► So these events never hit the disk,

00:16:40 ◼   ► and they take almost no memory.

00:16:43 ◼   ► I don't need to do a lot of complicated logic.

00:16:46 ◼   ► It's just super simple stuff like that.

00:16:47 ◼   ► And then on the server side, it's just a giant

00:16:51 ◼   ► analytics today table, and I have a cron job

00:16:54 ◼   ► that runs at midnight every day that takes

00:16:57 ◼   ► yesterday's analytics today table and just totals up

00:17:00 ◼   ► all the totals and inserts them into

00:17:02 ◼   ► the analytics archive table, which is just totals.

00:17:05 ◼   ► So I only have user-specific data for one day,

00:17:08 ◼   ► and I made a change back when Apple released

00:17:11 ◼   ► all these definitions a little while back.

00:17:14 ◼   ► I made a change.

00:17:15 ◼   ► It used to just be the table was user ID,

00:17:18 ◼   ► comma, event name, comma, event value, something like that.

00:17:21 ◼   ► Now it's just random ID, 'cause who cares?

00:17:23 ◼   ► And I have the devices now make a rotating ID,

00:17:28 ◼   ► 'cause I do wanna know if the same device

00:17:31 ◼   ► is reporting twice a day, I wanna know

00:17:34 ◼   ► that it was the same device, but I also don't care

00:17:36 ◼   ► who it was, and it doesn't matter at all.

00:17:39 ◼   ► And so I have a thing where devices just randomly,

00:17:41 ◼   ► roughly every couple of weeks, change their random ID.

00:17:46 ◼   ► And this is all stuff that I was able to do

00:17:47 ◼   ► because I control the entire stack of this thing,

00:17:50 ◼   ► and I know what I need and what I don't need.

00:17:51 ◼   ► I knew that it doesn't really matter if the app crashes

00:17:55 ◼   ► before it sent a certain event, and that's why

00:17:57 ◼   ► I don't have to persist it to a disk, because I don't care.

00:18:01 ◼   ► It's like, none of these stats are that important.

00:18:03 ◼   ► I just need, as you were saying, you just need

00:18:05 ◼   ► like one out of 100, I just need like general,

00:18:07 ◼   ► gross, aggregate totals of things.

00:18:09 ◼   ► I need to know, do a lot of people use this thing,

00:18:12 ◼   ► or does almost no one use this thing?

00:18:14 ◼   ► Do a lot of people still use iOS 12,

00:18:16 ◼   ► or does almost no one still use iOS 12?

00:18:17 ◼   ► That's the kind of stuff I need to know.

00:18:19 ◼   ► And so I'm able to do really minimal, basic stuff

00:18:23 ◼   ► on both sides, and because I wrote and maintain all of it,

00:18:28 ◼   ► when something like this comes up from Apple,

00:18:29 ◼   ► where they wanna know what I do,

00:18:31 ◼   ► I can answer the questions almost immediately.

00:18:33 ◼   ► I had to look up almost nothing about what I did here,

00:18:35 ◼   ► because I just know, because I wrote it,

00:18:38 ◼   ► like I know exactly what it does,

00:18:40 ◼   ► I know exactly what it doesn't do,

00:18:41 ◼   ► and there's a lot of power to that,

00:18:43 ◼   ► even though, yeah, my graphs are hideously ugly

00:18:46 ◼   ► on my little admin control panel,

00:18:48 ◼   ► the whole system is hideously ugly.

00:18:50 ◼   ► I don't have all the features that something fancier

00:18:52 ◼   ► might have, but I don't need that.

00:18:55 ◼   ► I'm perfectly happy with the information I have

00:18:57 ◼   ► of just like roughly, you know, OS versions,

00:19:00 ◼   ► and how many people use like the send to watch feature,

00:19:02 ◼   ► and stuff like that.

00:19:04 ◼   ► - Yeah, and I think what's, obviously,

00:19:05 ◼   ► I imagine at some point, this is what Apple would love

00:19:08 ◼   ► for every developer to do, right,

00:19:09 ◼   ► is this, if you take a thoughtful approach

00:19:12 ◼   ► about what actual data, I mean, and Apple,

00:19:14 ◼   ► every, like every year at WDC, there's a talk about privacy,

00:19:18 ◼   ► and this is always their refrain, is it's like,

00:19:20 ◼   ► collect only what you need, keep it for only as long

00:19:23 ◼   ► as you need it, and like, be thoughtful

00:19:26 ◼   ► about why you need it.

00:19:28 ◼   ► And very much, I think, what their hope is,

00:19:31 ◼   ► but like, by making this be something that we have

00:19:34 ◼   ► to actually disclose is something that they're hoping

00:19:38 ◼   ► that people are, increase the level of thoughtfulness

00:19:40 ◼   ► that people have about it, and it is certainly

00:19:42 ◼   ► an interesting exercise, and I think what has been

00:19:44 ◼   ► most fascinating to me is understanding, too,

00:19:46 ◼   ► is it's, if you take a hard look at what you're actually

00:19:51 ◼   ► needing, is like, how, the degree to which you can boil down

00:19:55 ◼   ► the information that you actually want

00:19:57 ◼   ► from something that is potentially more of a privacy concern

00:20:01 ◼   ► to something that is less of a privacy concern,

00:20:03 ◼   ► like, do you actually need the count of something,

00:20:05 ◼   ► or do you just need the proportion of something?

00:20:08 ◼   ► 'Cause proportion is sort of fundamentally,

00:20:11 ◼   ► it's like, it's another level of sort of obfuscation

00:20:15 ◼   ► of the data, rather than, even to, even obviously,

00:20:18 ◼   ► like, if it isn't something that's specifically tied

00:20:20 ◼   ► to someone or is, you know, is dealt with in that way,

00:20:24 ◼   ► like, if you end up with something that is a proportion,

00:20:26 ◼   ► it is just, you know, it's less specific,

00:20:29 ◼   ► and you're just increasingly, like, adding these

00:20:31 ◼   ► fuzz factors to what you're seeing, but if it's still useful

00:20:34 ◼   ► to you, like, the fact that knowing that some, you know,

00:20:36 ◼   ► 40% of people did something versus knowing that it's,

00:20:40 ◼   ► you know, 36,201 people did it, like, that is something

00:20:44 ◼   ► that if you don't need that data, then don't keep that data.

00:20:47 ◼   ► And also, like, it was interesting, too, when I was going

00:20:51 ◼   ► through this exercise, is how most analytics,

00:20:54 ◼   ► I only need for a day at a time, which, like,

00:20:59 ◼   ► conceptually, and originally I thought it was like,

00:21:01 ◼   ► oh, you know, do I need to have, how do I deal with storage

00:21:03 ◼   ► of something like this, and it's like, well,

00:21:05 ◼   ► if you just don't store it, if you just keep the current

00:21:07 ◼   ► day's data, and then at the next day, like, the old data

00:21:11 ◼   ► goes away, and there's just the new data, like,

00:21:13 ◼   ► that's probably fine for 90% of what kind of analytics

00:21:16 ◼   ► you need are, and if you need the long-term stuff,

00:21:20 ◼   ► you can always go to Apple's own analytics system,

00:21:22 ◼   ► and look at that, and it'll give you a lot of this kind

00:21:24 ◼   ► of information, but I think that part of this exercise

00:21:28 ◼   ► has certainly been nice, that this sort of being thoughtful

00:21:30 ◼   ► about it, and like, do you actually need it,

00:21:31 ◼   ► what actually data do you want, but, yeah, and it's,

00:21:36 ◼   ► I don't know, it's a weird, I just feel, I have such this,

00:21:38 ◼   ► this weird mixed feeling about Apple's sort of stance here

00:21:41 ◼   ► on privacy, and then wanting to have these labels be useful,

00:21:44 ◼   ► but it's either something where you're being super thoughtful

00:21:47 ◼   ► and you have, like, three things in there, and in some ways,

00:21:50 ◼   ► those three things, like, stand out and make me feel,

00:21:52 ◼   ► like, guilty, but if I just went in and checked, like,

00:21:56 ◼   ► 20 check boxes, and just said, like, eh, I collect

00:21:58 ◼   ► a bunch of stuff, it may not actually, it may actually

00:22:02 ◼   ► look less suspicious in some ways, I don't know, like,

00:22:06 ◼   ► but it's been an interesting process, for sure,

00:22:08 ◼   ► and I do kind of wish that Apple had, or someone, honestly,

00:22:13 ◼   ► had a more sort of, like, took an approach to privacy

00:22:17 ◼   ► and did a lot of this work so that individual developers

00:22:22 ◼   ► didn't have to, like, I found myself, as I was going

00:22:24 ◼   ► through this process, too, like, really missing iAd,

00:22:29 ◼   ► Apple's old, now defunct advertising framework,

00:22:33 ◼   ► because when I used it, the primary reason why I used iAd

00:22:38 ◼   ► back in the day was because I didn't have to worry

00:22:41 ◼   ► that Apple was being shady and doing weird stuff

00:22:44 ◼   ► with Apple's, with, you know, with my users' data

00:22:47 ◼   ► when they showed, when I showed ads in my applications,

00:22:50 ◼   ► and it's like, in the current world, in the current climate,

00:22:54 ◼   ► like, I really kind of wish that Apple brought that back,

00:22:57 ◼   ► and it gave users, like, developers a place to say,

00:23:01 ◼   ► if you care about privacy, you can put in this ad framework,

00:23:04 ◼   ► and it's not gonna do anything weird, it's not gonna be,

00:23:08 ◼   ► you know, it's not, it's gonna be respectful

00:23:10 ◼   ► of users' privacy, and you'll still, like, you know,

00:23:14 ◼   ► you'll make reasonable money, and everybody wins,

00:23:16 ◼   ► but it really is frustrating to me that those kind

00:23:19 ◼   ► of services don't exist, and you end up with either,

00:23:21 ◼   ► with, like, using Google's AdSense and AdMob and things,

00:23:25 ◼   ► which are, like, fine in the sense that I think, you know,

00:23:29 ◼   ► Google is reasonably transparent about what they're doing,

00:23:32 ◼   ► and hopefully what they're doing is reasonable.

00:23:34 ◼   ► It's like, or you have to take an approach

00:23:36 ◼   ► like what you're doing, where you have, like,

00:23:37 ◼   ► a totally custom advertising system,

00:23:39 ◼   ► which I don't think scales particularly well--

00:23:41 ◼   ► - Nope.

00:23:42 ◼   ► - To a lot of use cases.

00:23:44 ◼   ► - It's great for me.

00:23:45 ◼   ► - Yeah. (laughs)

00:23:46 ◼   ► But it's like, man, I just wish I, I wish I,

00:23:49 ◼   ► like, that would be, it's too early in the year

00:23:52 ◼   ► to start having our, like, wish casting for WWDC 2021,

00:23:55 ◼   ► but man, the return of iAd is high on my list, I think,

00:23:59 ◼   ► after going through this advertising

00:24:01 ◼   ► and tracking, like, experience.

00:24:03 ◼   ► - I don't, I wouldn't hold my breath on that.

00:24:05 ◼   ► If for nothing else, like, imagine the antitrust allegations

00:24:09 ◼   ► if, like, Apple made all their advertising

00:24:11 ◼   ► on the phone much harder, and then launched

00:24:13 ◼   ► their own network again. (laughs)

00:24:15 ◼   ► That's, that wouldn't fly.

00:24:17 ◼   ► - You just ruined my whole year, Mark.

00:24:19 ◼   ► It's never coming, you're right.

00:24:20 ◼   ► - Even if Apple wanted to get back into it,

00:24:22 ◼   ► which I think they very much don't,

00:24:24 ◼   ► they would never do that. (laughs)

00:24:27 ◼   ► - That would be a bad situation.

00:24:28 ◼   ► That is a pretty bad look, it's true.

00:24:31 ◼   ► So instead, like, we're stuck.

00:24:32 ◼   ► Like, I wish there was a better solution

00:24:34 ◼   ► for so much of this stuff, like, but there just isn't.

00:24:37 ◼   ► - One of the great things about all this privacy stuff

00:24:39 ◼   ► is that it creates demand for better stuff like this.

00:24:41 ◼   ► Like, right now, if I were to actually have my stuff

00:24:45 ◼   ► together, or you wanted to, like, actually release

00:24:49 ◼   ► your analytics package, or I wanted to actually release

00:24:51 ◼   ► my analytics package for anybody to use, which I can't,

00:24:54 ◼   ► it's just, it's not in my app, it's too custom.

00:24:55 ◼   ► But, like, you know, this is a great time

00:24:59 ◼   ► for a new open source, freely downloadable,

00:25:02 ◼   ► self-hosted, free analytics package to take over the world.

00:25:06 ◼   ► 'Cause, like, right now there's massive demand

00:25:08 ◼   ► created for that.

00:25:09 ◼   ► And that's one of the great things about, like,

00:25:11 ◼   ► whenever something like this, or, you know,

00:25:13 ◼   ► back when GDPR and CCPA laws came into effect,

00:25:18 ◼   ► everyone all of a sudden had to evaluate.

00:25:20 ◼   ► And they had to do, like, what you were saying

00:25:21 ◼   ► a few minutes ago of, like, think about,

00:25:23 ◼   ► do I really need to collect this information?

00:25:25 ◼   ► Like, back when all that stuff went around,

00:25:27 ◼   ► I stopped doing anything related to IP addresses.

00:25:29 ◼   ► 'Cause IP addresses are personal identifiable information.

00:25:32 ◼   ► And some of it's unavoidable, like, you know,

00:25:34 ◼   ► when somebody makes a request to my sync server,

00:25:37 ◼   ► I can see their IP address.

00:25:39 ◼   ► It's part of how networking works.

00:25:41 ◼   ► But I stopped, I removed it from all logs on my servers.

00:25:46 ◼   ► And I used to even save, like, the last IP

00:25:50 ◼   ► on login tokens back forever ago.

00:25:52 ◼   ► 'Cause I figured this might be useful someday

00:25:54 ◼   ► to help detect some kind of abuse problems,

00:25:56 ◼   ► or fraud, or who knows what.

00:25:58 ◼   ► And it was, I never needed it.

00:25:59 ◼   ► And so, when GDPR came around, I just dropped all that data,

00:26:02 ◼   ► I dropped the IP logging from the web server logs,

00:26:05 ◼   ► I dropped anything, like, I was even using it

00:26:07 ◼   ► for rate limiting, and I just switched rate limiting stuff

00:26:11 ◼   ► instead of using the IP address to use the user ID.

00:26:14 ◼   ► And nothing happened.

00:26:15 ◼   ► Like, I lost no functionality, I lost,

00:26:17 ◼   ► no abuse became possible that wasn't possible before,

00:26:20 ◼   ► or at least nobody did anything with it.

00:26:22 ◼   ► Like, it was fine.

00:26:23 ◼   ► Like, everything was fine.

00:26:24 ◼   ► So I had this information before,

00:26:27 ◼   ► then I stopped collecting it, and stopped logging it,

00:26:29 ◼   ► and nothing bad happened to me.

00:26:31 ◼   ► I was just able to then say, all right,

00:26:33 ◼   ► this is not something I collect anymore.

00:26:35 ◼   ► And the more that we have in the legal, or regulatory,

00:26:39 ◼   ► or platform rules environment that can push developers

00:26:44 ◼   ► towards making decisions like that, the better we all are.

00:26:47 ◼   ► I think, you know, design questions aside,

00:26:50 ◼   ► like, again, I do think that the design of this

00:26:52 ◼   ► is too information heavy, basically,

00:26:56 ◼   ► and it kind of bores you into not paying attention

00:27:00 ◼   ► by how much they're telling you.

00:27:02 ◼   ► But overall, the concept of having these kind of

00:27:06 ◼   ► at privacy labels, I think is a very good thing.

00:27:09 ◼   ► And while most consumers won't care, and won't look,

00:27:13 ◼   ► and if they do look, they won't know, or understand,

00:27:16 ◼   ► or care what's in it, but for the few people

00:27:18 ◼   ► that do look and care, this can be something

00:27:21 ◼   ► that makes your app stand out from the rest.

00:27:22 ◼   ► Like, I looked at what other podcast apps

00:27:24 ◼   ► have in their list, woo!

00:27:27 ◼   ► - Yeah. - I was surprised to see

00:27:29 ◼   ► some of, how bad some of them were.

00:27:31 ◼   ► (laughs)

00:27:32 ◼   ► So, you know, for the few people who care,

00:27:35 ◼   ► this can be a competitive advantage for you,

00:27:36 ◼   ► and even if that's a very small number,

00:27:38 ◼   ► and even if you only ever get one or two extra downloads

00:27:41 ◼   ► because of the choices you made on this,

00:27:43 ◼   ► it's better for you.

00:27:44 ◼   ► You have less private information, you collect less data,

00:27:47 ◼   ► you have to store less data, you have to be concerned

00:27:50 ◼   ► and liable about less data if you ever get hacked,

00:27:53 ◼   ► or leaks, something like that.

00:27:54 ◼   ► So this is a good thing overall, even though

00:27:57 ◼   ► the implementation's a little bit iffy sometimes.

00:27:59 ◼   ► - Yeah, and I certainly agree.

00:28:01 ◼   ► I think it's a good thing, I just wish,

00:28:03 ◼   ► yeah, it feels like this is only half the solution,

00:28:07 ◼   ► and I really hope that Apple doesn't think that,

00:28:09 ◼   ► oh, we've done it, our privacy labels and we're sorted.

00:28:12 ◼   ► I hope there's a big strong redesign or clearer guides

00:28:16 ◼   ► or automating for some of this stuff.

00:28:18 ◼   ► You could imagine a world where they are pre-populating

00:28:21 ◼   ► some of your answers based on scanning

00:28:23 ◼   ► what third-party libraries are in your application.

00:28:26 ◼   ► I feel like there's a lot of things here

00:28:27 ◼   ► that would be helpful, in the same way that you do

00:28:30 ◼   ► with your thing where you say, this is Libsyn,

00:28:33 ◼   ► this is what this app does.

00:28:35 ◼   ► I feel like a lot of static analysis

00:28:37 ◼   ► could be done to potentially identify things like that

00:28:40 ◼   ► and make this process more straightforward,

00:28:42 ◼   ► because the goal is so admirable and so, I think, necessary,

00:28:47 ◼   ► but the mechanics and the process of it

00:28:49 ◼   ► could be so much more improved,

00:28:51 ◼   ► and I look forward to hopefully that happening.

00:28:55 ◼   ► - Thanks for listening, everybody,

00:28:56 ◼   ► and we'll talk to you in two weeks.

00:28:58 ◼   ► - Bye.

00:28:59 ◼   ► [ Silence ]