Fabric / Crashlytics GDPR
448 views
Skip to first unread message
gdel...@blissapplications.com
Apr 12, 2019, 10:59:18 AM4/12/19
to Firebase Google Group
In our Fabric console App Settings we have 3 privacy toggles:
1. Enable/Disable Privacy Prompt
2. Enable/Disable IP Address Tracking
3. Enable/Disable Crash Insights
I'm only interested in basic crash reports, no Answers, no custom Key/Value crash reports - just pure stack trace - like in Logcat.
Does Google anonymize this data by default? If it does, why bother asking for users permission (honest question)?
I've search it a bit and I found that IP Address Tracking it's anonymized here.
When I toggle OFF Crash Insights it pops up a warning saying:
So this brings us to:
2. IP Address Tracking - anonymized
3. Crash Insights - anonymized
Only one question left:
1. Privacy Prompt - do we really need it?
Is Fabric saying we shouldn't bother with this?
We have a help button that point us to Fabric Docs. Actually, this alone doesn't help much, because we need to change our instantiation to:
And this is what will enable the Crashlytics Privacy Dialog. I found it thanks to this post.
Unfortunately this alone doesn't answer my question. Finally the docs states:
Is this only an issue for iOS? Android doesn't seem to have personal data (like UDID) being sent. If everything (for Crashlytics) is anonymized why bother with Privacy Prompt in Android? How about iOS, should I ask for permission due to UDID?
EDIT: after reading my post again I've noticed that Fabric doesn't ask for the `UDID`, it askes for UUID. So, saying that, I guess we don't need to ask for permission, there's no personal data being shared.
1. Enable/Disable Privacy Prompt
2. Enable/Disable IP Address Tracking
3. Enable/Disable Crash Insights
I'm only interested in basic crash reports, no Answers, no custom Key/Value crash reports - just pure stack trace - like in Logcat.
Am I completely legal just by doing this?:
Fabric.with(this, new Crashlytics());Does Google anonymize this data by default? If it does, why bother asking for users permission (honest question)?
I've search it a bit and I found that IP Address Tracking it's anonymized here.
When I toggle OFF Crash Insights it pops up a warning saying:
Your anonymized crash data can be used to identify crash trends across
apps using Crashlytics. We use this information to surface insights on
your issues. We recommend leaving this enabled so you can triage
crashes more quickly.
Are you sure you want to disable this feature?
Note: Disabling data sharing will also remove insights on your issues.
Changes may take up to 24 hours to take effect.
So this brings us to:
2. IP Address Tracking - anonymized
3. Crash Insights - anonymized
Only one question left:
1. Privacy Prompt - do we really need it?
If we toggle it ON:
When a crash occurs in any version of [our app name], this will ask your users if that crash should be reported.
But, wait for it...
Our analytics data shows that most users will decline to report crashes, so we recommend leaving this disabled.
Is Fabric saying we shouldn't bother with this?
We have a help button that point us to Fabric Docs. Actually, this alone doesn't help much, because we need to change our instantiation to:
final CrashlyticsCore core = new CrashlyticsCore
.Builder()
.listener(new CrashlyticsListener() {
@Override
public void crashlyticsDidDetectCrashDuringPreviousExecution() {
}
})
.build();
Fabric.with(this, new Crashlytics.Builder().core(core).build());And this is what will enable the Crashlytics Privacy Dialog. I found it thanks to this post.
Unfortunately this alone doesn't answer my question. Finally the docs states:
Crashlytics
Personal Data collected:
Installation UUID
Crash traces
How data helps provide the service:
Helping a customer associate crash data with specific instances of their app.
Retention:
Crash traces and their associated identifiers are kept for 90 days.
Is this only an issue for iOS? Android doesn't seem to have personal data (like UDID) being sent. If everything (for Crashlytics) is anonymized why bother with Privacy Prompt in Android? How about iOS, should I ask for permission due to UDID?
EDIT: after reading my post again I've noticed that Fabric doesn't ask for the `UDID`, it askes for UUID. So, saying that, I guess we don't need to ask for permission, there's no personal data being shared.
Thanks.
gdel...@blissapplications.com
Apr 12, 2019, 12:30:24 PM4/12/19
to Firebase Google Group
Am I correct with this assumption?
sexta-feira, 12 de Abril de 2019 às 15:59:18 UTC+1, gdel...@blissapplications.com escreveu:
EDIT: after reading my post again I've noticed that Fabric doesn't ask for the UDID, it askes for UUID. So, saying that, I guess we don't need to ask for permission, there's no personal data being shared.
Jamie Corkhill
Apr 13, 2019, 12:46:34 AM4/13/19
to fireba...@googlegroups.com
I'm interested in this as well, although I'm using React Native Firebase.
Just to be safe, I'd likely ask for consent regardless, although you'll like lose data.
With that said, I'm not sure, but I believe there have been little to no occurrences of lawsuits taken out against business/developers for non-compliancy. That doesn't mean not to worry about it, however.
--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/f723a59f-5426-4027-9c6d-a78af6b2d6b3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Franziska Oflak
Apr 16, 2019, 9:58:49 AM4/16/19
to fireba...@googlegroups.com
You might have a look at https://github.com/ACRA/acra if you are looking for something fully GDPR-compliant
🤔
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/CAGwrBJrKo2RehZVW%2B1A9UOxFm9UQsigNnw%3DfHq79GvVjQ43b0Q%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages