Apps that leak personal data and a change in android licensing: Will we change how we build software?

Jan 31, 2014
Vote on Hacker News

As we work on our software and applications it is always good to pause and look at how some news could, or should, affect our ecosystem. Two separate pieces came out this week that will likely have some influence on how our products work and how they are distributed.

First, I am sure you read about the latest revelations from Edward Snowden showing that the National Security Agency and GCHQ are able to collect and analyze geo-locified data from games such as Angry Birds. According to the article in the Guardian, the data pouring onto communication networks from the new generation of iPhone and Android apps ranges from phone model and screen size to personal details such as age, gender and location. Some apps, the documents state, can share users’ most sensitive information such as sexual orientation – and one app recorded in the material even sends specific sexual preferences such as whether or not the user may be a swinger.

Now that brings gamification to a whole new level!

As soon as the article was published, the well-know game of “passing the buck” started. At the moment Rovio claims no involvement with any spying agency and puts the blame on the advertising networks. Other apps that were mentioned in the report have not been as quick to respond yet. The media will once again focus on and lament about our lack of privacy and at this stage, could we simply admit that the horse has been beaten to a pulp, revived, beaten again, and is soundly dead. Privacy as we used to know it is gone and unless people decide to take steps about reclaiming it, writing about it will not get us anywhere.

However, there isn’t much concern about a bigger, latent problem that this latest NSA leak highlights: Why, as app makers, are we collecting, transferring, and storing so much data? Behind the falacious argument of “we are collecting this data to provide you with a better service…” lies (pun intended) the real reason: This data is only valuable to Ad Networks and resellers. App makers need to recoup their costs at some point and there is no way you can sustain a team on a 99 cents app so revenue has to come from elsewhere. All this data, often collected without the knowledge of the user, is a gold mine for advertisers.

In that sense, Rovio might be telling the truth: maybe they were not the ones at fault in leaking the data, however, just like many other manufacturers (I’m looking at you Google Maps) they were collecting data that is absolutely irrelevant to how their application would perform (really,my contacts are needed to give me my location on a map?).

With iOS enabling auto-updates, you have to worry about why extra data could all of a sudden be collected from users without them being able to know that the collection and dissemination policies have changed. We are starting to see a major shift towards customers who are willing to pay a premium to no longer have to worry about their data being shared with advertisers. In terms of the app market it could soon translate into 2 categories of apps:

  1. Public Apps where you can be sure that all your data will be used to market anything and everything your way based on your latest movements and actions.
  2. Private Apps where you pay a premium to not only have your information stay private to the app but also to have the reassurance that only the most relevant data is stored.

While our monetization paths may be changing, another news item may mark a shift in how we work; this time on the platform side. For the past few years Samsung and an Alliance of manufacturers have been working really hard in bringing to the market a new operating system known (in its latest name) as Tizen. And while even Godot was more present than the devices, the Tizen alliance was working really hard to create a new ecosystem. It culminated with a Tizen challenge with million dollars in prizes.

Then things started to go dark and silent. The Challenge was pushed back several times and no one knows when the results will be announced. More troubling that is that the device manufacturers have still not announced when the first Tizen-enabled devices will come out and in which market. At this stage it’s just speculations. Samsung seems to be holding the reigns but very few news are trickling out. Samsung has called for a press conference during Mobile World congress so there may be hope but one piece of news might change this: This week, Samsung signed a new collaboration agreement with Google.

Samsung Electronics and Google Inc. furthered their long-term cooperative partnership with a global patent cross-license agreement covering a broad range of technologies and business areas. The mutually beneficial agreement covers the two companies’ existing patents as well as those filed over the next 10 years.

Let’s not beat around the bush, one of the main drivers behind Tizen was to give a few manufacturers and carriers the ability to use a royalty-free. Operating System on their devices. With the new agreement in place, does it make sense for Samsung to keep Tizen alive? Not likely because:

  • There is no eco-system as of yet. And as much as Windows is maligned for its lack of apps, Tizen even had fewer.
  • The current application deployment process is a nightmare. A minimum of 3 logins needed, devices that are not fully functional, to create and deploy on Tizen takes an act of faith. With challenges’ results and device releases delayed, more and more developers will lose the faith.
  • It makes the manufacturing process more complex: Different OS means different architectures and chipsets so the whole design/build/deployment process has to be modified and realistically, the only people who need to a new mobile iOS are the manufacturers at this time.

The very nice part of HTML5 is that we can develop applications that work cross-devices so we are, in a sense, a bit immune to the ecosystem wars that the manufacturers are entering into. Should Tizen be shut down (and claiming that it will be refocused on connected devices will be as good as shutting it down) it will only reinforce the movement towards building cross-platforms app which, in turn, will be better for the customer. The interesting challenge will be for the device manufacturers who will need to find ways to compete against each others without turning their products into commodities. We may be entering the age of true hybrid applications where the core features of the app revolve around HTML5 and a few, select, features rely on a deeper access to the devices via a set of proprietary APIs. A specialized Cordova of sorts.

2014 is promising to bring in a lot of changes that will alter how our applications are built and where they are sold. Feel free to share how you are handling the privacy bit, I am sure readers would love to know who is deploying more secured applications!