From Fabric to Firebase — on the road with GDPR
In Schibsted, where I work as an Android Developer, we care about users a lot. All decisions we’ve made so far are based on user tests and face to face meetings. So, for the first time, I thought I’m all good, and that there isn’t much of work ahead of me. Unsurprisingly, I was wrong.
I am going to share with you some of my findings and thoughts. Keep reading, if you are interested or skip to the last part, where I am listing all interesting resources regarding privacy and Fabric/Firebase.
Disclaimer: I am not a GDPR expert and what I have described here is based on my own experience and findings. Every app is different and might have differences needs. Think about this article as a starting point, not as an ultimate and final solution.
When you create your app, as a developer, you care about its performance and keeping app in a good shape, right? Of course you do. To make that happen we need tools. Most popular tool I know is Fabric. In my opinion they have the best crash reporter called Crashlytics and a very nice tool for measuring usage of the app and the adaption level of your next versions called Answers. That’s exactly what I have been using.
On 27th of March 2018 Fabric updated their terms for GDPR. Shortly before that, they also announced shutting down Audience in Fabric, effectively 1 month before GDPR goes live.
From the start I was wondering how long they are going to store data, and if there is any personal data stored that I am not aware of.
How long does Fabric store data?
- Answers — a few days ago I would give you a simple answer — 30 days because that’s what I was told by one of the Fabric team members, and that’s what I found in the Fabric docs; but while I was writing this post I found out that docs have been updated with the new information about 180 days of data storage. I’ve contacted Fabric and they told me that data is available for 30 days in dashboard and 180 days for their backup purposes.
- Crashlytics — data is stored for 90 days
Is there any personal data collected by Fabric automatically?
I will start answering with the following question: have you ever wondered how Audience knows demographic details about your user or their interests? It’s because of Android Advertising Id (AAID) that most tracking SDKs are using. That identifier is retrieved using Google Services API and it’s controlled by the user on his/her device.
You should be aware that IP address is also considered as personal data and in Fabric settings there is a switch: Disable IP Address Tracking. It’s probably ON in your project, so check it out and consider disabling it.
Do I store any personal data?
If you ask yourself this question you should check how did you log events or set keys associated with your crash reports for the last 90 days.
If you find any personal data(any kind of identifiers directly or indirectly connected with user data) it should be deleted before May 25th. Now we get to the tricky part.
How do I delete personal data associated with crash reports?
You can’t. That is the sad truth. But do not despair. Here is what you should do. By the way, this is the solution I received from a Fabric team member.
- Make sure you stop collecting personal data in your code.
- Setup a new Fabric account or switch to Firebase
- Release a new version of your app ASAP
- When you hit a high adoption level with your new app version (before GDPR is live), delete the old Fabric account, therefore personal data will be deleted as well
What if I need to keep using personal data to identify issues and fix bugs?
That’s completely understandable reason. In this case you should discuss it with your legal department and product owner. Then implement opt-in solution in the app. Before you start collecting any data you have to inform user why you need it and let him choose to let you use it or not.
There might be situations when you don’t necessary need to know the value, so in order to distinguish it from the other reports, simply anonymise it.
We had some identifiers connected indirectly with users which we used to fix bugs. However, they were not anonymised so we had to delete existing Fabric accounts and setup a new one. That’s how we got to the point where we had to choose between Fabric and Firebase. I’ve decided to choose the second one. Here is why:
- We already used Firebase for notifications, so keeping two platforms makes no sense. That is the main reason.
- Google decided to migrate Crashlytics to Firebase. This is just my hunch that at some point in the future Fabric will be gone. I could be wrong of course. We will see :)
How Fabric’s Crashlytics is different from Firebase’s Crashlytics?
It’s almost the same. You will still use same SDK. Key differences for me are:
- There is no need to use any credentials explicitly, Crashlytics is authorised by the Firebase SDK
- You don’t have to initialise Crashlytics in the code. It is done automatically if you have a dependency set up. However, it’s optional to do it manually in the code and you will probably do it to let user decide if they accept reporting crashes.
- Firebase has no Privacy Dialog that could be enabled like in Fabric. Google recommends to implement the opt-in approach.
What about Fabric Answers? I still need this kind of data.
I needed that too. Therefore, I decided to use Google Analytics for Firebase. In fact, when you add firebase-core dependency for Crashlytics you will have Analytics enabled by default.
Is Google Analytics for Firebase GDPR compliant?
Yes, it is. Although, it uses AAID. Fortunately, it is possible to disable it and I did it in my project adding a single line to AndroidManifext.xml.
<meta-data android:name="google_analytics_adid_collection_enabled" android:value="false" />
You should also know that user’s IP addresses are anonymised by default. I have found that information here, in Firebase Google Group (added link 26.05.2018)
How can I let my users opt-in to Google Analytics for Firebase?
First of all you have to disable automatic data collection:
<meta-data android:name="firebase_analytics_collection_enabled" android:value="false" />
Then you can control from the code when analytics should be on or off with a single line of code:
Are there any extra settings in Firebase I should be aware of?
Yes. If you decide to use Google Analytics for Firebase you should check sharing options this feature provides. How to get there?
- Open Firebase Console
- Open the Project settings
- Click on the tab Data Privacy
- Click on the Analytics Settings link
What if I want both Fabric and Firebase?
That is possible. Google offers such feature. In this case data will be collected on user’s device once and send to both platforms. I haven’t followed that road, so I am leaving you with docs where you find more info.