Ethics of app phoning home

Hey guys

I’m about to release a small app for free but am considering adding a small call to an api that simply logs the time and date that the app was run.

It’s kinda just for my own motivational (read vanity metrics) but is it kinda unethical?

Unless you display a message of what will be sent for information and provide the user with an option to participate or not, yes, I believe it is unethical to log usage without the user’s consent.

This all falls on a spectrum from invasive tracking to benign telemetry. The most ethical approach in all cases is to disclose what you intend to do, why, and what will be done with the data once you have it and then keep the user in choice by letting them opt into or opt out of the logging at any time.

My experience is that receiving user data of any kind is a burden you don’t want if it can be avoided. The responsibility to handle user data correctly and conform to laws around the world (especially the EU) is significant.

Regardless of the level of disclosure you choose, I recommend ensuring that nothing that identifies the user/customer is sent to your server. Also make sure none of their data and/or content is sent to your server. If you don’t have it, it cannot be hacked or become the target of a subpoena. Regardless of the content everything should be sent over a secure connection (https://).

Make sure your app will continue to operate if your server should go down or disappear. You don’t want the absence of your server to brick the app.

And finally, make sure the payload is small and rate-limited. Even though may people have good bandwidth speed and data limits, in some places (e.g. remote communities, cellular hotspots) reliable internet service is not a given.

2 Likes

Thanks All for the detailed responses.