The High Costs of Free SDKs

open-source

In this day and age of massive data collection, data security and privacy are top of mind for many enterprises and consumers. The concern centers around the collection and use of Personally identifiable information (PII) / sensitive personal information (SPI).
iOS-androidEnterprises that ship mobile apps need to be careful which third-party libraries and SDKs are included during the development stage. The issue is that many tools are available for free, but end up harvesting user data in order to monetize it through targeted advertising. The vast majority of the time this is against the legal policy of the enterprise, as well as the end user license agreement (EULA) between the company’s software and its end users.Developers often have no idea this is happening behind the scenes for two reasons:

  1. SDKs are black boxes, so the harvesting of the data is hidden from the developer; and,
  2. to download the SDK, the developer signs up and agrees unknowingly to terms and conditions (click-through agreements) permitting the practice.

The realization that developer freeware is exposing your customer data causes alarm. To prevent this from happening, digital leads should audit which service providers are in use, especially those that do not require payment or a subscription fee. Any third-party code or SDKs that did not receive sign off from legal should be removed immediately. Your legal professionals should review the terms and conditions.

EU & COPPA

This practice is even more problematic for global enterprises, as well as enterprises that may have end users under the age of 13.
The Data Protection Directive outlines movement of personal data within the European Union. The replacement for Safe Harbor, EU-US Privacy Shield, still under legal scrutiny, outlines the transfer of that data to the US. Free tools will often try to get around the EU restrictions by requiring the developer to prompt the end-user for permission to release their personal information. In practice, this almost never happens for the reasons mentioned before: developers do not read the terms and product managers aren’t aware of the requirement. This puts enterprises out of compliance with data privacy laws in the EU.
Finally, companies that collect data from minors must comply with the Children’s Online Privacy Protection Rule (COPPA). Companies that harvest user information behind the scenes are not COPPA compliant. Parental consent must be given, along with many other requirements, in order to collect PII/SPI from minors.

Summary

While it can seem daunting to keep up with the latest regulations regarding data security and privacy, enterprises can deploy a proper vetting process to get ahead of any issues with their apps. It is recommended that you review the third-party tools embedded in your apps, make sure your team is educated on the legal requirements, and ensure you’re in compliance with local regulations.

Welcome to KaCyber Blog

Welcome

KaCyber for Business. Bridging the digital divide within sub-Saharan Africa.

Do you own a business or plan to have an event? KaCyber is the best way to connect with people who care about your business!

Right now on KaCyber someone could be looking for #Fun #Things2Do #Hotel #Restaurant or #anything nearby proper or within your proximity.

On KaCyber, business owners can showcase their products and services or engage an audience that is craving for discovering new stuff!

Create a business account today to discover how powerful and efficiently we can help you connect with customers. Register at http://joinkacyber.com and subscribe to our Blog to receive the latest update directly to your email inbox.

Download KaCyber App Now. It’s a small world.

KaCyber app is available in Google Play Store and coming soon to Apple Store (for iPhones). KaCyber app is a perfect platform to connect with your family and friends and also discover what businesses nearby are offering! Welcome to KaCyber. It’s a small World…

Already on KaCyber, and enjoying our app or have feedback? Leave us a review on your favorite app store, follow us on Twitter, and like us on Facebook.

Need more information?

Get in touch with our team instant registration of your business or more details about our apps and services. You can also email us at info@kacyber.com

We’re excited to see you onboard. Happy Blogging on our website (www.blog.kacyber.com), click to access our beta tester  to download KaCyber app and install it, we bet you will discover what you’re craving for on KaCyber!

 Get it on Google Play