Auto App Consent for Android Developers (GDPR/CCPA)

Overview

Auto App Consent for App Developers (Alpha release)

Developed by Konrad Kollnig, Department of Computer Science, University of Oxford

This repository shall help app developers implement consent in apps more easily. This helps compliance with the GDPR, CCPA and other legal regimes. The motivation for this project that our research at Oxford found that less than 4% of Android apps implement any form of consent. It puts our previous compliance guide from the website https://gdpr4devs.com into code.

Specifically, this tool targets the following common compliance problems:

Common Problem 1: Failure to to implement any consent flows. This can both involve 1) the sharing of data with third-party companies without consent (violating Articles 7 and (35)1 GDPR) and 2) non technically-necessary accessing or storing of data on smartphone (violating Article 5(3) ePrivacy Directive)

Solution: Automatic implementation of consent flows with this library.

Common Problem 2: Sharing more data than necessary (violating Article 4(1) GDPR).

Solution: Many third-party libraries come with configuration options to reduce data collection. This library automatically chooses some of the most common settings.

Screenshot of the automatic consent flow.

Supported SDKs

At the moment, this project automatically implements a consent flow if your app uses one of the following SDKs:

  • Google Firebase Analytics
  • Google Crashlytics
  • Google Ads
  • Facebook SDK
  • AppLovin
  • Flurry (disabled SDK if lack of consent altogether)
  • InMobi
  • AppsFlyer
  • ironSource
  • AdColony
  • Vungle (untested)
  • Google Play Services Advertising Identifier Library

Note that the use of Google and Facebook services in the EU is likely illegal even with user consent, because data is sent to the US and can be used for unlawful surveillance of EU citizens. The same applies to other US-based services.

Installation

NOTE THAT THE USE OF THIS TOOL COMES AT YOUR OWN RISK. THIS TOOL CANNOT REPLACE AND DOES NOT PROVIDE EXPERT LEGAL ADVICE. IT IS CURRENTLY NOT MEANT FOR PRODUCTION USE, BEING AN ALPHA RELEASE.

  1. Add the JitPack repo:
allprojects {
      repositories {
            ...
            maven { url 'https://jitpack.io' }
      }
}
  1. Add the library:
dependencies {
        implementation 'com.github.kasnder:app-consent-android:0.8'
}
  1. Initialise the library by calling
ConsentManager consentManager =
      new ConsentManager.Builder(this)
            .setPrivacyPolicy(Uri.parse("http://www.example.org/privacy"))
            .build();
  1. If you want to, you can change the title (or message) in the consent flow by changing the consent_title (or consent_msg) string.
  2. If you want to exclude certain libraries from the consent flow (e.g. the opt-in to the use of the Advertising ID), then use the setExcludedLibraries() method of the ConsentManager.Builder. For example, for Firebase Analytics: .setExcludedLibraries(new String[]{"firebase_analytics"}). You can see the identifiers of all currently managed libraries through consentManager.getManagedLibraries().
  3. By extending the class net.kollnig.consent.library.Library, you can connect further libraries. Use the setCustomLibraries() method of the ConsentManager.Builder to include them, e.g. .setCustomLibraries(new Library[]{new CustomLibrary()}). See the directory library/src/main/java/net/kollnig/consent/library/ for example implementations.

You can check the example project in app/ to see how the library is used.

Implementation Details

General Approach

This tool interacts with third-party libraries in three ways: 1) by setting options in the AndroidManifest.xml file, 2) by calling functions of the third-party library directly (through Reflection), and 3) by intercepting method calls to the third-party library and either adding more privacy-preserving options or preventing the call to that function altogether.

The third method is the most invasive and only taken when no alternatives are available. It relies on YAHFA (Yet Another Hook Framework for ART) to hook functions of third-party libraries. Since YAHFA is only compatible with Android 7–12, lower Android versions are not supported by the library. This might be addressed in future versions of this library.

The following gives more details on how this tool interacts with third-party libraries.

Note that the use of Google and Facebook services in the EU is likely illegal even with user consent, because data is sent to the US and can be used for unlawful surveillance of EU citizens. The same applies to other US-based services.

Google Firebase Analytics

Purpose: Analytics

How consent is implemented: Automatic data collection upon the first app start is managed through the setAnalyticsCollectionEnabled setting. This prevents the collection of analytics without user consent.

Further reduced data collection: The tool disables the settings google_analytics_ssaid_collection_enabled (to prevent the collection of the ANDROID_ID) and google_analytics_default_allow_ad_personalization_signals (to prevent the use of data for ads). If you need the sharing of analytics data for ads, you can add the following to your <application> tag in your AndroidManifest.xml file:

<meta-data android:name="google_analytics_default_allow_ad_personalization_signals" tools:node="remove"/>

Uses hooks: No

Further details: https://firebase.google.com/docs/analytics/configure-data-collection?platform=android

Google Crashlytics

Purpose: Crash reporting

How consent is implemented: Automatic data collection upon the first app start is prevented through the setCrashlyticsCollectionEnabled setting. This prevents the collection of crash reports without user consent.

Further reduced data collection: None, except that the firebase_crashlytics_collection_enabled flag is set to false in the AndroidManifest.xml file to implement consent.

Uses hooks: No

Further details: https://firebase.google.com/docs/crashlytics/customize-crash-reports?platform=android

Google Ads

Purpose: Ads

How consent is implemented: If no consent is given, calls to the init and loadAd methods are blocked. This prevents communication with the Google Ads servers without user consent. As per Google’s consent policies, the use of Google Ads is only permitted with user consent (even of non-personalised ads).

Further reduced data collection: None, except that the com.google.android.gms.ads.DELAY_APP_MEASUREMENT_INIT flag is set to false in the AndroidManifest.xml file to implement consent.

Uses hooks: Yes

Further details: https://developers.google.com/admob/ump/android/quick-start

Facebook SDK

Purpose: Various functionality, including analytics

How consent is implemented: Automatic data collection upon the first app start is prevented through the setAutoInitEnabled and setAutoLogAppEventsEnabled settings. This prevents the collection of analytics without user consent.

Further reduced data collection: None, except that the com.facebook.sdk.AutoInitEnabled and com.facebook.sdk.AutoLogAppEventsEnabled are flags set to false in the AndroidManifest.xml file to implement consent.

Uses hooks: No

Further details: https://developers.facebook.com/docs/app-events/gdpr-compliance/

AppLovin

Purpose: Ads

How consent is implemented: Automatic data collection upon the first app start is prevented through the setDoNotSell and setHasUserConsent settings.

Further reduced data collection: None

Uses hooks: No

Further details: https://dash.applovin.com/documentation/mediation/android/getting-started/privacy

Flurry

Purpose: Various functionality, including analytics

How consent is implemented: If no consent is given, calls to the build method (from the FlurryAgent.Builder class) are blocked. This prevents the start of the SDK without user consent.

Further reduced data collection: None

Uses hooks: Yes

Further details: https://developer.yahoo.com/flurry/docs/integrateflurry/android/

InMobi

Purpose: Ads

How consent is implemented: If no consent is given, then gdpr_consent_available=false and gdpr=1 is passed to the init() method of InMobi.

Further reduced data collection: None

Uses hooks: Yes

Further details: https://support.inmobi.com/monetize/android-guidelines/

AppsFlyer

Purpose: Ad attribution

How consent is implemented: If no consent is given, calls to the start() method of AppsFlyer are prevented.

Further reduced data collection: None

Uses hooks: Yes

Further details: https://support.appsflyer.com/hc/en-us/articles/360001422989-User-opt-in-opt-out-in-the-AppsFlyer-SDK

ironSource

Purpose: Ads

How consent is implemented: Depending on the consent setting, setConsent and the do_not_sell flags are set.

Further reduced data collection: Depending on the consent setting, the is_deviceid_optout flag is set.

Uses hooks: No

Further details: https://developers.is.com/ironsource-mobile/android/regulation-advanced-settings/#step-1

AdColony

Purpose: Ads

How consent is implemented: Depending on the consent setting, setPrivacyFrameworkRequired and setPrivacyConsentString are called. This happens both at the time of initialising the SDK (i.e. on calling AdColony.configure()) and when the user might change the setting (by calling AdColony.setAppOptions()). Other appOptions should be kept intact in this process.

Further reduced data collection: None

Uses hooks: Yes

Further details: https://github.com/AdColony/AdColony-Android-SDK/wiki/Privacy-Laws

Vungle

Purpose: Ads

How consent is implemented: Consent is passed to the Vungle library through its updateConsentStatus setting, either setting this to OPTED_IN or OPTED_OUT. Additionally, the current consent signal is passed once the initialisation of the Vungle library is finished.

Further reduced data collection: None

Uses hooks: Yes

Further details: https://support.vungle.com/hc/en-us/articles/360047780372-Advanced-Settings

Google Play Services Advertising Identifier Library

Purpose: User identification

How consent is implemented: Calls to the getAdvertisingIdInfo method throw an IOException if no consent is provided. The use of the IOException is one of the exceptions of the method signature and should be caught by apps in any case.

Further reduced data collection: None

Uses hooks: Yes

Further details: https://developers.google.com/android/reference/com/google/android/gms/ads/identifier/AdvertisingIdClient

Contribution

Contributions to this project are highly welcome. Help is welcome with testing, improving the stability of the existing code, keeping up with changes of the third-party libraries and contributing new adapters for third-party libraries.

Feel free to file an issue or pull request with any of your ideas!

License

This project is licensed under GPLv3.

You might also like...
This is a practical project for Professional Android Developers that covers clean Architecture basics using the following: skills: Real-like coding with Kotlin, MVVM Design pattern, Kotlin Coroutines, Room database, Navigation Controller, Jetpack compose, Use cases, and Dependency injection using Dagger-Hilt.
Forage-project - This is a project given by Google Android Developers team. It's specifically created for data persistance.

Forage - Starter Code Starter code for the fifth independent project for Android Basics in Kotlin. This project pairs with Unit 5 of Android Basics in

Mankgram is an Android application for sharing stories especially for developers.
Mankgram is an Android application for sharing stories especially for developers.

Mankgram is an Android application for sharing stories especially for developers. Mankgrams are created using the Kotlin programming language and built in Android Studio.

Changelog - a android library, it helps developers display the history of changes in their applications
Changelog - a android library, it helps developers display the history of changes in their applications

Changelog is a android library, it helps developers display the history of changes in their applications. Supports Locales, Layout direction

An android application that displays public apis' for developers to use
An android application that displays public apis' for developers to use

An android application that displays public apis' for developers to use. This application implements adaptive layout by use of a sliding pane layout

⏱️ TimerView is a beautifully designed fully customisable Android view that allows developers to create the UI for countdown timers.
⏱️ TimerView is a beautifully designed fully customisable Android view that allows developers to create the UI for countdown timers.

TimerView 🔥 A beautifully designed fully customisable Android view that allows developers to create the UI for countdown timers. Index Getting starte

Maxibon kata for Kotlin Developers. The main goal is to practice property based testing.
Maxibon kata for Kotlin Developers. The main goal is to practice property based testing.

Kata Maxibon for Kotlin. We are here to practice property based testing. We are going to use KotlinTest to write our tests. We are going to practice p

TODO API Client Kata for Kotlin Developers. The main goal is to practice integration testing using MockWebServer
TODO API Client Kata for Kotlin Developers. The main goal is to practice integration testing using MockWebServer

KataTODOApiClient for Kotlin We are here to practice integration testsing using HTTP stubbing. We are going to use MockWebServer to simulate a HTTP se

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.
StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications.

StaCoAn Not maintained anymore! Will be archived soon. StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers pe

Comments
  • (Consider) Adding Documentation containing overview and intended effects

    (Consider) Adding Documentation containing overview and intended effects

    Hi. Good to see responsible developer practices being nudged through design choices and as modular components. It would be good to have a documentation (somewhere) that provides a brief overview of summary about the things included in this work, and the intended effects. A simple README.md type file would do as well. Minimally, I suggest following:

    1. What the main problem is that motivated this (link to your paper)
    2. What is this work, what does it provide (link to installation instructions or other technical documentations)
    3. What does this currently cover, e.g. list of integrations that are displayed in your screenshot with links to their relevant policies/docs, and a short summary of issues (if known)
    4. Contributions and collaborations - how should people help you with this in terms of highlighting issues, sharing their findings, contacting you, e.g. It could be directly emailing you, or opening a GitHub issue.
    5. (suggestion in connection with above) - What do you require help/assistance with, what would you like someone else to do / contribute for this? Is there something that needs testing, updated information, etc.

    Other than these, it would be difficult for most people to comprehend what this work is actually doing, and what the result will be. A more descriptive hand-holding documentation might help get the idea across better, e.g. more images that show the current state, your code integration, updated flow screenshot, and a diagram outlining what has changed in terms of data/consent flows.

    Regards, Harsh

    opened by coolharsh55 2
  • Check that unnecessary tracking connection are blocked without consent

    Check that unnecessary tracking connection are blocked without consent

    Since I don't have an account with all of the tracking libraries, testing in a real world setting has been a bit problematic. I've mostly been relying on SDK documentation.

    opened by kasnder 0
  • Choosing a license: Permissive vs Restrictive

    Choosing a license: Permissive vs Restrictive

    tldr; implications of license used (GPL v3) may restrict adoption and use in typical use-cases; a more permissive license such as GPL v2 or Apache 2.0 may be better

    Hi. Use of GPL v3 as the License will require published Apps to be published with their source made available (AFAIK), which is typically not the norm since most apps are not open-sourced. Since the aim of this work is to encourage better handling of (personal) data in the interests of data protection and privacy, a license that facilitates integration more easily would result in more adoption and use.

    Ideally, if there is a need to nudge sharing back improvements, the GPL v2 may be a more palatable option; or if the intention is to have this work be used as widely as possible, the Apache 2.0 license may be suitable (and is the more preferred option for such work since its easier to figure out implications of reuse).

    opened by coolharsh55 1
Releases(0.7)
Owner
Konrad Kollnig
An advocate of informatics, in training. PhD Student in Computer Science.
Konrad Kollnig
A Android Web IDE supports code auto-completion and highlight, plugin (Supports Html, Css, JS, Json, Php etc)

WebDevOps A Android Web IDE supports code auto-completion and highlight, plugin (Supports Html, Css, JS, Json, Php etc) Join us QQ group number: 10314

SuMuCheng 22 Jan 3, 2023
Auto T-Shirt Shop that uses Google Pay API.

GooglePayApp Offer simpler and secure payments with Google Pay Google Pay lets your customers pay with the press of a button—using payment methods sav

Muhammad Saqib 0 Oct 20, 2021
Auto-pipeline: a source code generator, it will generate your component's pipeline

auto-pipeline ?? auto-pipeline is a source code generator, it will generate your

Zava 106 Dec 20, 2022
Android app built with MVP architectural approach and uses Marvel Comics API that allows developers everywhere to access information about Marvel's vast library of comics. :zap:

Villains & Heroes Android app built with MVP architectural approach and uses Marvel Comics API that allows developers everywhere to access information

André Mion 53 Jul 13, 2022
An app for developers which contains more than 2.4k+ resources , with 1.2k+ free public API documentation

ResourceUp We often spend a lot of time finding good resources to get started with our project right? ResourceUp aims to provide all useful resources

kalp patel 10 Apr 30, 2022
Unity-Android-SDK-Plugins - Android SDK/Library/Plugins (aar) for Unity Developers

Unity Android SDK Plugins Unity Android SDK Plugins is an Open Source project th

NNK 1 Aug 14, 2022
An library to help android developers working easly with activities and fragments (Kotlin version)

AFM An library to help android developer working easly with activities and fragments (Kotlin) Motivation Accelerate the process and abstract the logic

Massive Disaster 12 Oct 3, 2022
Screenshot Kata for Android Developers with Kotlin. The main goal is to practice UI Screenshot Testing.

KataScreenshot in Kotlin We are here to practice UI testing using screenshot tests for Android. We are going to use Espresso to interact with the Appl

Karumi 76 Nov 20, 2022
Super Heroes Kata for Android Developers in Kotlin. The main goal is to practice UI Testing.

KataSuperHeroes in Kotlin We are here to practice UI Testing. We are going to use Espresso to interact with the Application UI. We are going to use Ko

Karumi 86 Nov 20, 2022
Do's and Don'ts for Android development, by Futurice developers

Best practices in Android development Avoid reinventing the wheel by following these guidelines. Lessons learned from Android developers in Futurice.

Futurice 20.2k Dec 30, 2022