Display the privacy and data collection impact of packages #1360
Replies: 3 comments
-
|
Love this idea 😃 May I suggest to pitch this in the Swift forums? |
Beta Was this translation helpful? Give feedback.
-
|
Thanks Federico!
We discussed several things there and discussions are always very time consuming and are rarely very constructive. I think if we do this, we'd probably just go ahead with it and if other services want to adopt it, they can. |
Beta Was this translation helpful? Give feedback.
-
I completely understand where you're coming from 🙈, many thanks for the reply 😊 |
Beta Was this translation helpful? Give feedback.
-
I dreamt about this last night... I know. Don't even ask. 😅
One thing that would be interesting to expose on a package page is whether a library would have any impact on the privacy and data collection footprint of an app that includes it.
We can't (and shouldn't try to) automate the data collection aspect of this, but it could be a part of what we collect with #202. The tricky bit of that approach would then be what do for packages that don't declare their privacy information. My gut feeling is that we should set the default state for a package to be to show an "Unknown privacy impact", and only switch that to having "No privacy impact" if the package author explicitly declares it.
The other tricky bit here is that the amount of things in that privacy declaration form is extensive, and mapping that data into the YML file is going to be a pain. Doesn't mean we shouldn't do it, but this is not a trivial feature to add. The alternative is to only capture the basics, something like "No privacy impact"/"Some privacy impact" with the URL to a document that the package author writes that explains it. I think that may be the best way now I think about it.
An idea at least. Thanks to last night's dream!
Beta Was this translation helpful? Give feedback.
All reactions