This is unsustainable. It requires constant vigilance and turns the privacy matter into a cat and mouse game where we are constantly one step behind the worst actors. These systems exist everywhere in the world and they’re fundamentally inefficient. E.g. recycling, or “please bring your own plastic bag”, which relies on goodwill.

Compare to a system where you fix the incentives to automatically align everyone’s interests: e.g. bottle deposits, or a small fee for plastic bags. Now people will want to do the right thing, because it is aligned with their own interests.

The same holds here: fix this one instance with enough outrage, there will be a thousand more. Instead, let’s fix the misaligned incentives between app builders and users, so their invasion of my privacy costs them as much as it does me (e.g. GDPR).

This is how you make efficient markets: align incentives. Fixing everything on a case by case basis only provides temporary relief.

[edit: note that OP never said "don't do it", they just said "it's missing the point". which I think is a fair call. this one fix is good, but it's unsustainable.]

> bottle deposits, or a small fee for plastic bags

You know how these programs started? They started small. A few stores requiring them. Eventually, they become a law.

I guess your point is that fixing this one transgression is the equivalent of one store implementing that rule, and if we fix more of them eventually it’s a law, making it but the first step on the journey to sustainable privacy?

It isn’t. This is recycling one bottle. It doesn’t have any sustainable long lasting effect.

To stretch the metaphor, the equivalent of one store asking for deposits would be e.g. Apple requiring full disclosure of all such tracking SDKs on the App Store page, as suggested by someone else in this thread. That’s sustainable, scalable, and that’s what might eventually even lead to legislation, as you pointed out.

No, you attack the systematic problem and don't become happy by fixing one of them, since it is a hollow victory, and public outrage has limited capacity for repeated posts of "app x is sending to Facebook".

Why not go both ways ?

In this very thread we started from “I can tell you from experience that everyone does this.”.

Now when a PO will be asked to add facebook in its app (or wants to remove it) there is at least one prominent instance to point to showing that having the SDK is not the right move. And hopefully that “everyone does it” will become “some still do it”.

If of course in the meantime we find a working systematic solution, it’s all for the better.

honest question: _how_ do we attack the underlying systematic problem to solve it once and for all?

write a blog post?

take it twitter/HN/reddit?

hold a rally/demonstration outside Apple/Google?

call our MP?

bombard their employees with phone calls or knock on their front door where they live?

write malware?

... really I got nothing that sounds like it would work. In retrospect all of Tim Cook's privacy / security grandstanding and attitude of superiority was just that. There are no good guys in this game.

Buy a better behaving phone, or admit that you don't mind being spied on as compensation for features.

Legislation?

sure, but since I am unable to actually make legislation I wrote "call your MP" - which is more sobering/realistic if you look at the likely success of this particular effort.

We're outgunned by the lobbying from these companies I think.

Right. There's no point in locking 6% of your doors. It's security makework theater, like trying to use a treadmill for transportation.