Why the Facebook and Google SDKs are in all your apps

Incase you missed it there’s been a media storm this week around the Zoom video conferencing app and small data transmissions to Facebook on launch.

Why do so many apps include these SDKs?

Quite simply, if they company needs to grow by doing advertising on Facebook of on any of Google’s add properties, the need to include the SDKs for those platforms or their ads will be limited or simply not run by these advertising platforms. Yahoo ads work the same way.

It’s pretty hard to make a case that any business trying to attract new customer can just avoid these advertising giants. They really do work and are (despite rising costs) really effective advertising channels.

I’m going to skip over the arguments around “Login with” requiring SDKs. Most authentication platforms I’ve seen provide paths to do authentication without including those SDKs, making it possible for the app developer to work around them.

What can they do about it?

Not much actually. If the businesses survival depends on attracting new customers they’re at the mercy of the requirements of the advertising/authentication platform.

Who’s really responsible?

Facebook, Google, and all the other advertising platforms that refuse to run ads without deep hooks into applications and websites.

Can the advertising platforms actually fix it?

I don’t think it would be simple for them to fix it either. One of the great upsides of embedding your SDKs into ad targets is that you can do really advanced click-fraud detection.

It’s a systemic problem

Running advertising platforms at scales larger than what humans can effectively monitor lead us down this path. In order to have these platforms operate effectively and try to minimise fraud they really do need an immense amount of data feedback.

You could make the argument that the world would be a better place without these advertising giants, but that doesn’t really help us today. We’re well beyond the point where they could or would just pivot to doing business some other way.

What can we fix?

1. Facebook, Google, and the other advertising platforms should provide (up-front) messaging for companies to include in their terms of service to explain what’s happening and why. It’s not possible today for an app developer who’s including their SDKs to write this themselves, we just don’t understand enough about what they are/might be doing with the information. They should also tailor this text to an apps specific settings to make them more accurate and less scary if the app is doing everything it can to turn non-critical parts of the SDKs off.

2. App developers should roll out a specific section in their terms and conditions that includes the snip-its from third party solutions to increase the transparency of what’s actually going on.

3. Unfortunately we all have to start being more comfortable with some amount of data transfer between entities. Hopefully over time we get better at minimsing the transfer, but it’s not going to be possible to operate in the advertising world promoting your product if you’re trying to get to zero data transfer.