Admob says in a forum that their Api’s for non targetting Ads will be ready by mid may but will work only after 25th. This is like a sword on head. We have to update 35 apps and not getting why Admob is not clear. Corona has a plugin for Admob. Please tell do they tell you about that API’s and also is there any work going on to make those API’s work within plugin that corona offers.
About Admob and other ad providers on topic:
As stated @ Admob’s docs page for gdpr:
Note: The Consent SDK will be made available by mid-May. The functionality, however, will not take effect until May 25, 2018. Please do not attempt to use these APIs before May 25, because they may disrupt ad serving on your app.
We’ve prepared an update, but can’t provide it to you yet for that reason. As soon as new functionality will become available by Admob - new plugin release will be public.
And that’s the issue with this gdpr compliance on our ad plugins: a lot of companies still haven’t implemented it on their side. But we can update our plugins only after they will and only then you can update you apps, which I’m sure is frustrating for you, but that’s how things are going to happen. We are fully aware of a need to update all our >20 ad and analytics plugin and trying to bring this new features to our end users ASAP. With that said, it’s easy to miss a new SDK update for some specific ad provider just in time with all that rush, so any feedback is welcome, as always.
@Karpovpw, that’s good news. Can you please share what parts of the SDK you have implemented? In order to manage expectations and let us prepare.
@perflubron, Due to some limitations, we can’t provide Google’s consent form and their Consent SDK, at least for now. AdRequest configuration (the one, that you’ve already mentioned earlier) is the one that is implemented.
Thos is what Google told to us in Admob.
To comply, and support your compliance with GDPR, we are:
Launching a solution to support publishers that want to show only non-personalized ads.
I think this is one of the 2 things that we need.
- We give consent form at start. If user says yes then we give persinalized Ads if say no we show Non-Personalized Ads.
- Same a user can do in settings. He can change his mind any number of times and so we shift Ads from Personal and Non personal.
- This is second task of two things. If a user removed consent later from settings. How with the use of Advertising Id’s we tell Admob or Corona to remove any personal Data related to that user.
Please anyone if has any idea fill fast. Many developers like us need to work together by helping each other on this.
We just made a build with Corona 2018.3286, then watched its network connection:
It connects to https://stats.coronalabs.com (which is new with this build).
It sends what looks like very basic anonymous analytics:
{ "tm": 1526373342, // timestamp "c": "US", // country code "b": "s5962", // ? "pl": "iOS11.3", // platform "i": 17666, // ? "bi": "com.example.appidentifier" // app identifier }
@Corona could you please tell us what “b” and “i” are?
Wrote another post with some more concrete plans on preparing for GDPR.
https://medium.com/@perhaglund/making-my-apps-gdpr-compliant-part-2-c0cdf6a14501
[member=‘Studycat2’] those values are same for all installs, showing day and specific build, in other words - not user IDs
fwiw, wip, use if/as you see fit, no license, released to PD…
-- main.lua, testbed for gdprutil.lua local gdprutil = require("gdprutil") gdprutil.verbose = true -- optionally print("No argument form:", gdprutil.isEUCountry()) print("Hardcoded pos DE:", gdprutil.isEUCountry("DE")) print("Hardcoded neg US:", gdprutil.isEUCountry("US")) print("Hardcoded blank:", gdprutil.isEUCountry("")) print("Hardcoded invalid:", gdprutil.isEUCountry({})) print("Manual getpref():", gdprutil.isEUCountry(system.getPreference("locale","country","string")))
-- gdprutil.lua local M = {} M.name = "gdprutil" M.version = "0.1" M.verbose = false -- References: -- https://en.wikipedia.org/wiki/Member\_state\_of\_the\_European\_Union -- https://www.iso.org/iso-3166-country-codes.html -- https://en.wikipedia.org/wiki/ISO\_3166-1 M.EUCountryCodeList = { ["AT"] = "Austria", ["BE"] = "Belgium", ["BG"] = "Bulgaria", ["HR"] = "Croatia", ["CY"] = "Cypress", ["CZ"] = "Czechia", -- aka "Czech Republic" ["DK"] = "Denmark", ["EE"] = "Estonia", ["FI"] = "Finland", ["FR"] = "France", ["DE"] = "Germany", ["GR"] = "Greece", ["HU"] = "Hungary", ["IE"] = "Ireland", ["IT"] = "Italy", ["LV"] = "Latvia", ["LT"] = "Lithuania", ["LU"] = "Luxembourg", ["MT"] = "Malta", ["NL"] = "Netherlands", ["PL"] = "Poland", ["PT"] = "Portugal", ["RO"] = "Romania", ["SK"] = "Slovakia", ["SI"] = "Slovenia", ["ES"] = "Spain", ["SE"] = "Sweden", ["GB"] = "United Kingdom", } --- -- Tests if the given country code represents an EU member country -- @param country String Optional The two-character ISO 3166-1 country code -- if not provided, and running in Corona SDK environment, will look up value from system -- @return Boolean -- True if country code represents an EU member country -- False if country code does not represent an EU member country, or could not be determined -- M.isEUCountry = function(country) --------------------------------------- -- handle default value (if Corona SDK) --------------------------------------- if (not country) then if ((type(system)=="table") and (type(system.getPreference)=="function")) then country = system.getPreference("locale", "country", "string") end end --------------------------------------- -- handle missing/invalid values --------------------------------------- if (type(country) ~= "string") then if (M.verbose) then print("gdprutil.isEUCountry(): Invalid Country Code, result = false") end return false end --------------------------------------- -- perform lookup --------------------------------------- local result = M.EUCountryCodeList[country] ~= nil if (M.verbose) then print("gdprutil.isEUCountry(): Country Code '" .. country .. "', result = " .. tostring(result)) end return result end return M
@davebollinger, do you have this code on GitHub or some other site I can link to, instead of trying to point people to page 6 of this forum thread?
Thanks
Rob
@Rob: https://github.com/davebollinger/gdprutil
at present it’s identical to the code above, except with an MIT license, because 1) the pd statement above isn’t adequate, and 2) to carry a disclaimer - so essentially still do whatever you want with it, just don’t “blame” me for it.
Can anyone please tell me. Is there a way to get non personalized Ads using Admob plugin. Also say i have Advertising Id then how to use that to remove user data from Admob servers
No. Not with the current plugin. Although the version of Admob that the plugin is using accepts the “extras” flag there is no mechanism to attach that value to the request from corona.
For the second item, I think you just send it to their support e-mail if they don’t have one set up for GDPR yet.
@davebollinger and @Rob, do you think it is enough to only look for “locale” & “country” values? Are they reliable sources of information?
For example, as an EU citizen what happens if I buy a phone from a non-EU country(e.g. Turkey or Australia) and bring it back to EU soil and start using it here? What values would I get from “locale” & “country”? Are those values constantly updated by iOS / Android / Fire OS upon each connection?
@bgmadclown: no, it’s not perfect, but it’s all you’ve got… probably… unless you have access to an IP lookup service, etc - see Per’s writeup above.
would you rather pop up a dialog and ask them if they’re in the EU? could you trust THAT response?? (for legal purposes)
only time-will-tell if implementation/enforcement allows for any sort of “best efforts vs technical limitation/difficulty” -type defense, i’m no lawyer.
for my own purposes, i’ve decided against trying a similar approach with locale because the “generic” language versions (fe “en”, “fr”, et al) are still valid, and would seem to pose even MORE trouble than the ones that directly correspond to their origin countries (fe “en_GB” vs “en_US”, or “fr_FR” vs “fr_CA”) given that “en” and “fr” (et al) are spoken in all sorts of varied countries.
but also, for my own purposes, i’ll be using it only as an additional measure, fe i’ll have already sanitized all analytics regardless of EU status.
@bdmadclown. Based on what Appodeal is saying here: https://www.appodeal.com/home/gdpr/
Do I have to request a consent only from EU users?
As the global privacy laws change, we recommend to request a consent from all users once, no matter where they are currently located. That will eliminate mistakes of not collecting consent from EU residents who are on a vacation elsewhere, for example.
We are going to follow a similar recommendation.
You can’t rely on IP address because they could be traveling. They could be using VPNs. As for Dave’s code above, I think it’s a great start, but the end user can fully control all those locale settings on their device. I could be living in Paris and have my phone setup with a country code of US.
So what should you do? That’s up to you. The safest thing is to ask everyone. This is getting into legal advice and you would be best to discuss what’s best for you with your lawyer.
With regards to AdMob. Google has everyone scratching their head on this one. This article does a good job of explaining the chaos:
https://www.theregister.co.uk/2018/05/15/android_ad_pause_gdpr_chaos/
There is also a good article on consent from the Great Britain Information Commissioners office.
They point out that you should not pre-check boxes, so if you add a widget.newSwitch() to your dialog box, it needs to default to off.
Rob
I think I’ll wait till there’s a solution for the Admob plugin before I rebuild and submit all of my apps for iOS/Google/Amazon with the latest Corona version. That will likely be after May 25, but I don’t want to start doing it now with the new Corona build and then have to do it again once Google’s new AdMob plugin comes out.
For the sake of sharing here is what my screens for GDPR look like. The wording might change and I want to make the checkbox more visible. It is probably not 100% compliant, but as good as I will be able to get it without a lawyer. I am just waiting for Appodeal to update their plugin and I’ll publish it. 2 done. 3 more apps to go.
Just to make sure, because no one has ever mentioned it:
If I don’t want to show a consent screen, because it is ugly and obtrusive, is it a valid solution to
1) just give the parameter of [did not give consent] to Appodeal, or
2) showing your own ads for your own games?
Thanks vlads.