The new CCPA guidelines require to have a specific app behaviour for the 'californian users'. By the way, I wonder if the CCPA applies to all californian citiziens (even if they are not physically present in California when the launch the app) or to all the persons present in California (event if they are not californian citizens).
So, I wonder how I can do technically in order to know if a user is concerned by the CCPA law, in order to know if I must implement a CCPA-specific behaviour for him/her.
My question is about both iOS and Android.
Thanks !
from my understanding, CCPA applies to californian residents only (not travelers)... That being said and as we could expect some kind of generalization of the CCPA later for all US citizens, one can use a conjunction of :
MCC code to identify the country (312 to 316)
Any kind of IP to region code service to check for "user is present in California"
MCC CODE
With such a code, we know if the user is has a SIM card associated with an US subscription. On Android we can use getResources().getConfiguration().mcc or put a flag in lacalized config file under values-mccXXX resource directory :
<resources>
<bool name="is_us_subscriber">true</string>
</resources>
With a default to false. Works offline but requires a SIM based device (which excludes some tablets...), for non-SIM based devices there's no seamless way to check for country of residence... Best effort will be to use IP-to-ADDRESS unless you have additionnal information coming from facebook login or whatever...
IP TO ADDRESS
Using one of (or combination of) :
https://developers.google.com/maps/documentation/geolocation/intro
your own server implementation
https://developer.android.com/reference/android/location/Geocoder
other webservice
You can get US State (eg: California) from user IP address. On Android, use webservice to get user latitude and longitude and then call Geocoder to check for Address#getCountry() and Address#getAdminArea() which returns :
the administrative area name of the address, for example, "CA", or
null if it is unknown.
But it will only allow you to know that user is in California... And not user is a Californian resident.
MY OPINION
Use of external webservices is not reliable (no connection, VPN, proxy, ...)
Use of external webservice could be expensive
We lack information regarding user residence with location based services
I would recommend use MCC only since there's a high probability to see some kind of CCPA generalization in the US sooner or later...
Related
Background
In the "Phone" app of Google, there is an option "Caller ID & spam" :
So, if you get a call from someone or some organization that isn't on the address book, yet it is identified somehow, you get a name for it, as such (called "+972-035283487") :
Ever since Android M (6.0 - API 23) , apps can replace the default phone app, and then also providing alternative UI when you call someone or get a phone call, by extending InCallService class, as demonstrated here which is based on here.
The problem
I want to try to show the same information as on the Phone app, meaning the name of the person/company in case it identified it (and it's not on the address book).
What I've tried
I tried to dig over the various things that I get via the API of the dialer, but failed:
Various fields and functions of: android.telecom.Call class
There is getDetails inside of the Call class, so I tried to get what's inside there, and there is also statusHints and "label" inside the "statusHints" . None of those had any information (returned null). The reason I tried to look at "statusHints" is because that's what I see on the docs :
Contains status label and icon displayed in the in-call UI.
On the "Phone" app, pressing "Learn more" goes to a website (here) full of links that I think might be sources of the data, but I don't think the app itself uses this. Instead I think it uses something of Google.
The questions
Is it possible to get this CallerId information? If so, how?
How does the Phone app do it? It's supposed to be open sourced, so there has to be something that gives it this information, right? Would cloning it somehow get this information? Maybe Google has its own service for CallerID?
What are the "callDetails" and "statusHints" used for? What do they provide?
I believe Android's native phone app is using Google's place search API. As you can easily search for a place by its phone number and get place details like name, place id, formatted_address and many other fields that you can find in the documentation
Request URL:
https://maps.googleapis.com/maps/api/place/findplacefromtext/json
Request method: GET
Request query parameters:
key: Your application's API key.
input: The text input specifying which place to search for (for example a name or phone number).
inputtype: The type of input. This can be
one of either textquery or phonenumber. Phone numbers must be in
international format (prefixed by a plus sign ("+"), followed by the
country code, then the phone number itself).
Example request:
https://maps.googleapis.com/maps/api/place/findplacefromtext/json?input=%2B972035283487&inputtype=phonenumber&fields=place_id,name&key=API_KEY_HERE
Example response:
{
"candidates" : [
{
"name" : "מלך העופות",
"place_id" : "ChIJ78ko1zBKHRURpwbgUdWc4nU"
},
{
"name" : "Of Yaakov",
"place_id" : "ChIJv3myn4FMHRURUGffcXgxKuw"
}
],
"status" : "OK"
}
Note:
Such an API is not available at the current moment in Google places SDK for Android, but you can use the HTTP API directly in your app or you can make an API in the backend as a proxy to the places API. I prefer the later version as in the first solution the API key is deployed in the application code and hackers could decompile the APK and use it for malicious reasons. For security reasons you have to restrict the usage of the API key to the IP address of the server in case you are using the backend solution!
I tried to decompile the Dialer app, couldn't find the specific info about how the app is doing it.
But this info could be useful. Please check it.
In Dialer app, there are classes SpamCallDatabase_Impl.smali SpamCallDatabase.smali
and there is service running in package com.google.android.gms app, which provides spam lists
com.google.android.gms/.telephonyspam.sync.SpamListSyncTaskService
and for caller id check this commit
https://gitlab.e.foundation/e/os/android_packages_apps_Dialer/commit/420eb901ed1d64fdaf055cde4cc46d7a5c0b42fc
This looks dialer app of lineage os
and it uses different services for phone num lookup like
https://auskunft.at/
https://www.dastelefonbuch.de/
I believe Google has its own database of spam callers, and the Phone app sends the number to its server, and if there is a match, it shows the name.
Maybe, if your app can read notifications, there is a possibility to retrieve that name. Try this example out and modify it according to your needs
You could check the working of apps like Truecaller for this. Truecaller acts on a give and take scenario... You want those unknown numbers then you have to part with your phone book contacts.. Now apparently everyone who has installed the app has surrendered his phone book. The data is crowd-sourced from the millions of users who have downloaded the truecaller app on their smart phones. As part of the end user agreement, the truecaller app asks the user to allow access to the user's address book/contacts on the smart phone. This data is then uploaded by the app to the company's servers. After going through several data matching/refining algorithms, this data is made available to all truecaller users to search upon.
Google Phone app is provided a feature of Use caller ID & spam protection by default. Some of these steps work only on Android 6.0 and up.
When you make or get a call with caller ID and spam protection on, you can see information about callers or businesses not in your contacts or warnings about potential spam callers.
To use caller ID and spam protection, your phone may need to send information about your calls to Google.
Turn caller ID & spam protection off or back on
Caller ID and spam protection is on by default. You can choose to turn it off.
To use caller ID and spam protection, your phone may need to send information about your calls to Google. It doesn’t control whether your number shows when you make calls.
Caller ID by Google shows the names of companies and services with a Google My Business listing. It also looks for matches in any directory that shows caller information for work or school accounts.
As per your solution, Google does not provide this kind of support as you want. you need to create your own function and save spam and other contact detail at your side.
Our intention is to filter the content based on location without requesting Location permission from the Android device,
In-order to meet this requirement, we have tried the following options and still its not reliable
Telephony Manager
it wont work without a Sim card, again say if the user from USA travels india now the below snippets returns US not India
var telephonyManager = context?.getSystemService(Context.TELEPHONY_SERVICE) as TelephonyManager
val countryCodeValue = telephonyManager.networkCountryIso
Locale
Locale returns US or UK by default even if they are in India, usually user's Locale would be in English by default
Locale.getDefault().getCountry()
GPS
We doesn't want the Location permission to be requested
Retrieving the Country details form the logged-in Google account
Reply from Google - They dont have any dedicated API to retrieve countryCode of an user
Note:
iOS has a dedicated API which tell the CountryCode of the user, but Android doesn't
IP address
We tried to get the IP of the Android device (from several IP fusion websites), there are following two cases
User connected to WiFi - we are able to get the countryCode (WIFI IP
: 64.134.234.17)
User connected to Mobile Data - we are getting the wrong countryCode
even we are in USA, it says that IP is from JAPAN (MOBILE NETWORK
IP: 210.253.218.106)
Note:
Even Netflix determine the country during the launch, without requesting the Location permission
I think you have only two possibilities...or ask permission...or without asking permission you have to ask the user to insert an address (also only the city) and retrive the country code by mean of Google Geocoding Service
I agreed the above comments. You can't get the precise country by anyways other than there GPS location.
You can read this one hope you will get some idea about
Regarding your query how netflix is using it
https://help.netflix.com/en/node/26100
Brief
1.Disable any proxies (Means they are checking with there ip's)
2.Check your current IP address by visiting whatismyip.com (Same)
Regards
have you try using an API
ex:
http://ip-api.com/json
that will return country code and many other information all by analyze request IP "(no need obtained IP from device)" .
but obvious we need assume user not use any proxy or vpn
(There are plenty of other apis or you can implement and host one by yourself)
No way of getting it without Location permission, your better approximation is the localization by ip but as you saw there is no guarantee of precise localization
The app that I'm developing allows the user to enter in a zip code, then the app displays my local businesses that are closest to them. So if someone entered in a New York zip code, all of my franchises located in NY would show up.
It would be ideal if I could see what zip codes are most popular with the usage of this app, and which states receive the most traffic.
Is there a way to record/analyze the entered in zip codes of my users, and have that data sent back to me? Will this become a privacy issue if I gather this data?
Thanks
EDIT
The zip code the user will enter is simply in an EditText.
What you want to do is certainly possible. Since you're posing this question at all, I'm guessing you're app has the available franchises stored locally as opposed to retrieving them from a server.
Where is the data supposed to be sent to? If you have a server, you can use an HttpsURLConnection and POST the requested zipcode to your server when the user presses calculate or however else calculation is kicked off in your app. You will need the internet permission for this to work.
As a word of caution, you should be very up front about that you're doing this to the user, and also give them an option to turn it off, or even have it turned off per default. Personally, this would be the kind of thing that would bother me a great deal if I were to use your app. (Actually, if I couldn't turn it off, I probably wouldn't use it.)
EDIT
I'm not an expert on U.S. privacy laws but I imagine you probably need a formal privacy statement, as well. You certainly do if your app is also available in the European Union (regardless of whether it's useful there or not - whether or not it's available is enough.)
Yes you can easily collect this data and return it to a server. This will require an additional permission for your application 'android.permission.INTERNET' (If not already included.)
Not a lawyer and didn't stay in a Holiday Inn... but I don't see a privacy concern if you're using anonymous data... if you're packaging up user information (Name, Phone #, etc.) and sending it back I would think you'd want to include a "privacy policy" in your app's terms of service.
I have some app that sends some information to the internet from time to time let say ones at day. And I can easily send some coordinates (using the gps position) but I do not want that. The android phone is always connected to the internet via wifi or mobile network. But not always enabled the gps. So is it possible to get the location with wifi or mobile network ? I google this thing and I end up with finding location by gps, I do not want to do that.
Can you give me some ideas what can I do this. I have seen web sites that when I open them they know where am I, so I guess it is possible to find the nearest name of the city just by making a internet request and reading the response or maybe use some service . . .
Thanks
http://developer.android.com/reference/android/location/package-summary.html
http://developer.android.com/reference/android/location/Address.html#getAddressLine(int)
getLocality looks like it may do what you want?
For websites that know where you are, they either use your source IP and look that up (which isn't very reliable for a lot of things), or they use the javascript geolocation APIs as described here:
http://merged.ca/iphone/html5-geolocation
In fact, here's a stack overflow answer on using google API to get to the city name:
Get city name using geolocation
I would like input in deciding what API-accessible field in Android is the best equivalent to an iPhone's "device name" (it will be used as non-essential login data passed to a server). By device name, I do not mean "model", or any hardware- or software-related identifier, but more to do with the owner.
See How do you get an iPhone's device name for exactly what I'm referencing.
As an additional example, when faced with the same problem in BlackBerry, it was decided that the owner name was the best equivalent. (See answer in Get Blackberry Owner details (eg name/number) through API )
So far, it looks to me like the best android-equivalent is using an AccountManager to return someone's google account email; see How can you get an Android user's email address?. This seems to me like a pretty rough approximation, though; and would require adding another whole permission to the app just for some non-essential login data. Does anyone know of a better equivalent, and how to grab it?
Many thanks!
If you look in Settings -> Wireless & Network Setting -> Bluetooth Settings There is an option to set the device name. If the device name has not been set then I think it uses the persons account. You can access it through the BluetoothDevice.getName() method. Not sure if that helps.
BluetoothAdapter.getDefaultAdapter.getName() is also returning null if the user has switched off BT e.g. for saving battery or for security reasons. So it's not reliable, I'd say.