I have a written an app that leverages the YouTube API.
As part of the privacy policy, I would like to be fully transparent as to what personal information is collected by Google (IP Address, IMEI, Cookies, etc) on a mandatory (non-opt out-able) basis.
I am not able see this information in documentation, any insights would be greatly appreciated.
With regard to Youtube Data API, you can see the scope it has over your data on Scopes:
You may also read Google Privacy & Terms to know how Google manages your data.
Related
Sorry if my question to too naive. But i wish to find audience level information for a particular twitter handle. Lets consider #BarackObama, i wish to find his followers by gender, age, language, location etc. I used python scripts in this link https://github.com/GnipDz/Python-Insights to achieve it.
I do have access to twitter ADS API but it still shows your application ID is not authorized when i try to run the scripts. Is there a special API or addition over Ads API to achieve this? can someone guide me as to how i can do this?
Those scripts use Twitter's enterprise (commercial) Audience API. This API does not enable you to access audiences for individual users, only aggregated data for large numbers of Twitter handles. Additionally, this is not a free-to-access API so you need to have an active enterprise subscription for this to work.
I'm not aware of any programmatic way to access this data, and particularly not for any organic account - the Engagement API enables access to Tweet engagements for the authenticated account, but you're not able to access that data for other users.
In my IOS application i am using google analytics, is it necessary to tell the app users that we using google analytics.
Is it necessary to show the google analytics primary policy in App.
Please help me.
From the App Store Review Guidelines
3.12 Apps should have all included URLs fully functional when you submit it for review, such as support and privacy policy URLs
In section 3.12: It specify that when you submit your application than you must have to include privacy policy URL. That does not mean that you need to show a separate page in application to show privacy policies.
Personally as a mobile user I have never seen privacy policy page of any analytics in application so far.
Also from Google Analytics Protocol SDK Policy you have to take care of following points.
Measurement Protocol / SDK / User ID Policy
All applications using the Measurement Protocol / SDKs / User ID must adhere to the following policies:
You must make sure you have the full rights to use this service, to upload data, and to use it with your Google Analytics account.
You will give your end users proper notice about the implementations and features of Google Analytics you use (e.g. notice about what data you will collect via Google Analytics, and whether this data can be connected to other data you have about the end user). You will either get consent from your end users, or provide them with the opportunity to opt-out from the implementations and features you use.
If you use an SDK to implement any Google Analytics Advertising Features, such as Audience Reporting or Remarketing, you will abide by the Policy for Google Analytics Advertising Features, in addition to the Google Play Developer Program Policies, or any other applicable policy.
You will not upload any data that allows Google to personally identify an individual (such as certain names, Social Security Numbers, email addresses, or any similar data), or data that permanently identifies a particular device (such as a unique device identifier if such an identifier cannot be reset), even in hashed form.
If you upload any data that allows Google to personally identify an individual, your Google Analytics account can be terminated, and you may lose your Google Analytics data.
This is a very high level question, to a high level answer too, so I'm just looking for some pointers on the right direction.
Let's say I want to build a web application to manage a user's Google Contacts. I understand this is done by allowing the user to log in with his Google Account while asking for permissions to manage his Google Contacts. So far so good.
Now I want to expose my own API layer for external browser extensions, Android clients, etc. But while I want the API clients to authenticate against Google, I don't want the applications to have full access to the user's Calendar, as the Secret Token is stored on the server.
So, how is this typically handled? I would like to do it by the book as much as possible, without having to implement a lot of security code.
Btw, while the question is too high level, feel free to point me to technical docs.
Thanks
Limited access to the user's resources can only be guaranteed by limited OAuth scopes:
https://developers.google.com/gdata/docs/auth/oauth#Scope
Some APIs, for instance the Contacts API, only provide a single scope which gives you access to all the data. In cases like this, the user can only choose between giving you access to all his contacts or none of them.
Other APIs expose different OAuth scopes, allowing the developers to only request access to a subset of the user's data. A good example of this is the Google Drive API, which has 5 different scopes for the developer to choose from:
https://developers.google.com/drive/scopes
For YouTube APIs, the only scope that is document is http://gdata.youtube.com, which asks the user to grand full read/write access. Is there a scope that asks/grants read-only permissions OR just read permissions to Youtube Insight data?
v3 of the YouTube Data API now has support for a read-only scope: https://www.googleapis.com/auth/youtube.readonly
Tokens obtained with that scope won't work with the older v1/v2 of the API, though. You can only use them with v3 calls.
Found out from one of the YouTube API guys (4/16/12):
"It's not possible with the current API, unfortunately. There's just a
single scope that grants full read/write access to the account. This
is a valid request, though, and I'll pass it along to the engineering
team. I can't make any promises about whether it will be implemented,
though."
The read-only analytics permission (https://www.googleapis.com/auth/analytics.readonly) used to work under v2 as well and it's even in the docs: https://developers.google.com/analytics/devguides/reporting/core/v2/gdataAuthentication
However it doesn't work now and Google doesn't look very motivated to fix it: http://code.google.com/p/gdata-issues/issues/detail?id=3916
Let me share my findings before asking the question.
Google Places API documentation says:
"Note: To use the Google Places API you must first request a Maps API
client ID and cryptographic key which you must use to sign your
request URLs. For information on signing URL requests, please see the
URL Authentication documentation within the Web Service APIs home
page."
The Google Places API is still in developer preview.
http://code.google.com/apis/maps/documentation/places/
We need a Client ID (required) and a Signature (required) to use
the Google Places API.
http://code.google.com/apis/maps/documentation/webservices/index.html#URLSigning
And, to get the Signature, we need a Google Adsense account to get
Adsense publisher id (required).
http://gmaps-ws-console.appspot.com/
You can find the requirements to use the Google Places API here.
http://code.google.com/apis/maps/documentation/places/index.html#Requirements
The Signup page for Google Maps API suggest that, "Your service
must be freely accessible to end users. To use Google mapping
technology in other types of applications, please use Google Maps API
Premier. See this FAQ for more information."
http://code.google.com/intl/it-IT/apis/maps/signup.html
Now, here's what i want to know.
I'm planning on using Google Places API in my iOS application. I don't
want to use Adsense. Can i still access the Google Places API for
free? How?
If i can't access the Google Places API for free, what are the costs
associated with using this service, and the available payment models?
I wasn't able to find any particular resources for this information.
Here's a specific scenario. What if my iOS application is free. The
free version uses Google Places API. But... my iOS application has
some additional features which are exposed using In-app Purchase (paid
features). The paid features do not use Google Places API. Is this
acceptable?
We opened up the Google Places API to all developers this week at Google I/O and simplified the Terms and authentication:
http://googlegeodevelopers.blogspot.com/2011/05/places-everybody-show-is-about-to-begin.html
You no longer need to sign your requests, but instead just use a key obtained using the Google APIs console. An AdSense ID is no longer required, but you will need to go though a credit card based identity check in order to upgrade from 1,000 to 100,000 request per day.
You can use the Places API in mobile apps that are free or sold online through a mobile app store such as the Apple App Store or Android Market. For fee desktop apps however will require a Maps API Premier license which will be offered once the Places API graduates from Google Code Labs.
For information on getting started, see the docs:
http://code.google.com/apis/maps/documentation/places/
HTH,
Thor