These days I treat other people's data like it's a live hand grenade. Case in point (bit of a shameless plug here :) I'm working on an App called Hockeytastic. It's an ice-hockey stickhandling app that my son's been using for months: the engine is solid but it looked like shit. However, his coach told me to get it on the app stores and sell subs. That meant I needed to clean it up, build a DB, store stuff etc.
Anyway, working with Google and Apple I realised that I quite literally do not need to store anything identifiable. The only identifier I store is the Apple id and the Google id and unless you steal those and then hack Google and Apple, they are utterly useless.
I do not store emails, names, addresses, nothing. That's the way I want it.
If the data is ever breached, the only thing hackers will see are many many instances of Connor McDavid, Nate Mckinnon and various other famous NHL player names :)
If more companies treated personal data like it was toxic, we'd have less issues with breaches, however, I see it in my day job where the marketing people want to take as much data as possible, all the time!
I wish that were the case, but because of there being barely any consequences for breaches, it's much more profitable to store everything you can and sell it to the highest bidder. Make it a huge risk to store data, then companies will start treating data like a live hand grenade.
That's exactly what the GDPR tried. If only it was properly enforced
Companies can and do get away with arguing that they have a "lawful basis" to collect whatever data they'd like. It's unfortunate.
IANAL, but the law seems a bit vague to me, and it appears that companies use that vagueness to their advantage. Maybe I'm just not articulating my arguments correctly.
Even if you have a lawful basis for collecting data, in theory the GDPR is in theory restricting you to only use it for that basis, delete it as soon as you don't need it anymore, have a plan on how to store and handle it, and requires you to follow best practices when doing so. Backups, encryption, regularly testing the technical and organizational measures that protect the data are in theory all mandated. Also, on the topic of this post, notification of data breaches when they occur
But enforcement is just laughable. Even on easy to observe issues like which data is collected
Why does the app need to store the google/apple Id? Because it stores the data in the cloud, instead of locally for the app to use?
It's for your login and payments. I need to verify that you are authenticated somehow and Google/Apple also handle payments.
You "Login with Apple" or "Login with Google". They manage the login entirely and pass me your id and an access token (assuming you pass their login test). I store that in my DB so that your data from the app can sync (the paid-for app syncs your training data to my backend but I match it only based on the Google/Apple id.)
The alternative is that I build my own auth system and I'd need to store something you can type in the next time, e.g. email/password address etc.
If you have an Android/Apple phone you're already authenticated with them. I just need Google/Apple to say "this guy is cool, let him in" and I then use the id to check if you've paid, sync your training data etc.
On its own, the id is useless! Means nothing and cannot be traced back to a person. I genuinely do not know your name, email, what country you come from, GPS data, CC data. Nothing at all!
I don't want your data.
If I'm using an app I'm very skeptical of "Login with Google" because I have no way to verify that you're only getting a random identifier and not my email address. I prefer to sign up with a proxy email address.
At least with "Sign in with Apple" you can choose to give a random alias that forwards to your email. I do this for every single service I sign up for. Completely unique Email + password for everything.
It's built into Android/iOS and an accepted way of logging into an app. The app store page (when it's released) shows exactly what I need: practically no information at all.
Google handle the payment and the subscription too (same with Apple) and that's a very common pattern too.
I understand the skepticism though.