0

We have created a children game using Unity and therein we use SentrySDK for automatic bug reporting. Since our app is targeting children under 13 years, we need to comply with

  • COPPA
  • GDPR
  • Google's Familiy Policy

We use sentry like this. If an error occurs in the app, the app sends a message with the stacktrace and an anonymous user id to the Sentry Cloud.

Is this legal or do I need user consent for this? And if so, does it have to be "opt-in" or "opt-out"?

Improve this question
2
  • In the context of GDPR beware of responses that don't mention "personal data". Personal data is more broad than PII.
    – Lag
    Commented Jul 11, 2023 at 7:16
  • "opt-out" is no longer a thing when it comes to consent. Either your purpose falls under one of the consent free exceptions (then you do not need to ask at all) or you have to ask beforehand.
    – Eike Pierstorff
    Commented Jul 11, 2023 at 9:28

3 Answers 3

Reset to default
2

Are you collecting personal information?

A user id, assuming that it is the same per user across time, is personally identifiable information for both COPPA and GDPR, and would need to meet Google’s requirements as well.

This is true even if there is no obvious way of linking this back to an identifiable person. If the id is instead a session id that is never used more than once, then it is not personal information.

Improve this answer
1
  • By having their app send data of any kind to a third party directly, their IP address gets leaked. That already is personal data, even if they transfer a random integer each time.
    – nvoigt
    Commented Jul 11, 2023 at 4:40
2

If an error occurs in the app, the app sends a message with the stacktrace and an anonymous user id to the Sentry Cloud.

There is no such thing as an "an anonymous user id". It either identifies a user, then it is personal data, or it doesn't, then it's just random byte garbage. Since your app is contacting this cloud service directly, not via your servers as a proxy, you also exposing the customers IP address to a third party.

Is this legal or do I need user consent for this?

An IP address is PII, exposing it to a third part needs consent. Given that your app would be perfectly usable if this feature did not exist, you cannot claim it is absolutely neccessary for the operation (like sending the IP address to your own servers, which is simply how the internet works). If you would send all that to your own servers, strip the user id and ip address and send just the stacktrace devoid of any personal information to a third party, I would say you are safe. But the user id and ip address are PII that you need consent for, before sending them to a third party.

Normally, this is done in the fine print of the terms of use one has to accept before being able to sign up for an account in the app.

If you don't have an app with accounts, you could simply let the user chose to do this (or not) at the first app start. That is more user friendly and it established explicit consent to either do it, or not.

Improve this answer
5
  • There is no "account to sign up for" in the app. The id is anonymous because from it you cannot infer the user's identity. Isn't the user downloading my app enough consent? I mean if he cares at all, he can read through the privacy note in the Google Play Store entry and then decide to not download the app,
    – mcExchange
    Commented Jul 10, 2023 at 17:39
  • 1
    No, you need consent. "If they care, they would read further down on the page" is not the same thing as explicit consent.
    – nvoigt
    Commented Jul 10, 2023 at 17:48
  • If the id is not good for identifying your user, what is it good for? How do you generate it, how do you make sure it is unique?
    – nvoigt
    Commented Jul 10, 2023 at 17:50
  • 1
    the id is created by a random number generator. It helps gather anonymous stats, like "app error belongs to same id" vs "app error belongs to different id". It's impossible to identify the person behind the id from the id.
    – mcExchange
    Commented Jul 10, 2023 at 18:00
  • @mcExchange if this is a persistent id, it will probably still count as personal data (because it creates a user profile; also, since you have an IP address, there is what an Austrian judge has called the "abstract possibility" that the identity is resolved, even if for practical purposes this seems, as it were, impractical. Also if it is a persistent id, you need to persist it somehow in the client, which means you also come under ePrivacy regulations.
    – Eike Pierstorff
    Commented Jul 11, 2023 at 9:26
1

By default, our SDKs are configured not to send any PII data, see: https://docs.sentry.io/platforms/unity/configuration/options/#send-default-pii

So if you, the developer, don't explicitly turn it on or add other data to the events sent to Sentry, you should be safe.

Improve this answer
7
  • great! In other words: as long as "sending PII" is turned off, I don't have to ask the user explicitly if he wants to "send crash reports" (opt-in) and still be compliant with the above mentioned laws / regulations?
    – mcExchange
    Commented Jul 10, 2023 at 18:46
  • I am not a lawyer - but this is our intention xD
    – HazA
    Commented Jul 10, 2023 at 18:53
  • 2
    May I ask how you have managed the technically impossible feat with this switch? Get a direct message from a device, without gaining access to it's IP address? PII is not only the contents of the message. Sometimes, the sender of the message already is PII.
    – nvoigt
    Commented Jul 11, 2023 at 4:38
  • For example there were cases in Germany where users of Google webfonts were sued, because they were loaded from CDNs without consent. The CDN got the IP. It either needs to be hosted with the original server, or there needs to be consent. Otherwise, it's just leaking PII to third parties.
    – nvoigt
    Commented Jul 11, 2023 at 4:48
  • So I appreciate doing your best and I know following up with with laws and court decisions is not easy, but the programmer will still need to get consent from their user if they want to use your product.
    – nvoigt
    Commented Jul 11, 2023 at 4:50

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .