It used to send a generated email such as 2r3qw-45co-i987@checkout.google.com (at least for some orders) so you could contact the customer if you needed to. But as of a few minutes ago it seemed my sales were listing real emails for all the orders I checked (just a few). So I'm not sure if they have these generated emails anymore or not. (I suppose it's possible they started getting spammed at addresses like that).
As a dev I don't think this is ideal. I liked the generated email solution. (I'm not sure how that worked exactly, I always got a mix of generated and real emails). But I don't think this is as terrible as people are making it out to be. They are not giving out the credit card number or embarrassing photos of you as a kid or anything. They provide the merchants with name, account age, coarse location (zip/city), email address, and email marketing preference: opt in/out.
They also do send the user a receipt email that describes the transaction as being between the customer and the developer.
It looks like this:
Thank you.
You've made a purchase from [developer ] on Google Play.
Order number: (.....)
Order date: (.....)
Payment method: (.....)
Questions? Contact [developer's email]
See your Google Play Order History.
View the Google Play Refund Policy and the Terms of Service.
Need help? Visit the Google Play help center.
So the questions are: How should it be presented to the user? What level of information should a merchant have?
Keep in mind the system supports web merchants and carrier billing. Should there be multiple systems?
I'm not sure I know the right answer or even what all the logistical issues are. Personally I use Google wallet to buy "cloud" backup services and other stuff not related to Android. In some small ways this affords me more privacy from the vendor than if I had just bought directly with a credit card.
Anyways as a dev it's interesting to have some level of geographical data. Names are helpful for dealing with customers. Emails are good for support. But I'd definitely like the customer to know what they are getting in to.
It sets a cookie with an ID of 0 (or -1, or the like) -- As far as I understand it this is the only way they can "know" not to track you.
Interesting, but I am pretty sure DNT was Mozilla's Idea. And frankly, it always seemed like a waste of time. Given all the ways that one can be tracked though, a technical solution seems difficult as well.
- Cookies
- JavaScript
- tracking pixels
- HTML local DBs
- Flash objects
- fonts
- screen size/colors
- plugin config/versions
- User agent
- IP address
- and now.... "DNT" toggle...
It almost seems as the only way to keep from being tracked is via the TOR browser incognito mode in a freshly wiped VM or something. I honestly wonder if the 'net need to move more towards mesh/tor/ad-hoc networking. Basically if the "darknet" should be the "mainnet".
Anyways, some info:
EFF tool to see how well you can be tracked (fingerprinted)
https://panopticlick.eff.org/index.php?action=log
NAI (Network Advertising Initiative)
Tracking opt out of 99 of some of the largest ad networks, including Google and MS (but guess who isn't there?)
http://www.networkadvertising.org/choices/
Apple iAd opt out
http://support.apple.com/kb/HT4228
I think he was referring to jailbreaking / walled garden / etc.
Never test for an error condition you don't know how to handle. -- Steinbach