The GDPR and SDK Usage In Android Mobile Apps

Using data on Software Development Kits (SDKs), we study SDKs in Android apps vis-à-vis the adoption of the General Data Protection Regulation (GDPR) by the European Union in May 2018. Relative to US-only apps, the number of non-Google SDKs used per app in 5 major European countries (EU5) exhibits a...

Full description

Saved in:
Bibliographic Details
Published in:NBER Working Paper Series 2024-11
Main Authors: Jin, Ginger Zhe, Liu, Ziqiao, Wagman, Liad
Format: Article
Language:English
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Using data on Software Development Kits (SDKs), we study SDKs in Android apps vis-à-vis the adoption of the General Data Protection Regulation (GDPR) by the European Union in May 2018. Relative to US-only apps, the number of non-Google SDKs used per app in 5 major European countries (EU5) exhibits a 1.3% decline in EU5-only apps after GDPR, and a 6.3% decline in apps multihoming US and EU5. These effects are mostly driven by lower-ranked apps. Using apps’ monthly active users as weights in computing average user exposure to SDKs in app category and country groups, we find no significant change in the average SDK exposure in EU5-only relative to US-only apps. The only significant change in multihoming apps is a 4.2% drop in exposure to SDKs developed by minor SDK providers, although SDKs from Google and major SDK providers were independently assessed as riskier than those from minor SDK providers.
ISSN:0898-2937
DOI:10.3386/w33099