1

I created an app that gets the list of friends from a Facebook account, then stores a partial record of friends' data (just the name and the uid) in a SQLite database.

I am unsure as to what extent this could be a problem of any kind regarding privacy and such.

Would this even be against Facebook rules or something?

Don't mean to be rude or anything but please don't reply with an answer such as "why on earth would you want to keep a local list of friends". Just assume there's a good reason.

M Rajoy
  • 4,028
  • 14
  • 54
  • 111
  • just to understand - are you asking if keeping a partial record of facebook data in SQLite db is legally allowed? or are you asking if there's a more secure way to do it? – David T. Nov 09 '12 at 16:49
  • I guess I formulated the question like the former, but I was actually asking both things. – M Rajoy Nov 09 '12 at 16:50
  • hmm i'm not a lawyer, but i'd imagine it's probably fine if facebook & the user authorized you to the data. and as for the "more secure" way... i'd imagine you should use SharedPreferences because it's tightly associated with your app. would you like me to provide code for that as an answer to your question? – David T. Nov 09 '12 at 17:06
  • Yes, please, I would appreciate that. I guess I used SQLite since it is the more intuitive way to store this kind of data: a database. – M Rajoy Nov 09 '12 at 17:09

2 Answers2

1

I take it back, SharedPreferences might not be better. Internal File storage is probably what you want. it should be much faster than a SQLite DB. and it is also deleted when your app is uninstalled

What you want to do is, assuming you have the Facebook friends list all at once, save it to a HashMap, and then save that hashmap using the internal file storage.

see here for really well written working code:

Android - SharedPreferences with serializable object

Community
  • 1
  • 1
David T.
  • 22,301
  • 23
  • 71
  • 123
  • 1
    Can you expand a bit on the part "it should be much faster than a SQLite DB"? I always thought DBs were much faster than regular file access. – M Rajoy Nov 09 '12 at 17:29
  • hmm... good question, i guess in my past experiences dealing with databases were always slower than just reading files, plus you can use " getCacheDir() " to get a cached version of your file. i could be wrong. in retrospect, for what you're doing, i think your original approach is just fine the way it is (assuming no legal problems of database vs files) – David T. Nov 09 '12 at 17:34
1

According to this section in our Facebook Platform Policies under section II:

You may cache data you receive through use of the Facebook API in order to improve your application’s user experience, but you should try to keep the data up to date. This permission does not give you any rights to such data.

IANAL, but my interpretation of this seems to be that you can cache data but you do not have the right to store data in a persistent manner.

Another question to think about is how would you maintain consistency with the user's actual friends list. If you did store the data, and then the user adds 5 friends but removes 3 of his old friends, how are you going to update and keep the data fresh in your local database? You would have to pull the user's friends list from Facebook, which kind of ruins the whole point of storing it if you have to fetch it every time anyway (but since you didn't state the purpose of doing so, I assume you have a good reason for storing this rather than just fetching every single time).

Jesse Chen
  • 4,928
  • 1
  • 20
  • 20