A social login provides a myriad of straightforward solutions for your website or mobile application. The login is effortless for users (one less password to memorize), and will provide you with easy access to both login credentials and social sharing mechanisms for your services. The option may seem like a no-brainer, but don't forget the fine print!
The Facebook Platform Policy outlines a wide range of regulations for using their API technology.
Although privacy laws may vary slightly according to which country your business is based in, the idea is essentially the same worldwide: Let users know what information you collect about them and how you use it.
Here are a few specific regulations that will likely apply to your business:
1. California Online Privacy Protection Act (CalOPPA):
Although this is technically a state law implemented by California, its jurisdiction reaches any business that collects personal information from a California resident. In other words, it applies to most businesses in the USA and beyond.
2. The General Data Protection Regulation (GDPR):
This new and far-reaching regulatory measure will go into effect in May 2018. It applies to any organization that collects personal information from EU citizens.
The Facebook login feature offers more than just an easy login process. The application programming interface (API) software also provides multiple connection features so that users can connect with their Facebook friends or share content directly from within your website or mobile app.
As shown in Facebook's Platform Policy above, Facebook Connect requires the following provisions to be met before using the API software:
Facebook also offers various marketing and advertising solutions that can be used within your website and mobile applications.
As shown in the above screenshot, Facebook's Platform Policy includes requirements for the use of their ad solutions as well.
If you plan to use these services, here are a few basic rules to follow:
Wondery describes the use of information from third-party social networks and how it is used:
Trivago informs users of specific information they use during the registration process, requesting explicit consent from the user:
Basware describes how it uses personal data for Facebook marketing ads and where to find opt-out information:
Twitter also offers API software for connecting your website or mobile app with Twitter. Through this interface, users can login to your website with Twitter, connect with followers, and share your content, depending on the functionality you desire for your business.
As for Twitter's requirements regarding cookies, the University of Reading sets a good example of how to list the Twitter third-party cookies that are used on their site:
Google Sign-In also provides an easy login process and various ways to implement the social network's features into your website or mobile app. You can use the API to view a user's connections and make suggestions based on those connections' activities within your app.
Google goes into even further detail outlining developer guidelines within their User Data Policy:
Instagram is another login API that offers unique social functions to your website or mobile app. The rich resource of photos and hashtags may be used to create dynamic image feeds, among other things.
Since its features and user information are more simple than most social networks, Instagram's privacy requirements are less involved:
According to the policy above, Instagram only has four simple requirements for its API developers:
Bumble uses one short paragraph to encompass all of the information they collect from social media connected accounts, including Instagram:
ThisMoment specifically mentions Instagram cookies in its Cookies Policy:
Although the requirements are slightly different for each social network, the idea is very similar for all: maintain an open, honest disclosure of all personal information you plan to use from social media API platforms.
As long as you follow the Developer Policies provided by the social network you plan to work with, your login API integration should be a smooth and uncomplicated process.