149
you are viewing a single comment's thread
view the rest of the comments
[-] Chozo@fedia.io 203 points 4 months ago* (last edited 4 months ago)

From noplace's FAQs: *

do you collect my data?

we use your phone number as a way for you to sign up and log into the app. that's the only thing about you we collect.

we don't share your number or anything else about you with third parties like some other apps do. we want you to be able to securely log in and chat with ur friends, that's it.

Emphasis mine. Now their privacy policy: *

Types of Data Collected

Personal Data While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Phone number Usage Data Usage Data Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

So, it looks like they're starting off with lies right at the top, like every other tech startup.

EDIT: To also address the "we don't share your number or anything else about you with third parties" part, the privacy policy also outlines exactly how they will share your data with third parties:

We may share Your personal information in the following situations: [...] With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.

Go fuck yourselves, noplace.

EDIT: Another issue I just found with their FAQs:

is this a crypto thing?

wut? no.

I thought it was weird that crypto would be a frequently-asked question for what appears to otherwise be a pretty generic-looking social network. Then I found that noplace's parent company, Islands XYZ, was originally launched to be an NFT platform of some sort, financially backed by our old friend Alexis Ohanian.

https://www.forbes.com/sites/alexkonrad/2021/11/30/web3-startup-islands-creators-nft-communities-launch/

So they're totally not a crypto thing. Definitely not crypto. 100% something other than crypto.

Guys, I swear they're not a crypto thing.

[-] AstridWipenaugh@lemmy.world 74 points 4 months ago
  • Your Device's Internet Protocol address (e.g. IP address), - absolutely necessary for anti-ddos techniques
  • browser type, browser version, - necessary for UX to build a functional website for the browsers that customers actually use
  • the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, - critical for determining what is popular and what isn't to improve how the interface is designed and what parts are pulled forward and what parts are hidden in menus
  • unique device identifiers and other diagnostic data. - useful for determining how often you switch devices and the performance and other experience metrics to drive making the app more user friendly

I work on web software professionally and this is a pretty minimal list that is completely justifiable for maintaining operations. If you can't answer basic questions like "what are users doing with the app?", you can't make intelligent decisions about how to improve it.

There's a lot of the same stuff here: https://legal.lemmy.world/privacy-policy/

I don't know anything about this app or company so I'm not going to defend them, but there aren't any real red flags here. If this amount of data collection bothers you, you really should stop using the internet in general.

[-] ayaya 7 points 4 months ago

Yeah as someone who has worked in web development for over 20 years everything in here is completely standard. Almost every major website in existence collects this kind of analytical data.

[-] Cryophilia@lemmy.world 3 points 4 months ago
[-] ayaya 8 points 4 months ago* (last edited 4 months ago)

Like the comment I replied to already explained, this information is necessary to make informed development decisions. If you don't know who is using what feature you might be wasting resources on something barely anyone uses while neglecting something everyone needs.

You also need some of that data for security purposes. You can't implement rate limiting or prevent abuse if you can't log and track how your services are being interacted with.

And this is aggregate data. I can promise you not a single person cares about what any individual user is doing (assuming it's not illegal)

[-] Cryophilia@lemmy.world 1 points 4 months ago

It should all be opt in. Aggregate data can be used to personally identify, and even when it's not, it has its own negative effects.

[-] ayaya 3 points 4 months ago

It should all be opt in

Then you introduce self-selection bias and the data is worthless.

Aggregate data can be used to personally identify

You can't identify someone based on how they interact with a service. If you spend 5 minutes on one page and 2 minutes on another that could be anyone. Even if you for some reason personally knew someone's browsing habits it would be nearly impossible to pick them out in a sea of millions of data points.

I see you linked privacyguides.org in the thread as "alternatives", one of the services it recommends is Proton (Mail, Drive, etc.). Look at their privacy policy:

2.1 Visiting proton.me or protonvpn.com website: We employ a local installation of self-developed analytics tools. Analytics are anonymized whenever possible and stored locally (and not on the cloud). IP addresses are not retained and stored for such analytics.

When you use our native applications, we (or the mobile app platform providers) may collect certain information. We may use mobile analytics software (e.g. fabric.io) app statistics and crash reporting, Play Store app statistics, App Store app statistics, or self-hosted Sentry crash reporting to send crash information to our developers in order to rapidly fix bugs.

Or how about addy.io that privacyguides recommends for email forwarding? From their privacy policy:

We use a self-hosted instance of Umami, an open-source, privacy-focused and lightweight option for website analytics. All the site measurement is carried out absolutely anonymously.

ALL online services collect this kind of data. Even the privacy-focused ones. There is nothing nefarious about it.

[-] Cryophilia@lemmy.world 1 points 4 months ago

"Analytics are anonymized whenever possible" is vastly more reassuring than "we use all this data".

load more comments (12 replies)
load more comments (19 replies)
this post was submitted on 04 Jul 2024
149 points (87.8% liked)

Technology

59562 readers
3432 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS