Discourse tracks my IP with DNT setting enabled

(Josh Habdas) #1

I searched both the forums and the codebase and have not found a duplicative or related issue outside a dev discussion on monetization. This is a privacy-related issue relating to Publicly Identifiable Information (PII).

My interpretation of the Right to Be Forgotten under GDPR means we should use the tools available to us in an effort to respect users’ right to privacy. In many cases honoring an individual’s privacy rights under GDPR has resulted in cookie disclaimers, and even built in to some analytics tools in leu of what to me seems an obvious—though potentially abrupt—fix of a wholesale move to using the Do Not Track (DNT) functionality already available in all modern browsers.

Would it be possible to leverage this setting to allow users to anonymize their own IP addresses?

Thank you.

(Jeff Atwood) #2

I suggest using a VPN if you want to fully obscure your IP address from every website in the world. That’s the traditional way.

Some basic IP tracking is necessary for fundamental abuse and crime prevention. We try to avoid tracking IP except in cases where it is necessary for community security and safety.

We’ve had an anonymize feature for quite some time – we strengthened it under GDPR substantially. At any time you (or any member of a Discourse community) can request your account be anonymized and this permanently removes your personal information from the account.

(Josh Habdas) #3

Thanks for your prompt reply, Jeff. I’m a big fan of your work and have spent many hours reading the content on your blog. I appreciate your stance and would encourage Discourse to consider implementation of this feature under default with a flag to disable it—triggering a natural consideration of the Privacy Policy.

As an aside, most VPNs I’ve seen either log users explicitly, oftentimes, and possibly inadvertently, track their use of the VPN via ads, or are paid services hosted in jurisdictions where no log policies are suggested but companies may be served with gag orders and lawfully tap user data with or without probable cause.

While I respect the need for fraud and crime prevention, I do not feel this is something which would fall into the core needs of the 80% of most Discourse sites (though I may be wrong).

Thanks again!

(Mittineague) #4

I believe you would be wrong. What IP(s) is (are) used is one of several bits of information that is very important for dealing with problem accounts.

TBH, I fail to see how an ISP’s IP could be considered PI. True, I imagine a government agency could use it to help them drill down to an individual. But a forum wouldn’t have that ability.

(Josh Habdas) #5

At the forum-level the concern is less about central intelligence and more about ease of cyberbullying.

(Andrew Schleifer) #6

You changed an important word there.

It’s primarily a tool for staff to prevent abuse, and every forum needs those tools to deal with things like

(Leo McArdle) #7

I wouldn’t say Discourse’s use of IP addresses really falls under the purview of DNT - which my understanding has always been about tracking users across sites.

So, the way we respect DNT on Mozilla Discourse is by conditionally loading our GTM script based on it:

An (optional, because it does rather skew analytics) feature like this might be nice to see in core Discourse.

(Josh Habdas) #8

Thanks for sharing, Leo. I’m of the mind Google and others should be doing more to respect these things on their own. But until pushed harder I’m not confident that’ll happen. In the open source world, however, we have the opportunity to proactively make positive changes and I’m delighted to see Mozilla is doing that and sharing it with others.

Regarding my concern for cyberbullying, the concern actually rests more on mods misusing their power to censor and shame individuals—something which recently happened to me on the Hugo forums before I requested my account be deleted (though it was only anonymized). I won’t get into details, but the incident eventually led some of my WTFPL-licensed software to be removed from their theme gallery. All in all it’s probably a blessing I don’t have to cope with the moderator behavior I experienced there anymore—recently a topic of scrutiny brought up by someone else were I called to their attention how to report bad moderator behavior based on what I’ve learned here on Meta. Cheers.