ConsenSys recently updated its privacy policy and it’s a sign that data collection and transparency are still hot topics for people in the Web3 ecosystem. The controversy ignited a conversation about how the company can do better in data stewardship and demonstrated that even though the privacy policy update had nothing to do with how ConsenSys will collect data from its users, the company is taking its role as steward of user data seriously.

Data privacy and protection of data’s owners is an increasingly important issue in today’s world. With the rise of the internet and the proliferation of personal devices, more and more of our personal information is being collected, stored, and shared. This information can include anything from our names and addresses to our social security numbers and financial information.

As this information is collected, it is important to ensure that it is protected and that the rights of the data’s owners are respected. Data privacy is about giving individuals control over their personal information and ensuring that it is used in an ethical and responsible way.

One of the key reasons for protecting data privacy is to prevent identity theft. When personal information is not properly protected, it can be accessed by unauthorized individuals who can use it to steal your identity. This can lead to financial losses and damage to your reputation.

Another reason for protecting data privacy is to maintain personal autonomy. We all have a right to control how our personal information is collected, used, and shared. By protecting data privacy, we are able to maintain this autonomy and ensure that our personal information is not used in ways that we do not consent to.

In addition to these individual reasons for protecting data privacy, there are also societal benefits. When data is collected and used responsibly, it can help to advance research, improve services, and drive innovation. However, when data is not protected, it can be misused and lead to negative consequences for society as a whole.

Overall, the importance of data privacy and the protection of data’s owners cannot be overstated. It is essential for maintaining individual autonomy, preventing identity theft, and promoting the responsible use of personal information. By taking steps to protect our own data privacy and supporting efforts to safeguard the personal information of others, we can help to create a safer and more secure online environment for everyone.

Regarding the recent shitstorm ConsenSys and Metamask are facing, it was needed and much appreciated to have some clarification from their side. Talking with Dan Finlay, Co-founder of Metamask, this morning, he stated that “ConsenSys is not willing to sell any data from Metamask’s users”. He also added that “Metamask is currently collecting IP addresses over a period of 30 days and will lower it to 7 days. There is no connection between the wallet address and the IP so we are not able to track users’ information”.

ConsenSys also stated that “These updates aimed to solely provide greater transparency on existing practices”.

While people are freaking out over any information that could be leaked the company share the following informations:

We do not store wallet account address information when a MetaMask user makes a “read” request through Infura, for example in order to check their account balances within MetaMask. We therefore can never associate wallet account addresses to an internet protocol (IP) address based on this type of user activity;

We collect wallet and IP address information in connection with “write” requests, also known as transactions, when MetaMask users broadcast transactions through Infura’s RPC endpoints. The purpose of this collection is to ensure successful transaction propagation, execution, and other important service functionality such as load balancing and DDoS protection, as provided by Infura;

IP addresses and wallet address data relating to a transaction are not stored together or in a way that allows our systems to associate those two pieces of data;

We retain and delete user data such as IP address and wallet address pursuant to our data retention policy. We are working on narrowing retention to 7 days and we will append these retention policies to our privacy policy in an upcoming update; and

We have never and will never sell any user data we collect. We use data strictly in adherence with the use limitations described in our privacy policy. 

It could look like a PR stunt for some of you, but it’s more of a clarification for people that do not take time to read end-user license agreements properly. As your transactions are stored on-chain you’ve never complained that it could impact your online life, and for the last donkeys left in the room, I’d like to remember that most of you used FTX, so you don’t have any crypto left to use Metamask.

The process of ensuring transparency around the handling of end user data remains a work in progress. The ConsenSys team has been hard at work looking at new and innovative ways to provide users with more control over the privacy and security of their data. The ultimate goal is to give users a clear and easy to understand confirmation on how and where their data is processed, stored, and managed. Even if it’s not perfect, in the end they’re still listening to their users and community.