LimeTech Privacy Policy discussion

itimpi

By itimpi
in Pre-Sales Support

Recommended Posts

itimpi Grand Master

itimpi

Posted
Posted

Also point me in the direction of where I can submit a FOI on the information they hold on me. That's a legal requirement in the UK, does this hold true in the US?

Is this true?  I thought the FOI act only applied to information held by public bodies and companies that provide relevant information to pubic bodies?  Not sure if there is something under the Data Protection Act that allows for similar requests.
Link to comment
limetech Veteran

limetech

Posted
Posted

Let's dispel the nonsense.  Our Privacy Policy is a section of a larger Policies statement:

https://lime-technology.com/policies/

 

Perhaps it's time we update that section to include stuff about the "phone home" function of Trial, beta, and rc releases.  Contrary to what the trolls imply, there is nothing nefarious or unethical going on.  Your "personal data" (what little there is that we keep) is not at risk... well maybe it can be as a result of a US Court Order.  I will explain.

 

First let's talk about Trials.  Running unRAID OS in Trial mode requires a Trial key.  To get a Trial key you have to request it via the webGui.  You also have to provide an email address.  After the key is generated we keep a record of that USB flash GUID linked to the email address supplied.  We also know the IP address of the original request.  At present all three pieces of information are kept on our key server database:

- the USB flash GUID

- the email address

- the IP address

Each time a server boots with a Trial key, it contacts our key server, sending it the USB Flash GUID.  This is done to validate the Trial.  We also log the IP address of this request.  The reason we log the IP address is mostly because it's available, so why not?  We are open to discontinuing that, or maybe perform a 1-way hash on the IP and storing the result.

 

re: beta and rc releases.  This is done exactly the same as Trial.  The one difference though, is that if it's a paid key, then we can link the GUID to a person or entity that originally purchased the key.

 

Hence if we receive a valid court order asking us to see if there is a customer associated with a specific IP addres, if we can link that to a GUID then, for Trials, all we can give them is an email address.  For paid keys, we can give them an email address plus purchase details, but getting at something like a CC number would require interaction with our merchant service provider or PayPal (and they won't give that up without good cause, e.g., fraud investigation).

 

Ok so that's how it works today.  Honestly we don't think we are doing anything different than most other companies and we are not "trying" to collect info on any particular person or entity.  However in performing this review, I can see that a lot of trouble can be avoided if we get rid of IP address logging; we are looking into that now.

 

Also with next release (as of this date will be 6.2.0-rc5) we will get rid of "phone home" for release version validation (but it will be kept for time-limited Trials).

Link to comment
NAS Experienced

NAS

Posted
Posted

Let's dispel the nonsense.  Our Privacy Policy is a section of a larger Policies statement:

https://lime-technology.com/policies/

 

Wow look at that. Who would have thought to look in the About:Policy section of a company's webpage for their policies? It is just so crazy of a place that it almost makes sense. Not as much sense as a witch hunt, but ... yeah ... moving on.

 

Given how much amazing progress has been made over the last 24 hours this kind of comment doesn't help. :)

 

I will post more later if I get time but the privacy policy is quite clearly a website policy and not detailed enough to the OS product itself.

 

Just as an example it doesnt define the scope of the policy.

 

Take a look at the Ubuntu policy which IMHO is a shining example of how it can be brief but complete http://www.ubuntu.com/legal/terms-and-policies/privacy-policy

Link to comment
mostlydave Contributor

mostlydave

Posted
Posted

I don't think anyone appreciates the "troll" comment, you could easily replace it with "paying customers". I don't think you're doing yourself any favors name calling like that.

 

There's nothing nefarious or unethical about having genuine questions and discussion about the OS that houses your data.

Link to comment
danioj Community Regular

danioj

Posted
Posted

Let's dispel the nonsense.  Our Privacy Policy is a section of a larger Policies statement:

https://lime-technology.com/policies/

 

Perhaps it's time we update that section to include stuff about the "phone home" function of Trial, beta, and rc releases.  Contrary to what the trolls imply, there is nothing nefarious or unethical going on.  Your "personal data" (what little there is that we keep) is not at risk... well maybe it can be as a result of a US Court Order.  I will explain.

 

First let's talk about Trials.  Running unRAID OS in Trial mode requires a Trial key.  To get a Trial key you have to request it via the webGui.  You also have to provide an email address.  After the key is generated we keep a record of that USB flash GUID linked to the email address supplied.  We also know the IP address of the original request.  At present all three pieces of information are kept on our key server database:

- the USB flash GUID

- the email address

- the IP address

Each time a server boots with a Trial key, it contacts our key server, sending it the USB Flash GUID.  This is done to validate the Trial.  We also log the IP address of this request.  The reason we log the IP address is mostly because it's available, so why not?  We are open to discontinuing that, or maybe perform a 1-way hash on the IP and storing the result.

 

re: beta and rc releases.  This is done exactly the same as Trial.  The one difference though, is that if it's a paid key, then we can link the GUID to a person or entity that originally purchased the key.

 

Hence if we receive a valid court order asking us to see if there is a customer associated with a specific IP addres, if we can link that to a GUID then, for Trials, all we can give them is an email address.  For paid keys, we can give them an email address plus purchase details, but getting at something like a CC number would require interaction with our merchant service provider or PayPal (and they won't give that up without good cause, e.g., fraud investigation).

 

Ok so that's how it works today.  Honestly we don't think we are doing anything different than most other companies and we are not "trying" to collect info on any particular person or entity.  However in performing this review, I can see that a lot of trouble can be avoided if we get rid of IP address logging; we are looking into that now.

 

Also with next release (as of this date will be 6.2.0-rc5) we will get rid of "phone home" for release version validation (but it will be kept for time-limited Trials).

 

You locked the thread I started but I wanted to say thank you for posting the detail about the "call home" feature I asked for. I would have said that sooner but had a break in and have been rebuilding things since.

 

I had follow up questions but they are being addressed by the 2 threads that have spawned/renewed activity since re security and privacy.

 

...

Take a look at the Ubuntu policy which IMHO is a shining example of how it can be brief but complete http://www.ubuntu.com/legal/terms-and-policies/privacy-policy

 

Thoughts?

 

@NAS @iconicbadger @others thank you very much for driving these important issues! All valid and I am in complete agreement.

Link to comment
  • 2 weeks later...
NAS Experienced

NAS

Posted
Posted

Currently we are not making any progress at all.

We have updated our Policies page with more details regarding Privacy:

https://lime-technology.com/policies/

 

Since it is not on the wiki I cannot see change control, however to my eye this is really starting to take shape.

 

Glaring omissions:

 

Retention (what and how long you keep all data and if different for stale data)

Law enforcement. Who can request information, under what circumstances and what legal system the privacy policy operates under.

Online Update section contains no information on what is passed and stored

 

I still have some concerns because if you look at the data being stored end to end we have:

 

name

billing address

e-mail address (multiple)

time limited credit card/paypal information which may include alternate contact details

IP address through which the registration is initiated

IP address through which products are purchased

IP address of forum access

IP address of feedback

IP address of update checks

GUID of the USB flash device at at purchase, trial run and update (TBC)

 

This is a lot of information and quite a bit of cross referencing could happen to keep the relationships fresh and relevant.

 

Note: Comments made based on the actual current wording.

Link to comment
limetech Veteran

limetech

Posted
Posted

Currently we are not making any progress at all.

We have updated our Policies page with more details regarding Privacy:

https://lime-technology.com/policies/

 

Since it is not on the wiki I cannot see change control, however to my eye this is really starting to take shape.

 

Glaring omissions:

 

Retention (what and how long you keep all data and if different for stale data)

Good point.  Everything is kept forever.  If someone specifically asked us to purge all information related to them we would probably do it insofar is possible.  No one ever has except for a couple cases where someone wanted to delete their forum account and all messages.

 

Law enforcement. Who can request information, under what circumstances and what legal system the privacy policy operates under.

We are a DE corp with headquarters in CA, so it would be under those jurisdictions (only).

 

Online Update section contains no information on what is passed and stored

At present unRAID OS executes a 'wget' to fetch a file from github to do the update check, and a 'wget' from Amazon S3 to fetch the actual release zip file.  We don't log any information.  Could be that github and/or Amazon logs IP address but don't know (and don't care).

 

I still have some concerns because if you look at the data being stored end to end we have:

 

name

billing address

time limited credit card/paypal information which may include alternate contact details

IP address through which products are purchased

Only for purchases.

 

e-mail address (multiple)

IP address through which the registration is initiated

IP address of forum access

IP address of feedback

All of which are non-personally-identifyable (I guess e-mail could be for purchases).

 

IP address of update checks

Not at present.

 

GUID of the USB flash device at at purchase, trial run and update (TBC)

This is a lot of information

A lot of information?  I don't think so.  Take a look at Microsoft's privacy policy.

 

and quite a bit of cross referencing could happen to keep the relationships fresh and relevant.

What do you mean by this?

 

Look, people seem to think we are "gathering info on them".  Nothing can be further than the truth.  All the info we "gather" is simply made available by anyone using the internet, and is necessary to conduct business.  In fact we go out of our way to not save information, such as credit card details and anonymization of log data for example.  I guess the one piece of information we could not "log" might be IP address.  But anyone worried about an IP address being traced back to them already has in place well known mechanisms to deal with that.

Link to comment
NAS Experienced

NAS

Posted
Posted

Excellent clarifications, we need to make sure this information is promoted to the actual policy.

 

Something I now realise when i read your "Look, people seem to think we are "gathering info on them" reply is that no one has actually said out loud that the USERS primary focus on this is almost certainly not directed at LT themselves. It is the information that can be lost by either a accident, breach or by direct legal request. This is when "cross referencing" comes into play where an attackers or agency data mines and relates all information to either exactly describe a vector or estimate one e.g. James from Iowa purchased unRAID with IP X and hostname Y. Forum logs shows Jane has similar IP. Jane is probably an alias of bob. Google mining says Jane also uses forum Y etc etc etc

 

From a COMPANY standpoint the less you track the better as it is all stored at your liability and is why full disclosure is needed to mitigate both risk and PR issues should something bad happen.

 

But I will comment directly on this, "All the info we "gather" is simply made available by anyone using the internet,".

 

unRAID is not just a random website you are the purveyor of an entire operating system and have a much larger privacy burden than almost any other computer product in existence.

 

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing