How We Handle User Data

contentpass commits to respecting the privacy-friendly EFF “Do Not Track” (DNT) Policy

Our mission at contentpass is to provide consumers of digital media with choice as to how they support content creators: By accepting advertising and the associated processing of personal data or through direct payments. Our emphasis is on giving the choice to the consumer and ensuring that this choice is respected down the road.

We specifically want to provide a solution for privacy aware users who do not want to accept the pervasive tracking of their personal data when they visit websites or use apps to access digital content. An increasing number of users already started to protect themselves by installing ad blocker or tracking protection plugins and some browsers like Firefox, Safari and Samsung Internet have recently added features that aim at preventing undesired tracking.

Since 2009, there also exists the so-called “Do Not Track (DNT)” standard draft, a mechanism to signal to web servers that a user does not want to be tracked. While all major web browsers support this standard today, it has unfortunately not seen wider adoption on the content and service provider side yet (with Medium, where this text is posted, being one of the few exceptions). However the upcoming EU ePrivacy regulation might make DNT a legally binding mechanism.

Irrespective of these anticipated regulatory changes, recent numbers indicate that there is a high demand for “Do Not Track”: As of January 2018 we see that more than 20% of users have already activated the feature in their web browser.

To underline our efforts in protecting our users’ privacy, we are happy to announce that as of today we will officially honor all aspects of the EFF “Do Not Track (DNT) Policy” on all our service domains (i.e. *.contentpass.net).

While we have already fulfilled most requirements of this policy before, we recently made two adjustments to our systems to become fully compliant:

1. For HTTP requests that send the “DNT: 1” header we only store simplified User Agent strings where we only keep the browser family (like “Firefox” or “Safari”).
2. We have disabled technical log files to work around a current limitation of our hosting provider (see below).

Apart from this — and even for all users who do not activate “Do Not Track (DNT)” in their browser — we continue to ensure that:

• we do not store any IP addresses (not even truncated IP addresses).
• we do not collect any personally identifiable information (PII).
• we do not collect any sort of unique user identifiers (uid) that would allow reconstruction of a browsing session.
• we do not collect device information which would allow device fingerprinting (i.e. no screen resolution, no information about installed plugins, etc.).
• we do not perform any cross-domain and/or 3rd-party tracking.

We believe that the best way of protecting the data of our users is to not even collect or store it in the first place.

However, for the data that we do store and process, we take data security very seriously: We are hosting all our services in EU regions on Google Cloud Platform (GCP) and ensure that all connections to our systems are always securely encrypted. We feel confident that GCP offers the highest level of data security that is commercially available in order to run a GDPR-compliant web service. Just as an example, GCP was protected against the Spectre and Meltdown security vulnerabilities months before information about the vulnerabilities was publicly disclosed.

Unfortunately GCP still has some limitations that make it harder to implement the EFF DNT policy. In particular technical logs like load balancer logs, that are useful for debugging and performance monitoring, contain full User Agent strings and IP addresses and are retained for 30 days, while the DNT policy only allows for a maximum of 10 days. We are actively working with Google on resolving this issue. Until we are able to reduce the retention period of log data to the required 10 days we have decided to use “log exclusion filters” to exclude all sensitive logs from being recorded at all.

We are committed to protecting our users’ privacy and we hope that DNT mechanisms will find broader acceptance in the media and publishing industry soon. We’re happy to share more details about our privacy-friendly approach to product design here on our blog. If you have any questions or suggestions, or if you want to join us and make your product DNT compliant, please get in touch with us!