Questions to ask all privacy services

From PrivacyWiki

Introduction

Questions to Ask All Privacy Services (QtASK) helps consumers and consumer organizations make more informed and objective assessments about privacy services. Who owns your favorite privacy service? What if it's a pay-per-click ad tracking company — or even Facebook or Google? QtASK seeks answers to important questions like this.

QtASK (sponsored by PT and spearheaded by consumer privacy advocate and former auditor Liz McIntyre) worked with the privacy community to develop a list of standard questions designed to gather information about privacy service ownership, data processing, security and consumer policies. PT intends to ask all its recommended services the questions, but other organizations are encouraged to use the questions (and published responses), as well.

Using standard questions helps ensure all companies are asked for the same key information without oversights. Standard questions also make the process of evaluating and recommending privacy services more transparent and fair. Questions and answers should be posted publicly — ideally, in a way that allows for quick assessment that highlights non-answers, incomplete answers or problematic answers.

This resource should be very helpful, but it is not perfect. Questions should be the starting point in assessing a service since answers (or the absence of them) may prompt important follow-up questions. Answers should be assessed for accuracy and completeness as much a possible. For example, it would be wise to verify reported ownership information against public records. The QtASK questions should be re-evaluated at least annually to ensure they are comprehensive enough for their purpose without being overly burdensome. In addition, services should be asked to update their answers as service changes are made and/or annually, to verify that they continue to operate as they claimed to do.

List of Questions (waiting for final PT approval)

Questions

  1. Who owns the company/organization? What percentage does each owner hold? (December 31 of prior year and current date)
  2. Have you changed how information is processed and shared in the last year?
  3. Do you share data -- even "fuzzed" or "anonymized" data -- with any of the owners/shareholders or any other company or organization server?
  4. Please share a diagram showing how information flows when a user interacts with your service.
  5. Which components of your service are not open source? Where can we find the code for the open source components?
  6. Have you had any independent audits in the last three years? Please share the dates of those audits and audit reports.
  7. If you require sign-up or account creation, do consumers have easy access to tools to delete their data? Can they delete everything on the servers or just the local cache?
  8. Is there a way for consumers to view any information you have collected about them?
  9. What is your business model? How do you fund operations and make money?
  10. Do you offer a transparency report? Warrant canary?
  11. How is data secured (in transit and at rest)?
  12. Who has access to customer data?
  13. What 3rd parties have access to customer data?
  14. What processes do you have in place if there is unauthorized access to data?
  15. What customer data is collected, how often, and in what level of identification?
  16. Will changes to your Terms & Conditions and privacy policies be communicated to end users at least 30 days in advance of any changes? How will these changes be communicated?

Last update

XX/XX/XXXX

Companies that have answered the questions to date

Note:

Some organizations have not answered all QtASK questions or have not answered them fully. These answers are are highlighted in red. Links to their responses are listed here for reference only, not as a recommendation of the service.

Answers are only modified for formatting and typographical purposes to help with page structure and aesthetics.


Answers

CTemplar
  1. Who owns the company/organization? What percentage does each owner hold? (December 31 of prior year and current date)
  • I have owned 100% of this company since it’s creation.
  1. Have you changed how information is processed and shared in the last year?
    • We have not changed how any information was processed or shared.
  2. Do you share data – even “fuzzed” or “anonymized” data – with any of the owners/shareholders or any other company or organization server?
    • I am the only shareholder, only owner and control all the voting rights. I don’t retain or share any information whatsoever. The idea of sharing others information, even fuzzed or anonymized, is repulsive to me. That’s why I created this company.
  3. Which components of your service are not open source? Where can we find the code for the open-source components?
    • Our front end code resides here - https://github.com/CTemplar/webclient. The back end is not open source. This is what most every other service does I think. If both our front and back end were made available, then someone could create perfect clones of the service. Our back end code has no access to E2EE emails, it is ‘blind and dumb’ to what happens in the users browsers.
  4. Have you had any independent audits in the last three years? Please share the dates of those audits and audit reports.
    • We have had two independent audits done at launch. I’ll have to look for those.
  5. If you require sign-up or account creation, do consumers have easy access to tools to delete their data? Can they delete everything on the servers or just the local cache?
    • Yes, users can delete everything instantly; no backups are kept of anything that’s deleted. If a user deletes their account, it is deleted instantly.
  6. Is there a way for consumers to view any information you have collected about them?
    • We collect nothing and when a person signs out of their inbox, all records and data of their visit are purged from our system. They are shown a screen telling them all their usage data is deleted every time they exit their inbox.
  7. What is your business model? How do you fund operations and make money?
    • CTemplar’s business model is offering paid accounts. We will never accept any donations, grants or investment from any outside source. I can prove this by making my companies shareholder corporate data available. But I won't be posting that publicly and I will require a signed NDA.
  8. Do you offer a transparency report?
  9. How is data secured (in transit and at rest)?
    • In transit we use the latest encryption methods with a reasonable balance between security and compatibility. For CT to CT we apply PGP encryption on top.
  10. Who has access to customer data?
    • The CC payment processor has access to user's payment information. Necessary developers have access to customers encrypted data so they can do their job.
  11. What 3rd parties have access to customer data?
    • Our payment processor has access to people’s payment information if they pay with a credit/debit card. No other 3rd parties have access to any customer data whatsoever.
  12. What processes do you have in place if there is unauthorized access to data?
    • Users data is encrypted when sent/recorded on the server. If there is unauthorized access they will only be able to obtain encrypted content. We will be supporting E2EE encrypted metadata within the next few months also.
  13. What customer data is collected, how often, and in what level of identification?
    • When you visit our website, your browser sends us your user-agent and IP address. When you leave our site, no records are kept of your IP address with an association with your account. The IP’s might be stored anonymously for up to 7 seven days if it is required to defend against attacks. If you visit using our Onion site, then your real IP address is not seen.
  14. Will changes to your Terms & Conditions and privacy policies be communicated to end users at least 30 days in advance of any changes? How will these changes be communicated?
    • We will announce changes to our PP and ToS by posting it on Reddit/Twitter/Facebook. I am happy to do it in other ways also.
  15. Do you plan on making your software available on F-droid? If not, why?
    • Yes, we will make it available on F-droid on March 2nd. We will be officially launching both the iOS and Android apps at the same time. Both the Android and iOS apps will be open source on github.
  16. Another user commented on the issue about this entry from your blog (https://ctemplar.com/ddos-cdns-sri/) where you state that you will end up using Cloudfare services if you can’t handle a DDoS attack. Will you be using your regular service after the attack finishes? Are you planning on implementing something to not depend on Cloudflare?
    • We decided to remove that policy today; we will handle all DDOS attacks by our self. We will never use Cloudflare or any CDN’s in any situation.
Cyber
  1. Who owns the company/organization? What percentage does each owner hold? (December 31 of prior year and current date)
    • There is no company/organization at all. We do not believe in legislation. We do not believe in law by default. There is a DAO (a decentralized autonomous organization on the blockchain, run with the help of smart contracts) that is called cyber~ Congress. For launching the protocol and for financing its first 3 years of work (roughly 1.2 million USD - disclosed in our FAQ's), it receives up to 10% of THC tokens, which it will stake (on the same "rules" as the other participants) and receive an equal amount of CYB tokens. The funding of the protocol is the following: the first round of donations goes to cyber congress, which will be staked for a validator, and the rewards will be used by cyber~Congress to fund proposals from team members (for example one of those is the ecosystem fund to help evolve the protocol). The main round of donations will be governed by the community itself, which is going to be held in ETH, thorough governance proposals. There was also an initial donation round, in which 10 people participated (although it was open to the broad public), for which they will receive up to 10% of CYB tokens too. All this info is public on our GitHub, in our White paper and our economic docs. By our calculations, the congress and affiliated people will have up to 14% of the tokens. We understand that this is quite a lot. And our goal is to wash down to 2% in the next 15 - 20 years (of course I am referring to the tokens of the congress. We cannot washdown the tokens of non-congress members, even if they are affiliated). In any case, the whole protocol is community-governed. It should also be noted that 10% were gifted to the following communities: 8% to over 1 million ETH addresses, 1% to ATOM addresses and 1% to Urbit addresses.
  2. Have you changed how information is processed and shared in the last year?
    • No, we use GitHub for ALL of our information. It is our goal to open-source ALL the information that we produce. The blog, website, etc are all run from our GitHub account. There is, of course, Twitter, reddit, etc which aren't. But they are all public.
  3. Do you share data -- even "fuzzed" or "anonymized" data -- with any of the owners/shareholders or any other company or organization server?
    • We do not collect any data. The blockchain is, of course, open to the public. All transactions are hashed of course.
  4. Please share a diagram showing how information flows when a user interacts with your service.
  5. Which components of your service are not open source? Where can we find the code for the open source components?
  6. Have you had any independent audits in the last three years? Please share the dates of those audits and audit reports.
    • No, we have not done any audits of the code yet. It is open to the public.
  7. If you require sign-up or account creation, do consumers have easy access to tools to delete their data? Can they delete everything on the servers or just the local cache?
    • There is no sign-up as such. An identity is a pair of keys created on the blockchain.
  8. Is there a way for consumers to view any information you have collected about them?
    • We do not collect consumer information. Any user can open the explorer to see available info about any transaction, account, etc
  9. What is your business model? How do you fund operations and make money?
    • As of now, the project is self-funded. In the future, it is planned to fund from the staking rewards of ATOMs.
  10. Do you offer a transparency report? Warrant canary?
    • No, the project is open-sourced. 100%
  11. How is data secured (in transit and at rest)?
    • It is secured by the blockchain. The more nodes that will be connected to the protocol, the better security it will have. The more tokens will be staked, the more secure the chain will become.
  12. Who has access to customer data?
    • Anyone with access to the blockchain/explorer, but there is no customer data as such to see there.
  13. What 3rd parties have access to customer data?
    • None.
  14. What processes do you have in place if there is unauthorized access to data?
    • This means the blockchain has been hacked. As of today, this has never happened. If such a case arises, it will mean a lot of changes in cryptography generally. But in terms of a solution, I believe a fork is possible. Bu this will be decided by a governance protocol.
  15. What customer data is collected, how often, and in what level of identification?
    • None, in terms of "data collection", but, each cyberlink contains hashes of what was linked, when, with what weight and by which node. When Cyb, the browser is out and stable, I assume that some people would sell their own data, via APIs. We cannot control this. The browser in our case will be a personal application on top of the protocol that the user and only the user controls.
  16. Will changes to your Terms & Conditions and privacy policies be communicated to end users at least 30 days in advance of any changes? How will these changes be communicated?
    • We do not have terms & conditions as of now. The license is: don't believe, don't fear, don't ask
  17. Do you commit to notifying consumers at least 30 days in advance if you plan to sell your service or take on new investors/owners? How will this be communicated?
    • After the donations and governance contracts, the protocol is solely community governed. It will be up to the protocol to decide on such things, how to communicate this, etc. All the information provided is true and correct to today (12/01/20). Once again, the idea of the protocol is to be community governed via a set of smart contracts and economy. The governing protocol may change pretty much anything that is parametrized (which is almost everything...) though voting mechanisms and A/B testing.
Infinity Search - ownership information not provided!

This text is collapsible. Template:Lorem

SimpleLogin

This text is collapsible. Template:Lorem

Unshort.link

This text is collapsible. Template:Lorem