DisclosureI have been following Status as a project for about 2.5 years, possibly slightly more. In my personal opinion Status is one of the most interesting projects on the market right now, more so – one of a kind. I also hold some SNT.
This message by no means is intended to cause harm, hype or is negatively addressed at Status. On the contrary, as a someone who thinks Status is one of the most interesting projects on the market, I would like to clarify the questions and prove that Status is, in fact, the project I think it is.
Before we go on forward, let me say that: I might as well be overreacting, mistaken or simply misreading the documents. I am also not a legal expert, however, I can use my logic and have the right to protect my views/concerns.
Upon reading the agreement I came at some phrases that led me to think, that for a privacy orientated application, the data collection policy is a bit, shall I say`steep` (over the edge).
My concernNow, I am the type of person who probably labels himself as the less caring about governments, borders, fiat money, legalization, etc.
However, I am old enough to understand that (1) in the words of Madonna “we are still living in a material world” and (2) Status has a legal entity and hence follows certain principles and abides certain rules, which in a world of true anarchism, IMO is perfectly normal.
Each company/project/person has the complete right to do what and how they think is best.
Being nosy and of the curious kind, I decided to read the doc thorough and stumbled upon certain phrases that raised my attention (here are some of them):
- Unless specified otherwise, all Data requested by this Application is mandatory and failure to provide this Data may make it impossible for this Application to provide its services.
- Users are responsible for any third-party Personal Data obtained, published or shared through this Application and confirm that they have the third party’s consent to provide the Data to the Owner.
- In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of this Application (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes
- The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as the following: Platform services and hosting.
Now, there are several other phrases which ring my alarm bells, but these are enough as examples.
To be fair and open, the data collected (it is listed in several places on the policy) isn’t actually that bad.
Yes, it’s enough to give the app an overview and a picture of the users’ behaviour and possibly resell that data. It is also enough to incriminate a user if he/she/they do something that is considered to be illegal by a certain party and that data is shared with those who consider this deed to be illegal.
Which for some may be right, but who decided on what is legal and what is not (irrelevant question for this discussion, of course).
I stated in the beginning that I am no legal expert, but I did compare some privacy orientated privacy policies. For example:
The conclusionAm I overreacting? Well, I do not think so, as I am not making any bold statements and/or jump to conclusions, I simply do not have the needed expertise for those. This post is intended as self-clarification from Status and or from other, more expert users, who can calmly and without judgement read thorough the docs (I am certainly not interested in holy-wars, guesses and other bingo bullshit discussions, so please refrain from any such comments).
However, it does seem odd to me that a privacy-oriented app, has such a long list of what it can and what it might do with the user data, even if it is not planning to do so. Of course, as a legal entity Status is trying to protect itself and follow the rules.
Will be glad to upgrade any of this, update what I wrote after clarifications, etc.
from Ethereum https://www.reddit.com/r/ethereum/comments/f3pqm6/status_privacy_policy_a_public_inquiry_about_the/
Register at Binance