MetaMask privacy concerns, ConsenSys responds to the backlash

On Dec. 5, CryptoSlate ran an article on privacy concerns related to the use of MetaMask wallet, specifically how a recent public disclosure revealed the logging of user IP addresses.

In response to the backlash, MetaMask’s parent company ConsenSys released a statement addressing the concerns raised.

Crypto community uneasy over data collection policy

An updated privacy policy, released on Nov. 24, revealed the tracking of users’ IP addresses upon sending transactions, which applies to users who leave the default Remote Procedure Call (RPC) setting as Infura.

This sparked a wave of criticism from the crypto community, with some expressing unease over the data collection policy. Strategies shared to circumvent the tracking of IP addresses included changing the RPC setting to another provider and running an Ethereum node.

ConsenSys pointed out that the updated privacy policy was actioned to bring greater transparency to its operations. But logging IP addresses upon sending transactions was always carried out in the ordinary course of MetaMask use.

“These updates aimed to solely provide greater transparency on existing practices and did not describe a change in our business practices.”

Nonetheless, the company said the community feedback had prompted them to “better prioritize the privacy of MetaMask and Infura users.” For that reason, ConsenSys wanted to clarify misunderstandings and provide details on what it is doing to address privacy concerns.

ConsenSys said it supports user agency

Having read the Terms of Service, the founder of Boxmining, Michael Gu, speculated that MetaMask may log IP addresses when opening the wallet, not just when sending transactions.

ConsenSys’s statement clarified “read” requests, such as opening the wallet to check balances, do not log IP addresses. But “write” requests, when actioning transactions and via Infura endpoint service, do collect an IP address to ensure “successful transaction propagation, execution, and other important service functionality such as load balancing and DDoS protection.”

The company also wanted to make clear that:

• IP addresses and wallet address data relating to a transaction are stored separately, so they cannot be associated together.
• User data, including IP addresses, is deleted in line with the company’s data retention policy. Plans are in place to lessen the deletion turnaround to seven days.
• It does not sell collected data to third parties.

Commenting on changing the RPC provider to a non-Infura alternative, ConsenSys warned that users who do that are still subject to the data policies of the new endpoint provider. While running a node is no guarantee of masking an IP address.

“From a privacy perspective, we caution that these alternatives may not actually provide more privacy; alternate RPC providers have different privacy policies and data practices, and self-hosting a node may make it even easier for people to associate your Ethereum accounts with your IP address.”

Nonetheless, from next week onwards, users will have access to a new advanced settings page, enabling the selection of alternative RPC providers and the functionality to reject third-party services. In addition, further development work will go into securing the RPC process, including risk warnings on suspect providers.