The following is quoted verbatim from the draft Privacy Policy provided by WordPress. The italicized notes are by me.
“WHO WE ARE
Suggested text: Our website address is: “
fairyshrimpchronicles.net, but you probably already know that.
If you have questions about the web site, send an email to hiker@fairyshrimpchronicles.net.
“COMMENTS
Suggested text: When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.”
I have no interest in your IP address or browser user agent and don’t save or use them although WordPress code may without my approval. You should be using a VPN or Tor anyway. The name, email, and web site (if any) entered on the comment form and the commenter’s IP address are visible to me when I review the comment.
“An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.”
I have turned off “Avatar display” so this should not apply.
“MEDIA
Suggested text: If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.”
I don’t think visitors can upload images to this web site.
“COOKIES
Suggested text: If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.”
I have turned off this opt-in option so this web site shouldn’t set any cookies.
“If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.”
Visitors shouldn’t go to the login page.
“When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.”
Visitors aren’t allowed to log in.
“If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.”
Because visitors aren’t allowed to log in, they shouldn’t be able to edit or publish an article.
“EMBEDDED CONTENT FROM OTHER WEBSITES
Suggested text: Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.”
The interactive maps might have, or be, embedded content. The map data are provided by OpenStreetMap and OpenTopoMap . OpenStreetMap has a privacy page that applies to OpenStreetMap contributors and to visitors to openstreetmap.org. The “Data we receive automatically” seems to be relevant for those who visit web sites that use map tiles provided by OpenStreetMap. I can’t read German so I don’t know what privacy policies OpenTopoMap may have, if any. You can disable the interactive maps by blocking javascript.
“WHO WE SHARE YOUR DATA WITH
Suggested text: If you request a password reset, your IP address will be included in the reset email.”
Visitors aren’t allowed to log in so they can’t reset their passwords.
“HOW LONG WE RETAIN YOUR DATA
Suggested text: If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.”
As indicated under “Comments”, I can see the name, email, and web site (if any) entered on the comment form and the commenter’s IP address but don’t know of any other metadata or where it is retained. I presume the metadata is deleted when the comment is deleted. I may delete comments intentionally or inadvertently from time to time. I don’t know if WordPress software saves them even after I delete them.
“For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.”
Visitors aren’t allowed to log in so they have no user profile.
“WHAT RIGHTS YOU HAVE OVER YOUR DATA
Suggested text: If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.”
The only personal data this web site might have is that in, or associated with comments. The WordPress dashboard has tools for exporting and erasing user data but I’m not sure I could use them properly. To receive the exported zip file, a commenter would have to provide a valid email address. It would be easier for the commenter to go to the Comments page and save the commenter’s comments (or the whole page) as a text file or print it to a pdf using the browser’s tools. The Comments page doesn’t, however, show email addresses. As far as I know, I am not obliged to keep any visitor data for administrative, legal, or security purposes.
“WHERE WE SEND YOUR DATA
Suggested text: Visitor comments may be checked through an automated spam detection service.”
End of draft Privacy Policy by WordPress.
I don’t know what information WordPress software collects about web sites that use the software or visitors to those web sites. When I emailed WordPress specifically about its software on external web sites, I was referred to a privacy policy that applies to “sites hosted on the WordPress.org, WordPress.net, WordCamp.org, BuddyPress.org, bbPress.org, and other related domains and subdomains thereof”. It was the lack of information on that page that prompted my question. The WordPress privacy policy is disturbingly vague. “WordPress.org collects non-personally-identifying information of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request.” This statement does not rule out the collection of other information that could uniquely identify a browser and maybe the browser’s user, such as device, operating system, features (e.g., battery status, screen size and resolution, audio element, microphone element, bluetooth element, camera element, VR availability, touch support), geolocation, HTML5 Canvas fingerprinting, system fonts, WebGL fingerprinting, font fingerprinting, and myriad browser settings. Blocking javascript disables most of this data collection. For further information, go to coveryourtracks.eff.org and browserleaks.com.
At a minimum, WordPress software communicates with the WordPress organization to get WordPress and plugin updates and a list of WordPress events relevant to the IP location I log in from.
Additional Steps This Web Site Has Taken to Protect Visitors’ Privacy
- This web site hosts no advertising and does not sell or exchange visitor data. Consequently, I have no reason to collect visitor data.
- This web site has no links to social media sites.
- With a few exceptions (e.g., the Links page and The National Map), this web site uses text rather than hyperlinks for URLs to external web sites so that the visitor knows where the browser is going and cannot be sidetracked to nefarious web sites. This also prevents the destination site from knowing what web page the visitor came from if you paste the text URL into a blank tab.
- This web site does not use third parties to track visitors or to provide additional information about visitors.
- This web site does not use Google Analytics, as so many web sites do, that not only tracks visitors’ every move and click but combines that with their demographics (e.g., age, gender, income) and interests (e.g., employment, music, travel, vehicles).
- This web site does not use Google fonts (or other font sites) so javascript at gstatic.com (or comparable site) cannot track you. Instead, it relies on fonts provided by your browser or operating system.
Cookie Functionality
This web site can be viewed without allowing any cookies. As the cookie examples above do not apply, I don’t think this web site ever sets cookies, except for me when I log in. Even if it does, I don’t know what the cookies do and don’t use them.
Javascript Functionality
This web site can be viewed with javascript blocked. However, there is some loss of functionality.
- The videos will play without javascript but the browser settings must allow videos to play. If the browser has the NoScript extension, videos are blocked unless at least temporary permission is given to view the video.
- The Simple Lightbox image viewer does not work without javascript so photos open in a new tab rather than in a full-size pop-up and there is no slideshow functionality.
- The interactive Leaflet maps do not work without javascript. These are not absolutely necessary as all ponds are shown on screen-capture images of The National Map.
- Javascript is used to block spam-bots from submitting comments. If you want to submit comments, you must enable javascript for this web site, at least temporarily.
To block javascript when viewing this or other web sites, I recommend using the NoScript or uMatrix browser extensions or using Tor browser set at the “safest” security level. All 3 methods allow the browser user to temporarily, or permanently, unblock javascript at selected web sites. Blocking javascript not only blocks most fingerprinting, it also blocks most ads. Of course, blocking javascript might also prevent a web page from displaying anything.
HTML5 Canvas Image
- When javascript is enabled for this web site, Firefox gives the user an HTML5 Canvas image alert in the address bar. An HTML5 Canvas image can be used for fingerprinting, i.e., uniquely identifying your browser. I haven’t been able to determine why my web site does this. The web site seems to work normally without the image so feel free to block it. Firefox (including Tor) is the only browser I know of that allows blocking such images but there may be extensions for other browsers that can also block the images. Blocking javascript evidently blocks the collection of HTML5 Canvas images but also impacts image and map viewing on this web site (see above).
- When this web site collects HTML5 Canvas images of visitors’ browsers, I don’t see and don’t know how to use such images. However, since I don’t know the code that initiates the images, I also don’t know if there is other code that uses the images.
After I installed page-caching software, I didn’t see Firefox HTML5 Canvas image alerts. The cached pages evidently don’t collect such images of visitors’ browsers. The page cache on the server is periodically refreshed to incorporate edited and added content. It’s possible visitors will see non-cached pages when the cache is refreshed but they will mostly see cached pages.
What About the Web-Hosting Service?
The privacy policies and terms and conditions of many web-hosting services do not mention what information they collect about visitors to web sites that they host or are, at best, ambiguous. The same is true of the host for this web site. Based on time-limited activity logs provided by the host for this web site, I (and the host) can see IP addresses, which pages were visited, times of connection, referring URLs, and browser agents of my web site visitors. I don’t analyze or save this data. I don’t know how long the web host keeps this data or what other data it collects. The data could be used to block denial-of-service attacks but I don’t know what the web host actually uses it for.