Thanks for your thoughtful questions and for your patience as we connected with our engineers over the weekend.
*Why are IP addresses collected?*
Currently, IP addresses are an unavoidable part of the telemetry data process because the event transmission occurs over the TCP/IP protocol. The library we use as the web server automatically parses IP addresses from that transmission, but we've implemented a step to entirely remove that field from the data before it's processed for analytics. We currently don't require or desire IP information for telemetry; we’re early in our telemetry journey and will consider improving our handling of IP addresses as a future enhancement.
*Why do we de-identify server-side rather than on the device?*
De-identifying server-side allows us to enrich the raw event data with additional metadata elements that aren't stored on your device. These elements are non-identifying pieces of information like the type of account and whether or not the trial period is active. The entire server-side enrichment pipeline is hosted entirely within 1Password's own infrastructure.
*Could the timestamp be truncated by the batcher on the device?*
The timestamp being truncated on the device is possible – our primary concern here is the loss of visibility into latency in our pipeline. This can have a significant impact on data quality and understanding the health of our pipeline.
Our goal as we roll this out is to provide transparency on how we prioritize customer privacy while building a better 1Password. We hope this helps answer some of your questions and we’re here to help if you have anything else you’d like to know.
That's what also annoyed me a bit so I just contacted them via the link in the bottom of the blog post:
"Hey there,
I just read the "under the hood" blog post about telemetry and have some questions.
First of all, the section "But why collect these data points in the first place?" does not really answer the question. There is no explanation given about why e.g. IP-addresses are collected when, as by your schematics, they are never really used and completely anyway. So why store them in the first place, even if only for 21 days?
Another question I have is, why the de-identification of some items takes place in your AWS environment instead of on device. For example, when talking about the IP-address, it is not used later on anyway. And the timestamp could easily be truncated by the batcher on device, couldn't it?
Thanks for your thoughtful questions and for your patience as we connected with our engineers over the weekend.
*Why are IP addresses collected?*
Currently, IP addresses are an unavoidable part of the telemetry data process because the event transmission occurs over the TCP/IP protocol. The library we use as the web server automatically parses IP addresses from that transmission, but we've implemented a step to entirely remove that field from the data before it's processed for analytics. We currently don't require or desire IP information for telemetry; we’re early in our telemetry journey and will consider improving our handling of IP addresses as a future enhancement.
*Why do we de-identify server-side rather than on the device?*
De-identifying server-side allows us to enrich the raw event data with additional metadata elements that aren't stored on your device. These elements are non-identifying pieces of information like the type of account and whether or not the trial period is active. The entire server-side enrichment pipeline is hosted entirely within 1Password's own infrastructure.
*Could the timestamp be truncated by the batcher on the device?*
The timestamp being truncated on the device is possible – our primary concern here is the loss of visibility into latency in our pipeline. This can have a significant impact on data quality and understanding the health of our pipeline.
Our goal as we roll this out is to provide transparency on how we prioritize customer privacy while building a better 1Password. We hope this helps answer some of your questions and we’re here to help if you have anything else you’d like to know.