In response to MetaMask’s IP collection policy, ConsenSys claims that there have been no changes made to it. There has been no indication that the IP address information collected by MetaMask users will be used for monetization or to exploit the users.
Intentions behind the collection of data
The parent company of MetaMask, ConsenSys, reaffirmed its intentions about collecting and processing user data that was published in an update on Nov. 23.
Infura’s Data Protection Officer has recently been appointed as per Article 13 GDPR and as a result, his contact information has been added. We also intended to provide clarity as to the nature of the information that it collects when users choose Infura as their default RPC provider within MetaMask.
The ConsenSys team believes in the importance of transparency when it comes to the information they collect, and how their personal information is used, including what is collected by a wallet service provider and what is collected by the MetaMask wallet.
There was no regulatory change or inquiry that required the updating of the policy to be made, and the updates will not result in a greater amount of intrusive data collection or data processing.
It has always been the company’s policy that certain information is automatically collected about how users interact with the company’s sites and that some of this information may include IP addresses, which the company says has always been the company’s policy.
The IP address and wallet address of the user are given to an RPC provider such as Infura in order for the provider to be able to provide the user with a service when interacting with Ethereum or other blockchains, for instance, by sending transactions or requesting balances.
They continue to seek technical solutions to minimize the exposure of this information, including anonymization techniques, in order to minimize your exposure. This is not an Infura-specific issue and is consistent with how web architectures generally work.
There were many users who were concerned over the recent change in ConsenSys policy because it was seen as a red flag for anonymity and decentralization. It appears that some of the users’ minds have been eased by the statement published today.