Add a privacy policy

[LeoWattenberg]

With the removal of dislike stats from the YouTube API, our backend will switch to using a combination of scraped dislike stats, estimates extrapolated from extension user data and estimates based on view\like ratios.

This implies you are/will be collecting user behavior data of some sort. Please add a privacy policy clarifying which ones exactly and for what purpose, as well as how to opt out.

[sy-b]

My Suggestions

Privacy policy for now

We do not collect any information from the user. 😊

Privacy policy - if #56 & #109 are implemented

We only collect anonymized dislike count.
The only information we store

• sha3 hash of channel to prevent data vandalization and provide users with most accurate dislike possible from our side. Note: Sha3 hash can't be reversed (as of now) to find channel ID.
• disliked video id to prevent multiple counting of dislikes for the same video.

Hence, even if our database is leaked, no useful information can be extracted, because we don't collect it in the first place.

[pbarney]

Can you make your backend code publicly available on github so we can see what's being stored?

[sy-b]

Can you make your backend code publicly available on github so we can see what's being stored?

If you look at the extension source code, only a request containing the video ID is made.

So only things that are possible to log/store are:

• Frequency of video IDs
• IP address
  I don't think that's being done. + its of no use & costly

According to what I know - the backend source code will be made available after 13th December.

[FlorianWendelborn]

Note: Sha3 hash can't be reversed (as of now) to find channel ID.
— @sy-b

This is kinda wrong, since you can just make a list of sha3 hashes of all channel IDs you crawl from YouTube’s API. What would be better is to at least sha3(channelID + dislikedVideoID) as it means you’ll have to at least calculate a sha3 for every user/dislike combination

[Anarios]

Can you make your backend code publicly available on github so we can see what's being stored?

it's a misconception to think that seeing backend code would let you know what's being stored. You have no way to know what code is actually running on backend. And even if the code running is exactly the same as the one published - you have to way to know that there are no intermediate steps that do the logging.

So it would give you nothing, but a false sense of security.

Right now the API is quite vulnerable for botting, and the few measure that we have to prevent it - would be made much easier to circumvent if backend code is disclosed.

Backend code WILL be made publicly available, though. But I think after authorization through google oAuth is implemented.

[JasonTable]

Please make sure Cloudflare is mentioned in the privacy policy somewhere since they can see all this data too since the API goes through their servers.

[cachandlerdev]

While I appreciate the creator stepping in for Google and creating this extension, the lack of a privacy policy and a vague promise to make the backend code public at an unspecified future date have caused a number of people to become worry about the privacy implications of this extension. For example, the Invidious, Freetube, and NewPipe teams (each of which work on alternative YouTube applications/services) have all decided not to implement support for Return YouTube Dislike due to concerns revolving around this topic.

Beyond this, given the number of issues that have been created on this GitHub repository on this matter alone, it seems like public perception is not so much focused on "Is the backend source code on GitHub the same as what's running when I open up YouTube?" but rather on "It has been almost half a year since the extension was created at this point, and despite the statement that 'Backend source code and a privacy policy will be made public soon,' there still appears to have been no progress since then."

Again, I'm glad that this project exists. However, when it appears as if the developers are actively refusing to disclose what information they store based on extension usage and how that data is shared, then anyone who's concerned about the privacy implications with an application like this will start to get worried.

[Anarios]

Privacy policy is public. I don't store anything other than the randomly generated userId and votes made by that user ID. And this data is not shared and will not be shared with anyone.

If DB is made public (as some request) - userIDs will be anonymised (or simply erased)

[TiagoTiago]

IDs need to already be anonymized in case you get hacked

[cachandlerdev]

Privacy policy is public. I don't store anything other than the randomly generated userId and votes made by that user ID. And this data is not shared and will not be shared with anyone.

If DB is made public (as some request) - userIDs will be anonymised (or simply erased)

I see. While I'm glad to know that little to no user data is collected, and that none of it is shared, I would like to point out that I had to comment on GitHub in order to find that out, which is something that most people aren't going to do. A great deal of confusion could probably be cleared up if the website had some kind of privacy policy. At the time of posting that message, when I performed a Google search, I only saw this GitHub page and some articles that described using the extension. Combine that with teams like FreeTube, Invidious, and NewPipe all refusing to implement support for privacy reasons, and people might start to get the wrong impression.

[Anarios]

IDs need to already be anonymized in case you get hacked

it is random. not tied to google account or anything else.

[Anarios]

Privacy policy is public. I don't store anything other than the randomly generated userId and votes made by that user ID. And this data is not shared and will not be shared with anyone.
If DB is made public (as some request) - userIDs will be anonymised (or simply erased)

I see. While I'm glad to know that little to no user data is collected, and that none of it is shared, I would like to point out that I had to comment on GitHub in order to find that out, which is something that most people aren't going to do. A great deal of confusion could probably be cleared up if the website had some kind of privacy policy. At the time of posting that message, when I performed a Google search, I only saw this GitHub page and some articles that described using the extension. Combine that with teams like FreeTube, Invidious, and NewPipe all refusing to implement support for privacy reasons, and people might start to get the wrong impression.

There's one here: https://addons.mozilla.org/en-US/firefox/addon/return-youtube-dislikes/privacy/

But yeah, duplicating it in website wouldn't hurt. Will do.