Home

Gibraltar: Preserving User Privacy in your CEIP

Kendall Miller |

For day 23 of our Advent calendar we have a simple treat you can use to balance your needs with your user’s expectations of privacy.

Gibraltar is designed to work across a range of uses from in-house corporate applications to public consumer applications.  To handle this requires addressing the whole spectrum of privacy concerns from no expectation (in-house applications) to stringent public privacy laws around the world.

The primary concern with preserving user privacy is to eliminate information that directly identifies an individual in the real world.  In the case of Gibraltar, we want to eliminate the following fields:

  • Command Line.  The executable may be located in the user’s directory which would give away their identity.
  • DNS Domain Name
  • Host Name:  The value “anonymous” is substituted.
  • User Name: This shows up on the summary information as well as each log message.
  • User Domain Name
  • Assembly File Paths:  These may be located in the user’s directory which would give away their identity.

Of course, we can’t prevent you from logging sensitive information in your log messages - so you would need to avoid doing any of that on your own.

To enable this feature, see Anonymous Data Collectionin the documentation.

Letting Users Opt In

Auto Send ConsentIn addition to anonymous mode, Gibraltar includes a built-in mechanism for letting users opt in and out of your CEIP program.  It’s designed for use in Windows applications and includes a built-in user interface that we use ourselves.  Even if you’re not using a Windows application it’s worth reviewing what we’ve done to understand how you can adapt it to your own situation.

The text you use to describe why you want to submit data should be tailored to the technical level of your audience.  For example, if you have a highly technical audience it may be necessary to describe in more detail what you collect and how you protect their identity.  Our built-in dialog is designed to model applications similar to Microsoft Office.

You should also provide a clear privacy policy on your web site so people can have comfort with what you’re doing with the information you’re collecting. If you want to use the built-in Opt In capability we require you provide a URL.  Here’s the privacy policy we use.

Rock solid centralized logging

Unlimited applications, unlimited errors, scalable from solo startup to enterprise.

Try Loupe for FREE!