ConsenSys collecting IP and Ethereum addresses of MetaMask users
Ethereum software solutions provider ConsenSys just recently updated its privacy policy. However, these new additions bring mixed reactions as they mean much less privacy for Ethereum users.
New ConsenSys new update for MetaMask users
ConsenSys announced to MetaMask’s more than 20M users, on a new update to its privacy policy, yesterday, November 23, stating, “When you use Infura as your default RPC provider in MetaMask, Infura will collect your IP address and your Ethereum wallet address when you send a transaction,”
ConsenSys, the New York-based blockchain software company behind the leading Ethereum wallet, MetaMask, has shocked decentralization advocates with these new changes to its privacy policy.
ConsenSys added, “However, if you’re using your own Ethereum node or a third-party RPC provider with MetaMask, then neither Infura nor MetaMask will collect your IP address or Ethereum wallet address.”
The updated ConsenSys privacy policy includes other information that it collects related to the Codefi site and services. These data included identity and contact information, financial and transaction data, and KYC information where applicable.
It also automatically logs data such as IP addresses, devices, browsers, and operating system types.
Acquired by Consensys in October 2019, Infura is a tooling suite for creating applications that connect to the Ethereum network. ConsenSys is the company behind Infura and MetaMask, the world’s most popular Ethereum wallet.
Uniswap, the decentralized crypto network protocol, also caused a stir earlier this month when it did something similar. Its updated privacy policy revealed that the DEX collects blockchain data and information about user devices, browsers, and operating systems.
But, unlike ConsenSys, Uniswap does not intend to collect personal information such as names, IP addresses, and email addresses.
ConsenSys move sparks outrage
When the Chinese industry outlet Wu Blockchain posted the ConsenSys policy on Twitter, several prominent crypto experts commented, expressing their outrage.
While Web3 and decentralization campaigner Chris Blec suspecting a sinister intention behind this change, tweeted, “Don’t ignore this stuff. This is how you will be cancelled from the financial system in the future. This is how they’ll do it.”
While other Twitter users believe this may not be as bad as it seems. They believe the people decrying ConsenSys are responsible for failing to operate their infrastructure.
Gabriel Shapiro, general counsel at Delphi Labs said. “I don’t think it’s reasonable for people to get pissed at centralized infra providers collecting more data and potentially censoring. This tech was always geared toward running your own infra and we’re gonna see that put to the test. More education/tooling needed.”
Others suggested the solution wasn’t complicated, using a VPN to obfuscate their location when using MetaMask, despite a VPN only disrupting the collection of location data and not wallet addresses.
As the crypto winter gets colder, coupled with the growing distress and insecurity fears from the infamous FTX collapse, people are rightly worried that they can’t trust big firms, such as ConsenSys, to put users’ data in a vulnerable position.
Even though users are now responsible for their privacy to an extent, ConsenSys’ timing and approach don’t place them in a position of trust with their users considering the crypto climate.