ConsenSys updates MetaMask privacy policies after backlash

MetaMask’s creators, ConsenSys, announced they would modify their system as consumers complained over the data-gathering policies.

In a recent statement, ConsenSys explained how it shared Internet protocol information about MetaMask users with Infura, a service that allows clients to access and update Ethereum ledgers.

How ConsenSys faced backlash from MetaMask users

Last month, a change to the ConsenSys terms of service made it clear that the IP addresses and transaction data of MetaMask users were automatically sent to Infura. The crypto industry was infuriated with the matter, while some expressed concerns that their transactions were not as safe as they thought. Many saw it as an insult to Ethereum’s confidentiality and decentralized ethos.

Dan Finlay, the project co-founder, said that MetaMask started collecting and exchanging IP-linked transaction information with Infura in 2018 to stop network overload and keep track of pending transactions. According to Finlay, a remote procedure call (RPC) service like Infura will always expose a user’s IP address. Hence MetaMask will always have to log the private data. 

ConsenSys implements new policies

However, as the news sparked outrage, ConsenSys decided to stop keeping track of IP addresses and transaction data. This will make it harder to link specific user actions to them. Moreover, ConsenSys plans to keep user data for only one week. It emphasizes that the project will never share the data acquired via its cryptocurrency infrastructure with third parties.

The company also announced the update to the MetaMask user interface. The users will be able to set up their Ethereum node or another RPC service instead of using Infura starting next week.