Update to Our Privacy Policy

After consulting with our legal team here at the California Academy of Sciences about the changes to the online privacy landscape brought about by the European Union's General Data Privacy Regulation (GDPR), we've updated our privacy policy: https://www.inaturalist.org/pages/privacy. The changes basically make the policy more explicit about what kinds of information we collect and who we share it with. Since it's kind of legalese, here's an overview (a rather long overview).

First and foremost, we don't use your data for marketing purposes and we certainly don't sell it for any reason. The one exception was an year-end fundraising campaign in December of 2014 in which the Academy used iNat user email addresses for iNaturalist. Those email addresses accidentally got put into a general CAS fundraising list and iNat users received an additional email about a CAS lecture series in February 2015 that wasn't related to iNat. Those email addresses were immediately removed from that list and it hasn't happened again.

Second, we are collecting personal information about you, but that is a fundamental part of social networks generally and iNaturalist specifically. iNat is all about recording information about where you were, what you observed, who you are (or at least who you choose to be on iNat), and publishing it for everyone to see. This is not really information we’re collecting about you so much as information we’re helping you publish on the Internet. Beyond that, though, there is some implicitly-provided information that it would be difficult for us not to collect, like the information your browser automatically sends us with every request, including your IP address (which can be used to derive general geographic information like what city you're in, or track you across different sites) and information about your browser. We also explicitly record information about bugs and crashes on all our platforms.

Third, that information is useful, both to us on staff and to us as a community. You can't have an observation without the who / what / where / when, for one thing. For another, information like IP addresses can be used to block malicious users, and information about browsers can be very helpful in debugging problems that are specific to a particular browser. I think it's fair to say that iNaturalist couldn't operate without collecting some personal information.

Fourth, we do share some information with third parties like Google Analytics (they're listed in the Privacy Policy). If you're unaware, Google Analytics and similar services collect basic information about usage, like browser type, how people find the site, what pages are the most popular, and information that can be derived from IP addresses, like what geographic locations we get the most traffic from. Some of them (like Fabric, also owned by Google) collect information about software crashes including what line of code caused the problem, what kind of device the code was running on, etc. The privacy concern with these kinds of services is they basically provide advertising and data brokerage firms like Alphabet / Google and Facebook with data in exchange for these analytics services (you're making a similar transaction every time you use Google or Facebook yourself). In some cases, like Fabric, those services are very useful to us in trying to solve technical problems. For example, while we get a lot of realtime information about what’s happening on our website, we know almost nothing about what happens in our mobile apps, so when something goes wrong, our only sources of information are reports from users (which not everyone does or does effectively) and these kinds of analytics services. In others cases, like Google Analytics, we derive some benefit but could probably live without it and just use our internal tools. That said, if you don't like the idea of sharing any information with companies like Google, you would basically have to stop using the Internet. Every time you see a Google Map on a web page (including iNaturalist), Google is at least getting your IP address, and possibly browser-related information. Same thing goes for Facebook "Like" buttons. That's all to say we could minimize some of these privacy "vulnerabilities" by not using some of these services, but it would be tricky and prohibitively costly to avoid them completely.

Finally, what should you do if you don't like what we're doing with your personal information? For one thing, you can delete your account. That will remove all your content from public view on the site, though it will not remove it from our backups. If you email us and specifically ask to have all your data removed, we can remove all of the server logs of your activity, and we can purge some remaining records like the fact that you deleted your account and a bunch of observations, but it would be impractical to remove all your data from all our backups. For what it's worth, those backups are stored on an encrypted disk and only iNat staff have access to them.

A less extreme option would be to use our geoprivacy settings to hide or obscure coordinates and learn about and use basic privacy protection tools. These include blocking cookies from certain domains (you could even block cookies from iNat, but that would mean you could not sign in), browser extensions to block all traffic to and from certain domains, and using a virtual private network to anonymize your IP address.

I'd also like to say that even though I was probably more savvy than most Internet users about online privacy before GDPR, I've learned a lot about about the subject over the past few months, and the situation is pretty grim. It's basically very hard to use the Internet without sacrificing some privacy, and I, like most people, just accept the risk that my personal information might be used against my interests. I don't particularly like the fact that iNaturalist is a part of this troublesome privacy world, but avoiding it would genuinely mean providing a slower, less interesting, and less stable service. It's not a very satisfying trade-off.

If you have questions, please feel free to leave a comment or email us at privacy@inaturalist.org.

Posted by kueda kueda, September 07, 2018 17:52

Comments

Thumb

Many thanks for this background, Ken-ichi!

Posted by jakob almost 3 years ago (Flag)
Thumb

I thought GDPR is mainly about distributing data to others, especially social plug-ins, and the not intended use of data...use which a normal user would not expect..like selling your information while you already paid for a DNA analisis of your DNA..they still sell your data to any pharmaceutical company..although i could expect some fundraising to maintain the website.

Posted by ahospers almost 3 years ago (Flag)
Thumb

I'd say GDPR is mostly about sharing data with third parties, but there's a lot in there about disclosure of what kinds of information get collected, as well as the right to be forgotten (plus some much more stringent consent requirements when recording and sharing biometric data, which thankfully doesn't apply to us). Personally, I just want to be clear to everyone on iNat what we're recording and why, and be available to answer any questions people have about the subject.

Posted by kueda almost 3 years ago (Flag)
Thumb

I forgot about the right to be forgotten. Which is a problem for the systems who just put somebody out of service by entering the end date without deleting. Still surprised about the reach of GDPR..like China. Thanks for the update..https://www.csis.org/analysis/new-china-data-privacy-standard-looks-more-far-reaching-gdpr

Posted by ahospers almost 3 years ago (Flag)
Thumb

I assume that information we choose to make public (Profiles, etc) remain in the public domain. The iNat privacy regulations as stated seem pretty fair to me. As you said, it is nearly impossible to use the internet without some loss of privacy.

Ian

Posted by mamestraconfigurata almost 3 years ago (Flag)
Thumb

Thanks Ian, yes, it's important to note that information you make public can be accessed by third parties and there's not much we can do about that. For example, Google can see your public user profile and they may cache the description there for inclusion in their search results, and deleting your account will have no immediate effect on what Google has stored (although they will remove it eventually). Same goes for GBIF: they are maintaining copies of your public observation data, and removing them on iNat will not have an immediate effect on GBIF.

Posted by kueda almost 3 years ago (Flag)
Thumb

One of the things I like best about iNat is how much it keeps me off the internet. So in that sense I feel like you’re doing my privacy a favor. That said, this policy seems very fair to me, and I’m all for it. Keep up the good work!

Posted by jmaughn almost 3 years ago (Flag)
Thumb

Thanks! Yeah, it all sounds fine to me too. @ahospers yeah that DNA thing really bums me out because it would be fun to get a DNA test but i really don't want that data being sold like that so people can target to me about whatever genetic issues I might have. So creepy. So I never did it. Maybe someone gets the info anyway but...

Posted by charlie almost 3 years ago (Flag)
Thumb

I am tying to do something for science and I am happy for the whole world to know about

Posted by andrewgillespie almost 3 years ago (Flag)
Thumb

I really appreciate this explanation of the privacy policy. I'm concerned about the privacy issues surrounding being online too, but feel that based on the system and the nature of iNaturalist as a platform to share what essentially is scientific data, it can't be helped.

Posted by nathantaylor almost 3 years ago (Flag)
Thumb

I too appreciate the explanation, and I'll share this post with folks when the question comes up.

Just for my curiosity, does the Seek app not use personal information? When folks come to me with questions of concern for location and personal data, I suggest using the Seek app instead (although it doesn't contribute any information to the database)... Am I saying this correctly?

Good job, iNat. :)

Posted by sambiology almost 3 years ago (Flag)
Thumb

@sambiology i think that is part of the purpose of Seek... lets kids use it without any worry for privacy or location security, lets people play with the algorithm and try it out, etc. I'd totally forgotten about Seek but if I weren't into all of iNat i'd probably play with it more.

Posted by charlie almost 3 years ago (Flag)
Thumb

Regarding Seek, we receive information like IP addresses from requests the app makes to our servers for things like lists of nearby species and computer vision suggestions, from which we can derive location data at city-level resolution and information like ISP. We also receive GPS coordinates to improve the computer vision suggestions. However, since you don't sign into the Seek app and we record nothing else about the user, those kinds of information can't be linked to something like a name, a username, or an email address, so it's debatable how "personal" they are on their own. I think it's safe to say Seek is a much more private experience than iNaturalist generally, about as private as using an incognito window. These kinds of information are also only in our logs, so they are not permanent like observations. We generally only hold on to about 3 months worth of log data.

Posted by kueda almost 3 years ago (Flag)
Thumb

It was a bit diffcult to find this blog post..what is the regular way to find this one ? I just heard the copy right has also changed: https://www.dw.com/en/european-parliament-approves-controversial-new-copyright-law-in-blow-to-tech-firms/a-45449863
How is it with observations ? GBIF always get the observations in iNaturalist or only the research grade observations ? And it does not matter on which License model you use ?
If i change an observation, improve an ID the GBIF does not get an update i guess ? And with R an Rsciopen and the iNaturalist API everybody can read the data ? In that way it would be better to have an obscure option on the iOs iphone app..for orchids for example.

https://www.inaturalist.org/people/18823/edit#
icensing your content gives other people the legal right to use it without asking your permission if they stick to the terms of the license. iNat uses your Creative Commons-licensed content to share with data partners like the Global Biodiversity Information Facility (GBIF), an international, inter-governmental organization that compiles and distributes biodiversity information from around the world. Learn what these licenses mean

The Blog parts are so big that a visitor can not find an article easy. If i understood well quite a lot of license models prevent an export to GBIF:
1) Cc by nd Attribution-NoDerivs
2) Cc by nc sa Attribution-NonCommercial-ShareAlike
3) Cc by nc nd Attribution-NonCommercial-NoDerivs

Posted by ahospers almost 3 years ago (Flag)
Thumb

Andre, looks like EU copyright updates have not been finalized, so I can't comment on their implications, though if that article is accurate, it seems even more poorly-conceived than the GDPR. If / when it becomes law in the EU our lawyers will advise us on what it means for iNaturalist.

Copyright and other intellectual property rights issues are not the same as privacy, so the Privacy Policy doesn't really have much to say about who can copy the creative works you willingly publish. To answer your questions, though,

How is it with observations?

It varies by jurisdiction. Generally, the parts of an observation that represent facts about the world (coordinates, date, etc) are not subject to copyright, though the EU does have IP protections for collections of facts that the US does not (the classic court case in the US involved copying a phone book, which is apparently legal in the US but perhaps not in the US). If you wrote a description with your observation, though, that could be subject to copyright as it could be considered a creative work. That's why we provide CC licensing options for both observations and photos.

GBIF always get the observations in iNaturalist or only the research grade observations ? And it does not matter on which License model you use ?

The archive we create for GBIF to consume includes all Research Grade observations with CC0, CC BY, or CC BY-NC licenses and their associated CC0, CC BY, or CC BY-NC photos (actually we just include the URLs to the photos). So yes, only Research Grade, and yes, your license choice matters.

If i change an observation, improve an ID the GBIF does not get an update i guess?

Yes, GBIF gets this updated data the next time they ingest the archive.

And with R an Rsciopen and the iNaturalist API everybody can read the data?

API consumers can only read the data everyone else can see on the website. You can see what that looks like by using the API yourself, e.g. http://api.inaturalist.org/v1/observations

If you have further questions that don't involve privacy, please send them to help@inaturalist.org

Posted by kueda almost 3 years ago (Flag)
Thumb

Just a general comment: I would highly appreciate if statements like “even more poorly-conceived than the GDPR“ could be left out of the discussion.

Posted by jakob almost 3 years ago (Flag)
Thumb

@ahospers as far as where to find iNat blog posts, you can check the bottom of any page on the site and click "Our Blog," which brings you to https://www.inaturalist.org/blog

Posted by bouteloua almost 3 years ago (Flag)

Add a Comment

Sign In or Sign Up to add comments