Updated Privacy Policy
I've published a minor update to my GDPR Privacy Policy.
This post explains what those changes are, and why I'm making them.
You can view the old privacy policy (Privacy Policy 20180525) in the archives, The new version is "Privacy Policy - 20210615"
The Change
The change (apart from some whitespace adjustment) is fairly simple - it adds a new section dealing with 3rd party CDNs:
Third Party CDNs On some of my services, I use third-party Content Delivery Networks in order to deliver content to users more efficiently than is/was possible using my own infrastructure. The primary provider of CDN services I use is BunnyCDN (who's own GDPR details can be found at https://bunny.net/gdpr). BunnyCDN's conduct is limited via a formal Data Processing Agreement, and the information on your visit they expose back to me is deliberately limited. Relevant points are: - Logged IP addresses are masked down to /24 - Logs are retained by the CDN for 3 days - Access to the CDN account (and by extension, the logs within) is protected by strong authentication, including a 2nd Factor. From time to time, it may prove necessary to change my CDN supplier - however, the standards laid out here are considered a minimum, and suppliers not meeting them will not be onboarded without an update to this Privacy Policy.
Essentially this section has been added to disclose that I now deliver some content via a 3rd party CDN (currently BunnyCDN).
Reason for the Change
Back when GDPR came into effect, I wrote a post musing about the decision I needed to make around keeping the site online: do I continue with Google ads (since disabled) in order to fund infra, do I serve via Cloudflare (bringing it's own privacy issues)?
Running your own infra brings great privacy benefits for users, but also carries a real cost - not just the cost of the infra, but needing to be available to troubleshoot issues, do upgrades etc. For various reasons, I've decided that it's a cost I can't continue to bear.
However, the concerns I previously had with Cloudflare still niggled - they're a de-facto gatekeeper to the modern internet. I did run a limited trial though, and concluded the following
- Their engagement model absolutely sucks (having to point to their NS's unless you're paying >$200/mo? really? Just let me CNAME in)
- Their lower tiers lacks quite a lot of configurability unless you're willing to start stacking prices on top
I also looked at the rest of the consumer/retail CDN market - Fast.ly being an obvious contender. Ultimately, though, the mix of feature-set, privacy related features and cost differentiated BunnyCDN.
Having run A/B tests, I've reduced the amount of infra that I'm personally managing, and started routing most traffic via BunnyCDN - this has reduced my running costs (financial and mental) quite considerably, helping ensure the future of the site and it's various subdomains.
I do currently still have some infra - certain of my services are sufficiently privacy-sensitive that I decided against introducing a 3rd party. Other services (like mailarchives) was based purely on financial gut-feeling: do I really want to pay a 3rd party to deliver those bytes?
Tor
Tor users (whether direct via .onion or opportunistic Tor connections) are unaffected by this change - those connections will continue to connect directly (well, via Tor) to my infra rather than transiting a 3rd party CDN.
Conclusion
The change is relatively minor, but helps me to protect the future of the services I offer - it reduces my financial and mental overheads, whilst mitigating the concerns I have with some of the other players in the CDN space.
It does also mean that end-user information is better insulated away from me too (I no longer know the IP address of anyone connecting), which is a little odd and might take a little bit of getting used to when troubleshooting.
