Data Privacy Statement from 2018-04-12 through 2018-04-17
Packet Clearing House recognizes the primacy of individuals' right to control the disposition of their personal data. The purpose of this statement is to detail how PCH handles personal data in the provision of our services.
PCH minimizes its handling of information that could be considered secret or confidential.
The vast majority of the data which PCH handles and publishes doesn't contain any personal information. Most of this data is provided to PCH on a voluntary basis by PCH's research partners, peers, and project participants. PCH publishes this information to the public through its website, databases, and application programming interfaces. PCH may, at its sole option, aggregate, delete, or restrict access to portions of the data but does not represent that it will do so in any particular case.
PCH intends to comply with the highest applicable standards of personal data protection. Currently, we consider the highest standards to be those established by the European General Data Privacy Regulation. Consequently, we attempt to provide to all of our users globally the same protections afforded to European citizens by the GDPR. We recognize that personal privacy protection is a broad field, and as legal protections improve, it's likely that improvements will not occur uniformly or universally, so it is our intention to comply with the highest standard applicable to each aspect of privacy protection, regardless of origin, rather than adopting the slate of policies of any particular country or region.
Collection, processing, and use of personal data in providing service
PCH principally provides services on an organization-to-organization basis, including to the operators of Internet exchange points and domain name registries.
To maintain contact with the organizations we serve, we must collect, process, and store the personal data of the individuals who are our points of contact with those organizations. This personal information includes name, professional role or function, and contact information. We do not collect such information from third parties, only directly from the individual affected, and only on a voluntary basis. We use it exclusively to perform our obligations with respect to the recipient organizations, and only to the extent required to achieve these purposes.
This data is not used for advertising, nor is it divulged to third parties.
Collection, processing, and use of personal data in providing web services
If you choose to sign up on our site to create an account, we will know your first and last name, the company you work for, and your email address. We collect this data for the purpose of verifying the validity of newly-created accounts, and to facilitate the return of requested data to account holders. The data is used only to the extent required to achieve these purposes. The data is not used for advertising, nor is it divulged to third parties.
This policy applies to websites under the pch.net and internetmeetings.org domains.
Collection, processing, and use of website logs
PCH's web servers maintain normal transaction logs, which include each IP addresses from which we receive requests. We retain this data for the current and prior calendar years, and use it on an occasional basis to debug any functional problems which occur with the web site, and occasionally to calculate the number of unique requestors of different resources on the web site, so we can better allocate staff time and direct our efforts.
Opting out of Web Data Collection
We do not offer a way for users of our online services to opt out of the data we collect. That said, we have no objection to your use of a NAT or VPN to obscure your IP address, nor do we have a "real names" policy. We will happily address you by whatever name you wish to be known by.
For an in-depth guide on opting out, anonymity, privacy, and security while browsing the web, see the Electronic Frontier Foundation's Surveillance Self-Defense.
Data associated with the use of PCH nameservers
PCH's most widely used service is the public authoritative nameservers we operate on behalf of most of the world's domain name registries. These services are provided to the public, both organizations and individuals, without any explicit collection of data that identifies individual users.
We have no individual or individually-identifiable relationships with users of these systems, nor any way of tracking or identifying users of the systems. However, to reply to each query we receive, we must retain the IP address of the querying system for the few microseconds it takes us to formulate and send a response. To ensure the security and integrity of systems, respond to requests for technical assistance, and formulate aggregate use statistics, we may retain the IP addresses associated with some queries for longer periods, typically up to twenty minutes.
In addition, the domain name registries on whose behalf we publish the domain name data may request that we forward a copy of this data to them, at which point it is governed by their data handling policies. Because we are merely the publishers of the zone data, while the registries are its authors, we believe this to be their indisputable right, not subject to restriction by us.
Because of the nature of authoritative nameservice, the vast majority of queries we receive originate from recursive nameservers, which are typically owned by organizations rather than being associated with individuals. Because we do not store information about the users of the systems, we have no way of distinguishing between IP addresses that represent organizations and those associated with individuals. In no event do we have any other information that might be correlated with IP addresses to identify an individual, and in no event do we retain specific IP addresses beyond the short (typically twenty-minute) window of time necessary to perform security, performance, and usage analytics, unless that IP address is part of a security threat to our systems.
Third-party access to personal data
The only occasion on which we share personal data is if you make a donation to support us. When that happens, we use a payment services provider ("Stripe") to process the payment. Only the email address and the amount donated are known to us. All other information, including credit card and address, goes directly from you to Stripe, and is never seen by PCH.
Furthermore, we do not:
- Use any third-party tracking service or system.
- Host any social media "beacons" that can track your movements around the web.
- Use any content delivery networks that could act as passive beacons to track your movements around the web.
- Place any advertisements or other content served by third-parties within our websites.
Personal Data of Minors
PCH requires and retains the explicit permission of the parent or legal guardian of anyone whose data is retained who is not of legal majority in their country of residence.
PCH takes its security responsibilities seriously and employs technical and organizational measures to protect your personal data against accidental or intentional manipulation, loss, destruction, or access by unauthorized parties, internal or external to PCH. We review these measures regularly and include staff training and awareness to manage associated risks.
All connections to our websites are done over encrypted connections using current and safe protocols. Specifically, we require Transport Layer Security. We do not support TLS ciphers that are known to be insecure, and we prefer keys that enforce perfect forward secrecy. For more information about which ciphers we employ and other specifics about our TLS configuration, please see the SSL Labs current review of our site.
We only store password hashes generated by the bcrypt algorithm and never store passwords in plain text. All password resets are done by emailing the user a link that expires in 24 hours.
Reporting vulnerabilities on pch.net domains
We support responsible disclosure and are happy to work with security researchers. Please contact firstname.lastname@example.org if you discover any vulnerabilities. We are a public-benefit not-for-profit and cannot afford to pay "bug bounties," but will happily publicly acknowledge any assistance received.
Reporting data breaches
In the event that a breach involving personal data is detected, PCH will notify the relevant data protection authorities within 72 hours. PCH will also take appropriate measures to inform any users affected by the breach in coordination with the data protection authority.
Rights to access and control your personal data
We retain personal data as described in the sections above as long as it is necessary for the purpose(s) for which it was obtained.
You have the right to access, rectify, or delete your information in our systems, and users whose information is in our systems have direct access to make changes and deletions under their own control. Our ability to modify or delete data may be limited in the future if the data becomes subject to a retention obligation under applicable law, but we do not currently know of any data to which such obligations would apply. In the event that we encounter a conflict between privacy and retention regulations, we will document it here.
Please send data privacy requests in writing to:
Packet Clearing House
1600 Shattuck Ave Ste 212
Berkeley, California 94709
or by email at email@example.com
Correctness and validity of this data privacy statement
By using our website, you consent to your data being used as described above. This data privacy statement is the currently valid version as of 12 April 2018. We archive all prior versions.
PCH reserves the right to amend this data privacy statement at any time with future effect. The current and applicable version of this statement is found on our website at https://www.pch.net/about/privacy.