• Chozo@fedia.io
    link
    fedilink
    arrow-up
    214
    arrow-down
    6
    ·
    edit-2
    6 months ago

    From noplace’s FAQs: *

    do you collect my data?

    we use your phone number as a way for you to sign up and log into the app. that’s the only thing about you we collect.

    we don’t share your number or anything else about you with third parties like some other apps do. we want you to be able to securely log in and chat with ur friends, that’s it.

    Emphasis mine. Now their privacy policy: *

    Types of Data Collected

    Personal Data While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

    Phone number Usage Data Usage Data Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

    So, it looks like they’re starting off with lies right at the top, like every other tech startup.

    EDIT: To also address the “we don’t share your number or anything else about you with third parties” part, the privacy policy also outlines exactly how they will share your data with third parties:

    We may share Your personal information in the following situations: […] With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.

    Go fuck yourselves, noplace.

    EDIT: Another issue I just found with their FAQs:

    is this a crypto thing?

    wut? no.

    I thought it was weird that crypto would be a frequently-asked question for what appears to otherwise be a pretty generic-looking social network. Then I found that noplace’s parent company, Islands XYZ, was originally launched to be an NFT platform of some sort, financially backed by our old friend Alexis Ohanian.

    https://www.forbes.com/sites/alexkonrad/2021/11/30/web3-startup-islands-creators-nft-communities-launch/

    So they’re totally not a crypto thing. Definitely not crypto. 100% something other than crypto.

    Guys, I swear they’re not a crypto thing.

    • AstridWipenaugh@lemmy.world
      link
      fedilink
      English
      arrow-up
      83
      arrow-down
      9
      ·
      6 months ago
      • Your Device’s Internet Protocol address (e.g. IP address), - absolutely necessary for anti-ddos techniques
      • browser type, browser version, - necessary for UX to build a functional website for the browsers that customers actually use
      • the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, - critical for determining what is popular and what isn’t to improve how the interface is designed and what parts are pulled forward and what parts are hidden in menus
      • unique device identifiers and other diagnostic data. - useful for determining how often you switch devices and the performance and other experience metrics to drive making the app more user friendly

      I work on web software professionally and this is a pretty minimal list that is completely justifiable for maintaining operations. If you can’t answer basic questions like “what are users doing with the app?”, you can’t make intelligent decisions about how to improve it.

      There’s a lot of the same stuff here: https://legal.lemmy.world/privacy-policy/

      I don’t know anything about this app or company so I’m not going to defend them, but there aren’t any real red flags here. If this amount of data collection bothers you, you really should stop using the internet in general.

      • Chozo@fedia.io
        link
        fedilink
        arrow-up
        30
        arrow-down
        3
        ·
        edit-2
        6 months ago

        Sorry, I kinda got lost in the sauce on my original comment, lol. My issue isn’t so much with the data collection, itself. My problem is that their FAQs say things that appear to be outright lies. Not even just embellishing the truth or something, but complete falsehoods.

        I don’t care so much that they collect a bit of data. But if they’re wiling to lie to a potential user about their data collection, I can’t help but wonder what else they might be willing to be dishonest about. I already have doubts about their crypto claim in the FAQ based on their founder’s history with NFTs, so I worry that this might also be something they’re not being truthful about.

      • FelipeFelop@discuss.online
        link
        fedilink
        English
        arrow-up
        19
        arrow-down
        1
        ·
        6 months ago

        I think you’ve missed the point. It’s not the data they are collecting but the fact they say they don’t collect data.

        • AstridWipenaugh@lemmy.world
          link
          fedilink
          English
          arrow-up
          13
          arrow-down
          5
          ·
          6 months ago

          It’s pedantic, but you are not your computer. They don’t collect (according to them) PII other than phone numbers.

          • FelipeFelop@discuss.online
            link
            fedilink
            English
            arrow-up
            11
            arrow-down
            2
            ·
            6 months ago

            Not sure I agree entirely. The actions I take are definitely data about me.

            Also, in many jurisdictions data that could be combined (even in the future) with other data to identify you or something about you, is considered personal data.

            For example, Device ID is AstridWipenaugh’s device and they use the app in the morning.

            • Ghoelian@lemmy.dbzer0.com
              link
              fedilink
              English
              arrow-up
              4
              arrow-down
              1
              ·
              6 months ago

              (I don’t like this kind of data collection either fwiw, not trying to defend them or anything)

              On Android at least, device id’s are unique per app, and reset when you reset your phone to factory. In theory they can’t use this data to cross-track you personally, since every service that uses a device id has a different one for the same user.

              They can probably still build up a pretty accurate profile of you based on other data they collect though.

              • FelipeFelop@discuss.online
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                1
                ·
                6 months ago

                Yes, that’s exactly the point. Combining data is something that must be considered. (And in some jurisdictions like the EU you even need to consider if it could be combined in future with other data)

      • Knossos@lemmy.world
        link
        fedilink
        English
        arrow-up
        14
        arrow-down
        1
        ·
        6 months ago

        And just to piggyback on this comment, I’m an Android developer and we this information is critical for determining similarities for bug solving.

        You would not believe how often there is a bug caused by a specific model of phone. That connection you can only know if you log that for every crash you get.

      • ayaya@lemdro.id
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        4
        ·
        6 months ago

        Yeah as someone who has worked in web development for over 20 years everything in here is completely standard. Almost every major website in existence collects this kind of analytical data.

          • ayaya@lemdro.id
            link
            fedilink
            English
            arrow-up
            12
            arrow-down
            3
            ·
            edit-2
            6 months ago

            Like the comment I replied to already explained, this information is necessary to make informed development decisions. If you don’t know who is using what feature you might be wasting resources on something barely anyone uses while neglecting something everyone needs.

            You also need some of that data for security purposes. You can’t implement rate limiting or prevent abuse if you can’t log and track how your services are being interacted with.

            And this is aggregate data. I can promise you not a single person cares about what any individual user is doing (assuming it’s not illegal)

            • Cryophilia@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              6 months ago

              It should all be opt in. Aggregate data can be used to personally identify, and even when it’s not, it has its own negative effects.

              • ayaya@lemdro.id
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                1
                ·
                6 months ago

                It should all be opt in

                Then you introduce self-selection bias and the data is worthless.

                Aggregate data can be used to personally identify

                You can’t identify someone based on how they interact with a service. If you spend 5 minutes on one page and 2 minutes on another that could be anyone. Even if you for some reason personally knew someone’s browsing habits it would be nearly impossible to pick them out in a sea of millions of data points.

                I see you linked privacyguides.org in the thread as “alternatives”, one of the services it recommends is Proton (Mail, Drive, etc.). Look at their privacy policy:

                2.1 Visiting proton.me or protonvpn.com website: We employ a local installation of self-developed analytics tools. Analytics are anonymized whenever possible and stored locally (and not on the cloud). IP addresses are not retained and stored for such analytics.

                When you use our native applications, we (or the mobile app platform providers) may collect certain information. We may use mobile analytics software (e.g. fabric.io) app statistics and crash reporting, Play Store app statistics, App Store app statistics, or self-hosted Sentry crash reporting to send crash information to our developers in order to rapidly fix bugs.

                Or how about addy.io that privacyguides recommends for email forwarding? From their privacy policy:

                We use a self-hosted instance of Umami, an open-source, privacy-focused and lightweight option for website analytics. All the site measurement is carried out absolutely anonymously.

                ALL online services collect this kind of data. Even the privacy-focused ones. There is nothing nefarious about it.

                • Cryophilia@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  1
                  ·
                  6 months ago

                  “Analytics are anonymized whenever possible” is vastly more reassuring than “we use all this data”.

    • essteeyou@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      2
      ·
      6 months ago

      It sounds to me like the usage data is talking about the fact that every major web browser sends identifying information about the browser, device, etc. when you visit any site.

      For an app, they’re likely getting data from Google Play or the App Store for crashes, installs, comments, whether they like it or not.

      People don’t often accuse me of being an optimist.

      • Chozo@fedia.io
        link
        fedilink
        arrow-up
        7
        ·
        6 months ago

        Oh for sure, I don’t doubt that. The issue that I take is that their FAQ - which I imagine is rarely actually read by users, but is definitely read more often than the ToS - is directly contradicted by their ToS. While they say they only collect one data point in the FAQ, the ToS outlines several other data points they collect. While they say they don’t share your collected data with third parties, the ToS states that they may share your collected data with third parties for advertising purposes. The FAQ denies being connected to crypto schemes, despite their founder (Tiffany Zhong) and parent company being heavily involved in crypto.

        While these are all standard practices for just about every web platform, it’s the lies in the FAQs that should be concerning to users. If they would have just said exactly what they do with your data or what their background is in, or even just not included it in the FAQs at all, I wouldn’t have any problem with it. But they’re willing to openly lie to their users, and I don’t think they should be trusted.

    • CosmoNova@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      6 months ago

      I was surprised they didn‘t include AI in the FAQ until I learned they‘re openly advertising the usage of AI for the service whatever that means. Common GenZ L to throw themselves at this.

    • jorp@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      6 months ago

      They’re saying they might ask to collect this additional information. A lot of the information, as others have pointed out, is also common and necessary for some basic operations of a service like this.

      This is an overreaction, there are many good reasons not to like this app but misunderstanding their data policy isn’t one

      • Chozo@fedia.io
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        6 months ago

        Yeah, I thought about that halfway through looking through their ToS. I wish I was smart enough to figure out how to package this into a message Gen Z can actually understand and care about.

        • Skates@feddit.nl
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          6 months ago

          This app is cheugy af fam no cap fr fr on God if u download dis you stannin for the boujee this app high key has no drip big yikes if you on it u basic

  • morrowind@lemmy.ml
    link
    fedilink
    English
    arrow-up
    171
    arrow-down
    1
    ·
    edit-2
    6 months ago

    Instead of algorithms, noplace leverages AI technology to drive suggestions and curation.

    Instead of algorithms, noplace leverages algorithms to drive suggestions and curation

    • cows_are_underrated@feddit.org
      link
      fedilink
      English
      arrow-up
      46
      arrow-down
      2
      ·
      6 months ago

      Most bullshit take I have ever seen. You can’t replace a recommendation algorithm with AI, since its basically the same.

      • jacksilver@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        6 months ago

        Not basically, most (current) recommendation systems are AI/ML based. Any big platform is using AI/ML recommendation algorithms.

      • Gsus4@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        6 months ago

        You used to have (still have, I think) very simple friends-of-friends algos that are not ML, they are just graph connectivity and distance with some union-joins thrown in the middle. They work for recommendations like steam games of what people who like this game also liked.

        • cows_are_underrated@feddit.org
          link
          fedilink
          English
          arrow-up
          2
          ·
          6 months ago

          OK, thu is an example of a non AI recommendation algorithm. However, what we see now(you watched x so you like y) is basically AI

    • Gsus4@programming.dev
      link
      fedilink
      English
      arrow-up
      5
      ·
      6 months ago

      It’s potentially worse, because before you may have had an algorithm that a human could fine tune or whistleblow on. Now if it is trained on large datasets, the resulting algorithm is usually a blackbox weight matrix, they probably have no idea what pattern it is optimizing :S

      • Petter1@lemm.ee
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Nearly every social media has used Machine Learning to create personalised since a very long time, it was just not marketed as AI…

        • Gsus4@programming.dev
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          6 months ago

          Yea, by “before” I guess I meant before 2013…which leaves more “after” than “before” for social media 😅 .

  • schizo@forum.uncomfortable.business
    link
    fedilink
    English
    arrow-up
    87
    ·
    6 months ago

    Perhaps I’m just old, but picking the color of your profile is all zoomers wanted?

    I mean shit, I’m not going to be happy until I can have auto-playing music on my profile.

    • devfuuu@lemmy.world
      link
      fedilink
      English
      arrow-up
      28
      ·
      6 months ago

      Haven’t you seen how so many are crazy with discord paying options that is basically custom flashy avatar profile pages?

      The kids nowadays would have their brains exploded if they saw any hi5 page with custom css.

  • OsrsNeedsF2P@lemmy.ml
    link
    fedilink
    English
    arrow-up
    68
    ·
    6 months ago

    noplace had already gone viral ahead of its public launch because of its feature that allows users to express themselves by customizing the colors of their profile.

    Reads like a book about the future

  • morrowind@lemmy.ml
    link
    fedilink
    English
    arrow-up
    59
    arrow-down
    3
    ·
    6 months ago

    IOS only of course. Pack it up, nothing to see here. This is another clubhouse.

      • Flatfire@lemmy.ca
        link
        fedilink
        English
        arrow-up
        22
        arrow-down
        1
        ·
        6 months ago

        Absolutely. Android devices are dirt cheap, and ubiquitous in most of the world. It’s an obvious choice for many based on that alone. There’s also lots of families that aren’t in Apple’s ecosystem.

  • Vytle@lemmy.world
    link
    fedilink
    English
    arrow-up
    55
    arrow-down
    1
    ·
    6 months ago

    Something’s weird with this; I have heard absolutely nothing about this. Surely this is botted? Social media platforms don’t take off like this. Regardless of if its legit or not; who is funding this? No social media platform ever makes a profit.

  • katy ✨@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    47
    arrow-down
    2
    ·
    6 months ago

    launching something on ios only? in this day and age? y’all know places outside the us exist, right?

  • stevedidwhat_infosec@infosec.pub
    link
    fedilink
    English
    arrow-up
    27
    arrow-down
    4
    ·
    edit-2
    6 months ago

    You don’t need to share everything about you all the time. There is nuance in privacy and intimacy between close friends and family.

    Until we realize that, we will continue to learn this lesson over and over until it sinks in.

    These are the steps we must climb.

      • stevedidwhat_infosec@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Wasn’t saying you shouldn’t have any

        Outlined the current challenges we face, because the majority of people have not learned how to deal with it. Mostly because of difficult life circumstances and several addictive and mainstream implementations

    • Nima@leminal.space
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      4
      ·
      6 months ago

      we? i am fairly sure most people know how to use social media without being consumed by it.

      Not everyone that uses social media is making a mistake.

      • stevedidwhat_infosec@infosec.pub
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        Data brokers and people with experience with helping those affected by identity theft and cyberstalking will tell you otherwise.

        Last, never said anything like that. You’ve completely misinterpreted and put in assumptions to my claim that there are problems and difficulties that many, if not most, still face regarding specific implementations of social media. That is, not social media purely as a technology or a concept, but as specific use cases, I.e. Facebook, Instagram, Twitter, TikTok (TikTok may be a stretch for social media in regards to traditional examples, but many still use it as such)

    • Chozo@fedia.io
      link
      fedilink
      arrow-up
      7
      ·
      6 months ago

      I think that’s what Diaspora is trying to be. I’ve not heard much from that project recently, though, so I have no clue if there’s any activity on that platform anymore.

      • fjordbasa@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        6 months ago

        Or deadjournal? If livejournal was too mainstream, but you still had to get your emo thoughts on the internet

        • CaptDust@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          12
          ·
          6 months ago

          Deadjournal was (is?) such an excellent niche corner of the internet. I remember being young and having trouble connecting the site, totally my fault, but I sent them an email and the admins Cryo and SCSi personally helped me get it figured out. In hindsight I couldn’t imagine another platform taking the time.