{"id":20560,"date":"2019-02-08T20:59:58","date_gmt":"2019-02-08T20:59:58","guid":{"rendered":"http:\/\/ci027cfe63900a2697"},"modified":"2019-02-08T20:59:58","modified_gmt":"2019-02-08T20:59:58","slug":"can-i-trust-bitfurys-peach-lightning-with-my-data-maybe","status":"publish","type":"post","link":"https:\/\/bitcoinmagazine.com\/technical\/can-i-trust-bitfurys-peach-lightning-with-my-data-maybe","title":{"rendered":"Can I Trust Bitfury\u2019s Peach Lightning With My Data? Maybe"},"content":{"rendered":"
<\/div>
<\/figure>\n

Announced at the end of January, Bitfury\u2019s production-ready suite of Lightning Network products and services, Peach<\/a>, appears to offer everything a developer, user or merchant could want from a Lightning implementation. It comes with built-in, e-commerce plug-ins, has a hardware component for point-of-sale, a toolkit for developers and its own Lightning node to ground the whole outfit.<\/p>\n

The suite, with its many uses, has a wide reach \u2026 a bit too<\/em> wide, one crypto analysis group thinks.<\/p>\n

Block Digest<\/a>, \u201ca bi-weekly podcast covering the latest technical and market news related to Bitcoin,\u201d argues that Bitfury\u2019s Peach infringes on its users\u2019 privacy to a disturbing degree. To them, the Peach Lightning node is a panopticon from which no data escapes, and each Peach application is the cell through which Bitfury can see personal and financial information about its users.<\/p>\n

Do I Dare Trust a Peach?<\/h3>\n

\u201cStay the !#@& away from it,\u201d Rick, one of the Block Digest ensemble, cautions during the group\u2019s breakdown of the technology<\/a>.<\/p>\n

An offshoot of the World Crypto Network podcast, the Block Digest cypherpunks treat the subject with earnest disgust, arguing that Bitfury is being disingenuous and even purposefully misleading about how it manages user data.<\/p>\n

\u201cHaving read both versions of the terms of use and privacy policy, there are a number of inconsistencies. A lawyer has said that there are a few things that, if not compliant with GDPR<\/a> [the EU\u2019s technology privacy regulations], would be violating GDPR for vagueness alone. So yes, we would say there are violations of privacy going on,\u201d Janine, another Block Digest member, told Bitcoin Magazine<\/em>.<\/p>\n

In separate correspondence with Bitcoin Magazine,<\/em> Bitfury push backed on the allegation that it is in violation of GDPR, asserting that it \u201c[complies] fully with all applicable regulations, including GDPR. We believe that our terms of service and privacy policy are indeed compliant with those regulations.\u201d<\/p>\n

Still, after Block Digest and other community voices started raising the alarm about Peach\u2019s privacy implications, Bitfury seemed to take notice and revised their terms of use and privacy policy for the Lightning suite on January 30, 2019.<\/p>\n

Nevertheless, Block Digest says that the new versions, even with the alterations ,still fall shy of reassuring users that their data is safe from view \u2014 or of even fully explaining how it is used<\/em>.<\/p>\n

\u201cThey don\u2019t just say they don\u2019t collect it; they say they don\u2019t have access to it,\u201d shinobi, one of Block Digest\u2019s crew, told Bitcoin Magazine.<\/em><\/p>\n

\u201cThere are two things in the code for ability to collect data. The first one is event logs that go through Google analytics, and that\u2019s for navigation in the application.\u201d This first function, he told us, was nothing noteworthy: It just logs events and doesn\u2019t collect information.<\/p>\n

The second part, however, does collect information. \u201cFor these streaming payments and the payments that use a lightning id without an invoice, all of those are being coordinated through [the] Bitfury server. They can see everything: who\u2019s paying, who\u2019s paying whom, how much they\u2019re paying.\u201d<\/p>\n

Bitfury\u2019s Lightning Peach suite allows users to transact with anyone using Lightning through payment invoices, where a recipient requests payment from a sender. Or, they can send payments through the Lightning Peach node, a Bitfury-centralized process, with a lightning id or streaming payment, both of which can only be executed between two Peach users.<\/p>\n

At the very least, Block Digest acknowledged that Bitfury won\u2019t collect data from a \u201cregular lightning invoice payment.” So if you receive an invoice from a non-Peach user, even if you\u2019re using Peach\u2019s wallet, that payment isn\u2019t routed through the Peach node and is out of their purview.<\/p>\n

But anyone using Peach\u2019s streaming payments and Lightning ids will forfeit transaction information, including IP and wallet ID, to Bitfury so that Peach\u2019s Lightning node can facilitate the payment for the user. Given that Bitfury is providing a centralized service, this isn\u2019t out of the ordinary, and Bitfury updated its policy to say this information \u201cis not stored.\u201d<\/p>\n

Questions and Contradictions<\/h3>\n

Most of Block Digest\u2019s most pointed accusations are leveled at what they see as contradictions in Bitfury\u2019s terms of use and privacy policies, as well as a now-omitted clause that originally claimed to keep tabs on user data.<\/p>\n

In a document shared in confidence with Bitcoin Magazine,<\/em> Janine recorded changes in Peach\u2019s terms of use and privacy policies. At one point, she says, \u201cIn the older version of the policy, they claimed to collect: \u2018traffic data, location data and other communication data, and the resources of the software that you access and how you use them; time that user spent in wallet (session time); number of sessions within the time unit (for example, month); number of payments within one session; amount of payment; payment type (regular\/stream); successful\/failed payments; periodicity of channel opening (times per month); lifetime of a channel; number of simultaneously open channels; channel capacity; waiting time for channel opening; waiting time for lightning transaction; number of nodes, which user pays to.\u2019”<\/p>\n

This could be justified as crash report data collection \u2014 aggregated network data to diagnose the reason for a crash or bug. Shinobi had a friend run an audit, and he allegedly found no evidence of collecting data for this purpose in the code.<\/p>\n

Block Digest argues that this retracted list embodies the looming contradiction that Bitfury\u2019s terms simultaneously say they won\u2019t collect, store or see data and that they may share, consult or leverage this data under certain circumstances.<\/p>\n

The most apparent contradiction, Block Digest argues, comes from Bitfury\u2019s claim in the updated version that data collection is optional, something Bitfury reiterated to Bitcoin Magazine<\/em> when we inquired about the privacy allegations.<\/p>\n

Pavel Prikhodko, head of Lightning Peach, told Bitcoin Magazine,<\/em> \u201cThat data is only collected if users proactively confirm they would like to provide anonymized information via Google Analytics. It enables us to better understand how users interact with our website and software. That data cannot be traced back to an individual user and is a standard optional setting present in the vast majority of modern consumer software products.\u201d<\/p>\n

Block Digest is unconvinced, mainly because the same terms simultaneously tell users that they don\u2019t have to provide information unless they acquiesce while it also says that, upon generating a wallet, users will \u201cbe required to provide contact information that may include a phone number, email address, username and other information as appropriate.\u201d<\/p>\n

Bitfury, clarifying the terms in a Medium post<\/a>, claims that it doesn\u2019t collect these data points. This is in conflict with the terms of use, Block Digest observes. In the agreement, it says very clearly that \u201cproviding the required data is necessary for you to use the Software. If you do not wish to provide the required data, you cannot use the Software.\u201d<\/p>\n

Bitfury also claims that it \u201cdoes not collect, nor have access to … information on the transactions you perform through the use of the Software,\u201d something that, Block Digest says, doesn\u2019t align with their claims that user data can then be shared or sold to subsidiaries or people buying aspects of Bitfury\u2019s business.<\/p>\n

\u201cIn the policy that was active before January 30th, they say that they would be willing to share or pass over this data to entities who were looking to buy any aspect of Bitfury\u2019s business,\u201d Janine said.<\/p>\n

The new policy says the same, indicating that data may be shared \u201cto the purchaser or seller (or prospective purchaser or seller) of any business or asset which we are (or are contemplating) selling or purchasing. Except as provided in this privacy policy, we do not intend to sell, share or rent your information to third parties.\u201d<\/p>\n

Janine makes the point that, \u201clegally, saying you intend not to do something is not the same as saying you will not do something.\u201d<\/p>\n

The outfit worries that, at worst, Bitfury could sell information to stakeholders in Bitfury\u2019s companies, or at best, share information between its subsidiaries, including its blockchain analytics platform Crystal, one of Bitfury\u2019s compliance-focused side projects.<\/p>\n

Bitfury denied that they intend to share data with Crystal:<\/p>\n

\n

\u201c… none of the data processed is shared with Bitfury\u2019s public blockchain analytics division, Crystal. The Crystal platform provides a more user-friendly interface for analyzing public blockchain data.\u201d<\/p>\n<\/blockquote>\n

It should be noted that, in the terms of use, Bitfury includes a termination clause in the event a user would prefer to get out of the software\u2019s data agreements:<\/p>\n

\u201cWhen you use the Software, and provide the required data, you can contact us (please see paragraph 11 below) to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to receiving a file of your personal data and (6) or the right to object to the processing, and where we have asked for your consent, to withdraw this consent. These rights may be limited in some situations. We may, for example, deny your request for access when necessary to protect the rights and freedoms of other individuals or refuse to delete your personal data in case the processing of such data is necessary for compliance with legal obligations.\u201d<\/p>\n

The Consequence of Big Business<\/h3>\n

Block Digest has other secondary concerns, such as that Bitfury doesn\u2019t want anyone under 18 using their software, but the bulk of their qualms come from the company\u2019s seemingly contradictory and tenuous stance that it doesn\u2019t collect your data \u2014 but could if it wanted to. Most of all, the group disapproves of how this data could be used (for legal and enforcement reasons) and that Bitfury is simultaneously telling people they do and don\u2019t store data.<\/p>\n

\u201cYour personal data will be stored no longer than is necessary for the purpose they were obtained for, our compliance with legal and fiscal obligations, or for solving any disputes but not longer than 6 (six) years.\u201d<\/p>\n

\u201cWe collect, use and store your personal data to provide services to you, to comply with the legal obligations we are subject to, if necessary, for our legitimate interests or on the basis of your consent.\u201d<\/p>\n

These two separate clauses contradict the earlier statement that Bitfury doesn\u2019t store data, Block Digest points out.<\/p>\n

Other than sharing this data among subsidiaries or selling it in the case of a business transaction, Bitfury \u201cmay be required by law to collect and share personal information provided by you with public or governmental organizations for the purpose of compliance with the law, a court order, or to respond to any government or regulatory request, the privacy policy indicates.\u201d This was one of Block Digest\u2019s greatest causes for alarm, but it\u2019s the same regulatory compliance that makes Bitfury comply with GDPR \u2014 and maybe even why it doesn\u2019t want adolescents using its software.<\/p>\n

This is getting at the crux of it. As Janine said in our talk, no other Lightning service providers \u201chave data collection policies or terms of service like this,\u201d claiming that \u201cthey\u2019re not big enough organizations to provide one.\u201d<\/p>\n

Bitfury is big enough, and the corporation, like many monolithic crypto companies, plays regulations close to the chest and stays hyper compliant to stay out of trouble in an already internationally stigmatized industry.<\/p>\n

\u201cAs far as the terms, Janine\u2019s right,\u201d shinobi said about data collection in our talk, \u201cbut architecturally \u2026 other [softwares and services] are capable of gathering detailed information on your activity, but again, like Janine said, none of them have terms like that. I also don\u2019t really see the kind of history in the space and the move towards more surveillance and regulatory compliance that Bitfury is making with Peach.\u201d<\/p>\n

Bitfury told us that it uses \u201cthe minimum amount required for the products to work,\u201d for example, IP address and Lightning ID for streaming payments and Lightning ID payments. Anything else is either optional or only stored for as long as it needs to be for the software to function properly, something that Block Digest says is contradicted in the legal literature.<\/p>\n

Some of these contradictions appear to have been cleared up in the revisions, which could indicate that Bitfury simply fumbled the first drafts of their terms and privacy policy and needed to make some of the language more precise.<\/p>\n

So who\u2019s right and should you trust Peach? Really, it depends on who you are and what your desired level of privacy is.<\/p>\n

The Implications of Peach:<\/h3>\n
    \n
  • There are contradictions in the terms of use and privacy policy (and in Bitfury\u2019s statement on Medium) about whether or not Bitfury asks for\/accesses your personal information and data. In a previous draft, Bitfury mentioned that it collects a host of transaction data, which it now claims it doesn\u2019t collect.<\/li>\n
  • The legal language gives them the right to access the data if they want to for the purpose of selling aspects of their business, sharing data between subsidiaries or legal compliance.<\/li>\n
  • Bitfury says that they only have access to limited data (IP and Peach ID) for a short time while they route transactions through the Peach node and claims to not store data thereafter (you can transact without data collection implications by using Lightning invoices).<\/li>\n
  • The truth is, Bitfury has (and admits to having) access to some data if they need it for legal or business reasons. Which data they have access to and to which extent they would use it is not very clear.<\/li>\n
  • That said, most of this data is benign in nature (basic transaction details, for example), but some of it (IP address, phone number, etc.) is not.<\/li>\n<\/ul>\n

    If you\u2019re not too concerned with privacy, whatever data collection might happen will likely go unnoticed. It\u2019s not unlike the information that, say, Coinbase already has in terms of transaction details and the personal data Facebook and Google have (and are selling, by the way).<\/p>\n

    If you are privacy conscious, however, the structure (and contradictory explanations of) Peach\u2019s data collection structure will likely be off-putting, enabling the panopticon for data that the modern internet has become.<\/p>\n

    All things considered, though, you can transact without your data being apprehended through Lightning invoices, and the amount of data that Bitfury could have on you is pretty negligible. It\u2019s ultimately down to over your tolerance\/comfort levels for how the business operates and shines a light on these operations.<\/p>\n","protected":false},"excerpt":{"rendered":"

    Bitfury responds to critics of its Lightning Peach suite of tools who have raised questions about the privacy of user data.<\/p>\n","protected":false},"author":3468,"featured_media":20561,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35],"tags":[2539,402,460,477,73,330],"class_list":{"0":"post-20560","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technical","8":"tag-bitfury","9":"tag-data","10":"tag-lightning-network","11":"tag-payments","12":"tag-privacy","13":"tag-security"},"author_data":{"id":3468,"name":"Aaron Van Wirdum And Colin Harper","nicename":"aaron-van-wirdum-and-colin-harper","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/88b6c65a7515990786b1c04473e15469e5b0d0fffef947ed629a60854e1cb426?s=96&d=robohash&r=g"},"featured_image_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/can-i-trust-bitfurys-peach-lightning-with-my-data-maybe.jpg","_links":{"self":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/20560","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/users\/3468"}],"replies":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/comments?post=20560"}],"version-history":[{"count":0,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/20560\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media\/20561"}],"wp:attachment":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media?parent=20560"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/categories?post=20560"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/tags?post=20560"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}