Privacy Policy Update: No Mining

I got a weird spam e-mail overnight asking if I wanted to embed someone’s cryptocurrency miner into my website. They purport to be opt-in only, but all the other examples I’ve read about online up to now have been surreptitious, hijacking the browser for its own ends without asking. The end user only notices when their computer fans switch on or their computer gets too hot.

Such mining scripts have been strongly contentious in other websites. They exert excessive and unilateral control over the browser’s system. I certainly had such things in mind when I promised never to embed ads and the like in my website, but I had never spelled out that I had no intention of hijacking the browser for my own ends (ad or not).

This morning, I added a new point to my privacy policy.

  • This website does not load software in the user agent (your browser) which serves any purpose beyond displaying the website and its assets—meaning it does not use your browser to mine cryptocurrency, for example.

Most of my privacy policy describes what the website does without mentioning the browser. This point adds a clear expectation for browsers which visit.

I generalized the point a bit to include things which aren’t just cryptocurrency miners. It might be tempting to grab a few of my users’ cycles for SETI@home or the like, for example, but if a user wants to contribute to a project like that, they can do so themselves. I’ll have to rely on persuasive words to bring people around to a cause like that.