Please stop logging IP addresses with searx /e/ spot

Thank you for your answer but I thought that the goal of this forum was for the users to have the possibility to exchange with e team members and to communicate about such problems, for example.
Using a developper platform for this kind of issues is not a user friendly approach and clearly not “mom and dad approved”. I really advise you to have a better communication inside e team to make it possible for the members in charge to be informed about such issues by the members present here in this forum.

If the intention is to resolve this issue then a developer has to look at it. Discussing it endlessly will not resolve the issue in the code …if it exists.

Hello,
my understanding is that for the time being, hosted service providers of many EU countries have to keep all connection logs (IP address, etc.).
In France, retention period = one year.
But, at EU level, things are not that clear. On October 6, after a 4 years debate, Court of Justice of EU stated that it was against “the generalized and undifferentiated transmission or storage of data” (logs). There is a fight on this topic at the moment:

Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, France, Germany, Hungary, Ireland, Italy, Luxembourg, Poland, Portugal, Slovenia, Spain, Sweden, United Kingdom? might have to change their ways because EU laws prevail on national ones.
It’s not yet settled I am afraid.

Thank you for your answer but still, services in the cited countries do not log IP addresses as of now so there is no european reason for /e/ to do so until this authoritarian project is actually settled.

I’m afraid you misunderstood my comment. I only recommend that you establish a real communication inside your team so that simple end users don’t have to bother creating accounts both on this forum and on a developper platform that is everything but user friendly at the same time only because you are incapable of communicating internally about issues. You cannot expect from common end users to go on such platforms to contact your developpers themselves. In projects of this dimension, this is the task of members in charge of communication with end users like on this forum.

That being said, logging users IP addresses does most probably not come from a simple “issue in the code” but from a deliberate decision from people in charge of this project. So I’m not sure that this matter should necessarily be addressed to a simple developper in the first place.

If the understanding is that issues in /e/'s Gitlab are handled by developers directly then it is wrong. Issues which impact privacy or have similar wide spread impact are

• first checked if valid by the developer
• if found valid then discussed by the senior management
• finally based on the conclusion of the discussion the code changes if any are made by the developer or reasons why the issue cannot be resolved are updated in the bug status.
  In such cases we are bound by rules of Governments in this case France and go by those rules.

If this is intended at me personally then let me assure you that I had shard this issue with the team and the response was to add it to the gitlab. If there are any further inputs from the team I shall share the same on this thread.
A single identity for gitlab and the forum is not planned for now.

Of course my comment wasn’t intended at you personally (you’re doing a lot for the community on this forum and are being very responsive) but at the whole /e/ team. I find it truly incredible that when sharing such an issue with the team you’ve been answered that they would do nothing about it unless it was added on the gitlab. Such a level of bureaucracy and ineffectivenes is troubling.
If an issue on gitlab is necessary then a member of your team should add it himself instead of doing nothing about it. I have no gitlab account and I won’t be making one only to add this issue when the team has already been informed of the problem.

Raising a bug is a simple project management process to track an issue and is not a sign of bureaucracy or inefficiency. Anyway no need to raise it now.
I have raised this with the team and the Spot team will be removing any IP logging code if it exists.
All that I can say is if it happened it must be in inadvertently and not with any malicious intent. We have a privacy policy which discusses collection of such data as well.
We welcome users to point out any such mistakes on our part and we will fix it where possible.

Indeed, raising a bug isn’t but requiring an end user to raise an issue on a developper platform when it is already know to the team clearly is a sign of bureaucracy and inefficiency.

Thank you very much for handling this issue, I really appreciate your reactiveness. I bet it wasn’t malicious anyway I find it problematic when other Searx instances don’t log IP addresses. And it would be too bad because /e/ Searx instance is very nice, I really like its default search engines selection (althouh it would be nice to have google results through Startpage). It is enjoyable that a real effort has been made to its default appearance that is awful in other Searx instances. So thank you to the team for offering that.

I’m gald to see that this issue is being handled and looking forward to hear about the conclusion.

This topic was automatically closed after 30 days. New replies are no longer allowed.

Could we please have an answer about the issue that has been raised here last month?

What did the team answer? Is the /e/spot searx instance still logging its users IP addresses or has this problem been addressed?

Pl track the issue here

Thanks, apparently the issue has been dealt with and that would be great but there are no explanation there. Could we have a public statement about it please?

This issue has already been addressed here
That is a public statement. There is nothing further to comment on this issue.

No it hasn’t been addressed there at all. At the time of this message you didn’t know what was going on with the searx instance and users IP addresses log and you raised the issue on gitlab.

Now that the issue has been closed on the gitlab. We deserve some explanations firstly about why those IP addresses have been logged until now and secondly if /e/ certifies that the IP addresses of /e/ spot users are not being logged anymore.

If you want to accuse us of being immoral and devious there is nothing I can comment. I have already mentioned that if the IP’s were being logged it must have happened inadvertently and without any malicious intent . If we want to log user data we would not have gone to the extent of de googling our code. It is for you to believe or not to believe. Not exactly sure why you continue using /e/ when you are absolutely sure we are so devious or can use such methods. You can always switch to another ROM. Unless the intent is to engage in an endless discussion.

Honestly I don’t understand why you are reacting in such a defensive and highly unfriendly way. You even accuse me of being absolutely sure that you (/e/) are immoral and devious without any reason. It’s definitely not the case and I have never written anything that could allow you to draw such conclusions. On the contrary, I even wrote in a previous message:

I find your angry answer totally misplaced as I’m nothing more than an /e/ user concerned about /e/'s reputation and the privacy of its users.

This is why I’m asking for a public explanation about why this logging happened and above all if /e/ now certifies that the IP addresses of the users of its searx instance are not being logged anymore.
This transparency and commitment would only be basic community management for a sane project. The opposite being displayed here is actually damaging for /e/'s reputation and it saddens me.

It is still time to rectify that with an appropriate declaration this time.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Since this topic has unfortunately been closed (Please stop logging IP addresses with searx /e/ spot) without any official statement from /e/, I have to create a new one to ask again this simple question that unfortunately hasn’t been answered yet:

Does /e/ guarantee from now on that no log of IP addresses of /e/ spot searx instance users is being made?

I’m not asking anymore for a simple public explanation about why those logs happened in the first place since /e/ strategy about that appears to be silence. A little bit of transparency would have been nice, above all for a project that aims to empower users, but who am I to judge their community management after all.

Now I’m only asking this simple but capital question that can be answered with yes or no.
Thanks in advance for giving us the clear answer we deserve.