The underlying application code powering this site is entirely open-source, and may be reviewed on GitHub.
Types of Information Collected
When you browse through any website, information about your visit can be collected. I automatically collect and temporarily store the following information:
- Your IP address, and the name of the domain you use to access the Internet (for example, comcast.net, if you are using a Comcast cable account, or stanford.edu, if you are connecting from Stanford University's domain);
- The date and time of your visit;
- The pages you visited;
- The address of the website you came from when you came to visit (if you have referrer information turned on); and
- The type of browser used to view the site.
I use analytical software to process this log information (locally installed and privately maintained), but it's never shared with or sent to third parties under any circumstances, not even for my own analysis. This log data contains no personally-identifiable information (PII); browser data can potentially be identifying, but I have no interest in doing this, I'm only interested in statistical information to improve the site. So, I welcome anyone to anonymize any or all of their browser information; it's helpful for me to know what browser you're using, what language(s) you read/speak, and the date/time of your visit, but you are under no obligation to provide this information, so please use whatever proxies/anonymization measures you feel are necessary. For more information about browser fingerprinting, and to see what information your browser transmits when browsing, go to https://panopticlick.eff.org/.
This site does not use any third-party tracking cookies or statistic systems whatsoever. No Google Analytics, no Sitemeter, nothing.
Session cookies are used to enhance various features, but most of the site will work fine without them, so they can be disabled in your browser unless you're a registered user attempting to log in, or attempting to view mature content (see the Personally-Provided Information section below). As of the last revision to this document, there are no persistent cookies currently in use.
You don't have to provide any information to use this site, but there are a few areas that invite you to do so. Any information you provide through these methods will be carefully guarded, and not shared with any third parties.
User accounts may be created, using only as much information as you supply. A valid email address is required to activate your account, but it is absolutely never shared with third parties for any reason, nor is it used for anything other than account maintenance and account-related communications. Please note that logging in to your account requires session cookies - this is an inescapable limitation of all internet architecture.
The mature content filter for non-logged-in users requires a valid birthdate to ensure that visitors are over age 18 when viewing mature content. This is not stored in any way, once it is processed by the filter script, and it cannot be retrieved by third parties in any way.
For users with user accounts, entering your birthdate into the form will set a True/False flag in the database indicating whether you were over age 18 when you provided that data, along with the date/time when you submitted the form (for validation purposes), but the birthdate you enter will not be stored.
For anonymous users, entering your birthdate into the form will set a session variable for 48 hours indicating whether you are over age 18. The underlying code for this form can be found here. Please note that this functionality will not work without session cookies - this is an inescapable limitation of all internet architecture.
The contact form is only used to send an email to me. A valid email address is required in order to receive a response. Upon successfully sending a message through the form, your IP address and user agent will be recorded in a temporary caching system for up to 24 hours, as a spam/abuse reduction measure - it will not be stored, recorded, or used in any way beyond that time, and I have no means of retrieving it once the "cool down" time has passed. This information is never shared with third parties.
If I determine a message sent through this contact form to be spam, I will add certain keywords from the message to a database on this site. Future messages sent through the contact form will be checked against this list, and if a match is found, the sender's email address, IP address, and user agent will be recorded permanently, in order to block that sender from future access to the site. I maintain this spam keyword list manually, and I prioritize avoiding false positives when selecting keywords to add to the list, but if you feel I've made a mistake, please open a support issue and I'll review your request. I reserve the right to share this information (spam keywords, spam sender addresses, and spammer IP addresses/user agents) with security researchers of my choosing, for academic purposes or for the development of defensive technologies.
The underlying code for the contact form can be found here.
This article has been updated as of June 25, 2023 17:52