Of all of these, I appreciated the one from 05/11/2016 the most. It felt the least shady because they were very up front with the scope and the data collected (which was narrowly focused), and left the implementation up to the developer (along with an optional script they could use).
They also provided several options for sending the data, just to guarantee that the extension couldn't be compromised by their code. This one stood out from the rest for me. Curious though if I'm missing some way that this could be used for nefarious purposes though. Full text of the proposal below:
------
I’m sure you get business proposals all the time, so I’ll get straight to the point. I hope what I’m proposing is a little different and might actually interest you. I like Hover Zoom+ as a great alternative to it’s bigger brother Hover Zoom that lost its glamour over the last couple of months.
We're conducting a DNS error research and we’re interested in small amounts of anonymous data that you might be able to provide via your Chrome extension. Our research has been going on for years and Google has never had the slightest problem with it.
Compatible with Google’s strict policies
No personal user data
No ads, no malware
The data we’re interested in are basically just DNS errors:
NXD – Non Existent Domain - the ___domain that a user entered that resulted in a DNS error.
A time stamp – when it happened.
GEO – where it happened (USA, UK, RU etc.).
A unique randomly generated user ID (can be hashed, not traceable back to the user). Please, don’t confuse this with the user IP address.
And that’s all. You can either use our script or collect the data on your own and send it to us via an FTP server, API etc. There’s a lot of different ways we can do this. We pay on a monthly basis. The payments depend on user GEOs, but it would be in thousands of dollars per year.
Is this worth at least a brief discussion? Looking forward to hearing from you.
A while back I reached out to you regarding a DNS error research our company conducts. Hover Zoom+ would be an ideal medium for our research. In return, this could become a solid new revenue stream for you.
Our method has been going on for years and we’ve never had the slightest problem with Google. We pay regularly on a monthly basis. For you it would be in tens of thousands of dollars per year - the amount depends on your users base and data quality.
If you’re concerned about including third party scripts, there’s still a lot of ways we can make this work.
Please let me know if this is worth a brief discussion to you.
non existent domains are the ones that are most likely to be somehow personal to the user, because they weren't trying to enter a ___domain at all but it got interpreted as one accidentally. Eg a password they meant to type into a password field but the url bar was highlighted. If they were interested in statistics regarding popular domains, like google or facebook, then it would actually be less of a privacy intrusion, because it would only end up telling you about populations, not individual users.
I don't know what they actually intended to use this data for, but its telling that they don't mention that in their proposal.
They also provided several options for sending the data, just to guarantee that the extension couldn't be compromised by their code. This one stood out from the rest for me. Curious though if I'm missing some way that this could be used for nefarious purposes though. Full text of the proposal below:
------
I’m sure you get business proposals all the time, so I’ll get straight to the point. I hope what I’m proposing is a little different and might actually interest you. I like Hover Zoom+ as a great alternative to it’s bigger brother Hover Zoom that lost its glamour over the last couple of months.
We're conducting a DNS error research and we’re interested in small amounts of anonymous data that you might be able to provide via your Chrome extension. Our research has been going on for years and Google has never had the slightest problem with it.
Compatible with Google’s strict policies No personal user data No ads, no malware The data we’re interested in are basically just DNS errors:
NXD – Non Existent Domain - the ___domain that a user entered that resulted in a DNS error. A time stamp – when it happened. GEO – where it happened (USA, UK, RU etc.). A unique randomly generated user ID (can be hashed, not traceable back to the user). Please, don’t confuse this with the user IP address. And that’s all. You can either use our script or collect the data on your own and send it to us via an FTP server, API etc. There’s a lot of different ways we can do this. We pay on a monthly basis. The payments depend on user GEOs, but it would be in thousands of dollars per year.
Is this worth at least a brief discussion? Looking forward to hearing from you.
A while back I reached out to you regarding a DNS error research our company conducts. Hover Zoom+ would be an ideal medium for our research. In return, this could become a solid new revenue stream for you.
Our method has been going on for years and we’ve never had the slightest problem with Google. We pay regularly on a monthly basis. For you it would be in tens of thousands of dollars per year - the amount depends on your users base and data quality.
If you’re concerned about including third party scripts, there’s still a lot of ways we can make this work.
Please let me know if this is worth a brief discussion to you.