Gibraltar is designed to work across a range of uses from in-house corporate applications to public consumer applications. To handle this requires addressing the whole spectrum of privacy concerns from no expectation (in-house applications) to stringent public privacy laws around the world.
The primary concern with preserving user privacy is to eliminate information that directly identifies an individual in the real world. In the case of Gibraltar, we want to eliminate the following fields:
- Command Line. The executable may be located in the user’s directory which would give away their identity.
- DNS Domain Name
- Host Name: The value “anonymous” is substituted.
- User Name: This shows up on the summary information as well as each log message.
- User Domain Name
- Assembly File Paths: These may be located in the user’s directory which would give away their identity.
Of course, we can’t prevent you from logging sensitive information in your log messages – so you would need to avoid doing any of that on your own.
To enable this feature, see Anonymous Data Collection in the documentation.
Letting Users Opt In
In addition to anonymous mode, Gibraltar includes a built-in mechanism for letting users opt in and out of your CEIP program. It’s designed for use in Windows applications and includes a built-in user interface that we use ourselves. Even if you’re not using a Windows application it’s worth reviewing what we’ve done to understand how you can adapt it to your own situation.
The text you use to describe why you want to submit data should be tailored to the technical level of your audience. For example, if you have a highly technical audience it may be necessary to describe in more detail what you collect and how you protect their identity. Our built-in dialog is designed to model applications similar to Microsoft Office.
And that wraps it up! The time is just about out to Share your ideas with us on Facebook and get a chance to win a fantastic prize!