You asked for relays to share their TOS but:
> - You are solely responsible for checking for any updates to this ToS regularly.
> - By continuing to use the relay after a ToS change, you automatically agree to the new ToS.
looks a bit unbalanced. Imagine the worst TOS out there. This TOS can turn into that tomorrow and you agree to it by just opening your nostr client?
As long as they commit to something, people can react to it. If they never commit to anything, we are screwed.
But that's my point! What do you gain from them committing to not leak your naughty queries when it's just a hollow promise? So the boss tells the intern to put up this new TOS.html but intern gets inspired and taps the logs for juicy data.
To prevent this, we need to come up with other, privacy preserving protocols.
Filtering should happen more in the periphery. So my PC should get my events 24/7 and my nostr client should query my PC.
Querying relays should not be linked to npubs. Protocols that require ID to query ar hostile to privacy even though they are portrait as the opposite. "Only you can find your nip4 DMs". The more private way is gift wraps or other such protocols. Gift wraps incur a burden on the infrastructure so storage and delivery of these events has to be paid in a private way, using nuts for example.
Hi Leo. :love:
Thank you for your feedback about our ToS. :cheers:
We are open to suggestions and we will be happy to hear your ideas to make our services better in any way. If you have any idea for this part, just share with us as a reply and we will try to investigate and implement it. :salute:
I don't give much weight to promises made in TOS in general as it is at best a vague hint to your intentions. Sure, if you want to sell data, you can't promise to keep data safe but if you don't intend to do so, promising to keep it save has little weight. Hackers will exfiltrate what you store and even if you promise to not store access logs for more than a week ... the cost of not honoring that promise is way too low for me.
That said, TOS that can change unilaterally any second are not worth reading. The TOS apply to registered users? Send them notifications when you plan to change the TOS and if they don't sign off with their keys, terminate the service or do whatever disruptive that gets the user's attention long before you actually delete their data.
To me it is more about finding the relays that have values similar to mine and help them out. And we can only do that if operators start describing what they are here for. And what they will fight against. Privacy policy and terms of use are binding in many jurisdictions and modifying them at will doesn't allow them to use data from one version onto another. All we need is a third party NGO that tracks these agreements for changes.
