Disqus commenting platform sold to big data and analytics firm Zeta Global
Big data and analytics company Zeta Global announced that it has acquired the commenting platform Disqus.
Disqus is best known for its commenting system that sites all over the Internet use. It is a third-party system that webmasters embed on sites. Disqus offers analytics, monetization and other services on top of the actual commenting system.
Data is stored on Disqus servers, and the company has been criticized for its user tracking activities. The company suffered two major security breaches, one in 2013 and another in October 2017. A snapshot of a database containing 17.5 million user email addresses, login dates and sign-up dates was copied according to Disqus in the latest breach.
Disqus notes in the acquisition announcement that nothing will change for users or publishers that use the service.
So you’re probably wondering what this means and how it impacts Disqus and the service we provide to publishers and users. The short answer is that not much is changing. Our team, our product offerings, terms, pricing, and vision to help publishers succeed remain the same.
Disqus becomes a business unit of Zeta Global. Plans are underway to "expand the Disqus platform for publishers" by making moderation easier and more scalable, and putting the focus on building relationships between sites and visitors.
Zeta Global's press release highlights why the company acquired Disqus.
Zeta Global today announced it has acquired Disqus, the web's leading audience engagement platform used by 4 million websites and 2 billion monthly unique users. Combined with Zeta's leading marketing platform, artificial intelligence and machine learning, the acquisition makes Zeta the only company able to offer personalized real-time marketing at scale on the open web.
The data that Disqus sits on and accumulates every single minute is what makes Disqus important for a company like Zeta Global.
We're redefining the marketing technology space with actionable data, artificial intelligence that answers business problems and a marketing hub that serves as the nerve center for data-driven marketers. Disqus extends and enhances this strategy.
Disqus' privacy policy highlights that the company collects personally identifiable information,
Closing Words
We had several reasons for sticking with the default WordPress commenting system instead of adopting a third-party powered system like Disqus. One of the major concerns that we had with all these solutions was privacy. User data is stored on third-party servers, and the company that operates the commenting platform has access to all the data including user IP addresses and header data.
In case you are wondering, a lack of control was another major reason for not switching to a third-party powered commenting system.
It is clear that Zeta Global is interested in the data that Disqus accumulated over the years, and continues to accumulate. The press release notes that 7% of the top 1000 most engaged websites use Disqus.
Now You: What's your take on this?
Has anyone noticed or aware of a significant increase in what is mined by Disqus through your browser? In past couple months, sites running Disqus all chew up CPU and RAM way more than in the past. Suspected the browser, but happens in Firefox, Chrome and IE.
Thx for the article. I almost signed up for disqus on a tv channels site, which just had outsourced their comment system to disqus. I only knew it was a third-party platform unknown to me, so I rather procrastinated signing up. For the better, as I read here.
I have always refused to comment on sites which insist on a Disqus account. The very idea that anyone could read the comments you’ve left on totally unrelated places is already a gross violation of privacy. Add to this the data mining done by Disqus itself, plus the possibility of an event such as the one you just reported on, and it’s easy to see why this is downright dangerous for the user.
First you allow all your comments to be owned by some party unrelated to the site whose author you know and trust, then you have to live with the thought that all those comments might be acquired by yet another party whose ethics and inclinations you can’t possibly know beforehand.
You can lock your profile so others cannot see your comments elsewhere.
i use uBlock Origin in Advanced Medium Blocking Mode and Privacy Badger. i “noop”d Disqus . com in uBlock Origin and Slid Disqus . com to Yellow in Privacy Badger, but i blocked disqusads . com, referrer.disqus . com, links.services.disqus . com and realtime.services.disqus . com and was every site that used Disqus was able to show comments and everything functioned properly. i’m hoping that uBlock’s filter lists will block any extra tracking possible, but i’m still considering blocking it all together.
i think i’ll come back to this article and see if there’s any new comments or i get any replies with anyone’s input. i like reading through the comments of certain sites sometimes, but if my privacy is protected enough-(which i know it probably isn’t) then i’ll have to Block Disqus.
The thing is that if Disqus itself wants to sell your data (as Zeta Global certainly does), then there is no blocking that can stop them aside from blocking the commenting entirely. They’re hosting your account and all your comments, and will track what they need from that server. They don’t need an external tracker at a different domain name.
@Tom Hawack – Your comment just made me realize i goofed, i meant “but if my privacy *ISN’T* protected enough-(which i know it probably isn’t) then i’ll have to Block Disqus.”, but i’m sure y’all realized that.
But yeah, i started to block Disqus in Privacy Badger and uBlock Origin then i thought to myself, “i’ll think about it, plus i don’t want to lose my settings”. Like i stated in my original comment i have everything Disqus blocked except the neccesary things to keep it working. So yeah i hope the uBlock filters will help with it, but at the end of the day as much as i’m don’t want to make these data miners a penny, i can’t let it control my life and stop me from reading a damn comment on a site i visit. i don’t have a Disqus account, just read comments on some sites.
The things us people have to do when browsing……….
> “[…]but if my privacy is protected enough-(which i know it probably isn’t)[…]”
Sure, we should protect ourselves, Web included, but not to the point of getting sick about it (phobia). Otherwise we could face the scenario of the old spinster who never suffered of love’s cruelty but who never enjoyed its smiles as well. Among my friends I have those whose attitude in life and on the Web is extra and perhaps excessively cautious and others who seem to spend their time whistling, always happy! I can tell you and that won’t be any scoop that the latter are far more sympathetic :) As always the medium, the balance, no excess on whatever border is the toughest position to accomplish but maybe the only one to achieve the best of both sides …
What’s your take on this?
> Disqus.com added to my blocklist right now.
disqus.com itself, such as in a hosts file won’t make it. In fact neither disqus.com nor [www.disqus.com] are included in my hosts file (which combines several of the best available). Rather, what is involved is disqus operating as 3rd-party (when called by Websites). The ones I have in my hosts file are :
disqusads.com
javdict.disqus.com
links.services.disqus.com
realtime.services.disqus.com
referrer.disqus.com
tempest.services.disqus.com
[www.javdict.disqus.com]
glitter.services.disqus.com
juggler.services.disqus.com
redirect.disqus.com
[] included here for correct display
Add those to a hosts file (preceded by the usual 127.0.0.1 or 0.0.0.0) and you should be free of the companies data collecting.
Most of us know that but one never knows who might wonder on how to block disqus with a hosts file…
Heh… I had a feeling that Disqus was in the data mining business since the beginning.
Deleted my account for good.
“Deleted my account for good.”
It’s not really deleted. It’s still on their servers.
The Discus Throw!
The joke of the day, partially off-topic. Not sure it wouldn’t be hidden by Sören Hentzschel’s audience!
> We had several reasons for sticking with the default WordPress commenting system instead of adopting a third-party powered system like Disqus. One of the major concerns that we had with all these solutions was privacy.
Martin, do you know Talk from Coral? The Coral Project is a collaboration from Mozilla, New York Times and Washington Post, funded by the Knight Foundation. A few big newspaper websites already use Talk (including Washington Post and Wallstreet Journal). It’s a third party commenting system but it’s Open Source, can be hosted on your own server and it can be integrated in WordPress (It’s used on the Coral blog and that’s a WordPress blog).
One of my favourite features from my user’s POV is to hide comments marked as off-topic. ;)
https://www.coralproject.net/products/talk.html
Yes I saw that when it first was revealed, but there was no integration with WordPress.
It’s not enough that I’m getting “canvas fingerprinting attempt” warning on every site that has Disqus? Oh well. I just use it for posting on a few tech sites, no personal info, no politics or similar subjects, and on other sites I don’t even load it.
If I hadn’t recently added it to my host file it certainly would be going in there now.
Many hosts file providers include Disqus in their lists and I’ve never made any exception for that domain and wouldn’t considering the number of those providers, with an obvious consensus. Therefor I’m not surprised with the news.
Is the same Zeta Global that used to develop ZetaOS?
No, not related: https://en.wikipedia.org/wiki/Magnussoft_ZETA
Oh yeah! I felt few days ago that i needed to delete accounts i don’t use and Disqus was one of them.
Folks, if you care about your own security, don’t delete accounts anymore!
Change the password to a very long password and then throw it and do not use it anymore.
Deleting an account is a bad idea because:
– if the service reallocates freed user names to new users then someone else may impersonate you in the future;
– in case of an email account is even worse: if you have forgot about some accounts where you have used the email address as recovery and someone else get the username then it’ll can hijack those accounts (Yahoo used to reallocate usernames);
– if the email account expires after a period of inactivity then you must keep it alive (using scripts or IFTTT.com) – for example outlook.com throw away inactive accounts;
Ones you’ve made an account never delete it, just lock down the account and never use it, after you ‘unlinked’ it from other accounts that you have.
I certainly did not mean to imply your advice was not trustworthy. I was only wondering whether anyone had done any academic, in-depth research on the subject.
Steve Gibson’s podcast — yeah, I’m aware of it. I never watch it, because it’s a podcast. It takes something like ten times longer to absorb the same amount of information by listening to someone, than by reading. But then, you need to know how to read, which more and more people do not.
I used to have a Yahoo account — almost never used. After the Yahoo mega-hack, I tried to access it, in order to change the password, do something. I was never able to. All my attempts at password reset failed. So bye bye, Yahoo. I seem to remember reading somewhere that Yahoo accounts were de-activated when unused for too long, anyway. Of course, that’s not the sort of thing they advertise front and center.
This is not from a security paper; it’s from my common sense after using the internet for about 20 years (my first account dates from 1998) and after I’ve used more than 300 accounts on different services (it’s not a big number; I have more than 20 email accounts from which over 75% are used for dev projects, 7 GitHub accounts, over 30 accounts for API access, multiple cloud storage accounts, VPS, droplets, etc etc etc).
But if you want a more trustworthy source, from the top of my head I can just recommend you the Steve Gibson’s podcast on Twit.tv – Security Now. I remember that around the last Yahoo breach disclosure he recommended not to delete the Yahoo account, but just make a very strong password, delete the ‘security’ questions, activate 2FA and then forget about it.
This is interesting. It’s the first time I come across such an opinion. Would you, by any chance, be aware of any paper by a security researcher, who might have studied the issue and supported this line of action ?
Disqusting
Account deleted. Any site having Disqus, effectively does not have a comment section.
This is a perfect example of why i don’t use comments sections on sites that require you to handover personal details, it’s impossible to know whose hands your details are going to end up in, yes the WordPress commenting system used on Ghacks probably logs an IP address but at least it affords a higher level of privacy and security than something like Disqus, it always baffled me why people signed up to that, i guess some people don’t know the power of analytical models.
I agree. If a site is extremely appealing to me and hosts their own comments (even if that’s the WP commenting system), I’ll go ahead and register to comment even though I’d prefer not to.
However, if a site is using a third party commenting system, I view it as precisely the same as not having a commenting system at all.
Not that easy. You already need a geek’s mind to devise such a trick…
I was at the time interested by dating (nothing to do withe lady, or almost nothing!) cycles, working then on a small program which would calculate when a same day/weekday occurred, such as Monday 4th of July. The cycles are 6,6,5,11 if I remember correctly, which means a precision of 5 years. From there on in most cases 5 years is enough to have a good chance of figuring out the year, especially with young events/people. Now, if I know the Chines sign as well (12 years cycle) predictability would be practically 100% unless if the person/event is several hundreds years old :)
the main appeal of Disqus from a user perspective is that you have one log in for all sites that use Disqus, and that you get notifications and other features that you may not get when you don’t use a system that has a larger reach.
Of course one can always create separate Disqus ID/email accounts for each site using Disqus. But would tracking still be aggregated by IP or fingerprinting?
I block Disqus in Ghostery, uBo, and NoScript in FF [yes, belt and suspenders], and Ghostery and uBo in Vivaldi and Chrome, and only manually allow (on a per session basis) on MajorGeeks and a local weekly newspaper to enable the reading of comments.
Does allowing the display of comments without logging into to the service to post comments cause it to track other web activity?
With strict blocking [only Disqus (disqus.com), and Google CSE and Ajax search API (googleapis.com) allowed for MajorGeeks searches], how much activity beyond the service is tracked by logging-in to post? Is that even knowable?
@Jojo, that is exactly what I don’t want as well.
Compartmentalize, divide, like in vessels (especially submarines!), like in a secret agent’s tough life split between being the hunter and the hunted, divide your tracks. Amazing is what can be achieved in terms of a person’s profile by adding apparently insignificant crumbs of information. I remember (at the time I was still a naughty boy) asking a young lady the day and month of her birth (not the year!) and later on on what day of the week she was born … which enabled discovering her year of birth.
Yep. That was easy. That was yesterday. “Yesterday, love was such an easy game to play…” etc. But you get the idea
“the main appeal of Disqus from a user perspective is that you have one log in for all sites that use Disqus”
———
Which is exactly what I DO NOT want! When a person or company can put together all your comments across the internet, they may be able to figure out who you are. But even if not, a government could subpoena all your comments form one source. At least make them work to get your comments!
This is exactly my concern with using single ID’s like from FB, Linkedin, Google or whatever.
Also, it used to be true that Disqus allowed anyone to follow someone else w/o their approval. Unsure if that is still the possible but if so, this opened up opportunities for harassment and stalking.
One log in aside, my main reason for using Disqus is because I don’t have or want a Facebook or Twitter account.
A lot of the disgusts user are not aware that everybody can see your posting profile. In a forum it is ok, but here I can also see on which websites he posted a comment. E.g. a political forum and so on. In one case I found a homophobic comment. Ouch…
But you can make your profile page private.
You can lock your profile so no outsider has access to it.
The censorship of political correctness is another reason to stay away from third party commenting systems.
If it hurts you that some people disapprove of homosexuality, there are plenty of safe space sites like Twitter, Facebook etc. where speech is heavily moderated.
Do you know what is the most disapproved, most taboo, most politically incorrec topic/subject in the world? Talking about how anti-male and misandrist is the society, laws and women, especially in the western world. And talking about men’s problems. In other words: the truth (Red Pill). (For example it’s a trend that women abuse the anti-male laws and falsely accuse men, divorce rape, …)
@Test
And it seems you’re OK with the idea of thought crime.
@MdN
Oh, you mean the simple biology of 63 genders? That’s, um… great.
“There’s a reason political correctness exists.”
Yes, to silence sanity and spread propaganda.
Well, that escalated quickly. Every person is entitled to his opinion unless he discords from me.
Maybe you should go to your own safe space such as St**f**ont or Br***b**t or a similar website where it’s acceptable to be a hysterical spoiled brat about simple biology?
“Due to power dynamics in many multicultural societies, most hate speech laws are designed to protect historically persecuted people from groups with power.”
There’s a reason political correctness exists.
what you tell “disapprove” is often hate crime. But it seems that you are ok with that.