Discord

Discord

Discord, Inc
Wi-Fi

Review date: Sept. 8, 2021

|
|

Mozilla says

|
People voted: Super creepy

Discord is more of a community with video call features built in, than a stand-alone video call app. Initially a place for gamers to meet, chat and share, Discord has grown to over 150 million users and its communities now include everything from book clubs, dance classes, study groups, anime, music, and more. Discord features text and voice chats as well as video call. The app is available on Android and iOS, as well as a download on Mac, Windows, and Linux. Users can also login through their browser. Discord has had problems with toxic content harming its users, ranging from harassment, human trafficking, and other online crimes. So if this is something your kids are using (it probably is), it's good to keep an eye out

What could happen if something goes wrong?

Last year we found Discord didn’t require a strong password to login. When our research came out, Discord, to their credit, immediately changed their login process to require a strong password. Yay! We love to see companies step up and make change for the better. Good work Discord! Discord does collect a fair amount of data on its users and says it can share that data with third-parties. Discord says they do not monetize this data -- their business model is based on subscriptions to premium services rather than monetizing data for advertising. However, we found their privacy policy to be pretty vaguely worded, which is a concern. They may not sell users’ data, however, it appears they can and likely do share data with many third-parties for only vaguely defined purposes. Discord did let us know they are in the process of updating their privacy policy to make it easier to understand for users, which is good to hear. One final concern with Discord is its history of malware and toxic communities. Discord users have reported experiencing harassment, abuse, and predators. Getting targeted with hate speech, getting harassed by misogynistic gamers, or accidentally stumbling across a porn ring are all real concerns for people on Discord who aren't careful. Discord recently acquired a start-up that makes AI-powered software to detect and remove online harassment, which could be a good step forward. However, other instances of AI content moderation in use in recent years have a questionable track record, so stay tuned.

mobile Privacy warning Security A.I.

Can it snoop on me? information

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks location

Device: N/A

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

Discord states it is 'not in the business of selling your information," which is great. That said, the way Discord manages data is currently largely vaguely defined. One of numerous confusing clauses is, 'We may also share aggregated or non-personally identifiable information with our partners or others for business purposes.' Discord says the do share data with third parties, including service providers like Google, Stripe, and Paypal. Discord also let us know they are in the process of updating their privacy policy to make it easier to understand for users. This is good to hear and will hopefully clarify some of the questions we found to be vaguely addressed in their current privacy policy.

How can you control your data?

Discord claims users can delete any message they have ever sent. Once a message is deleted, it is permanently deleted from their servers. If a channel, a server or a user account is deleted, all personal information is deleted too. However, we found the data retention section of their privacy policy a wonderful example of how a privacy policy can be made unspecific and confusing. Leaving it here in full: 'We generally retain personal data for so long as it may be relevant to the purposes identified herein. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time." While this may be rather standard privacy policy language, the vagueness leaves us with questions like, what purposes are relevant?, how is anonymizing data disposing of it?, and that last sentence seems to negate the first two. Vague privacy policies leave us scratching out head.

What is the company’s known track record of protecting users’ data?

Needs Improvement

In June 2020, Discord was identified as a favorable place to steal accounts. Discord also has a dubious track record of hate speech, abuse, and toxic behaviors on the platform. The company says they are in the process of enhancing their processes to make it easier to report these types of issues. Hopefully this will be a good step forward to help improve their track record at protecting users and their data.

Can this product be used offline?

N/A

User-friendly privacy information?

No

The policy is short and vague.

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Discord uses encryption at rest and encryption in transit for all data.

Strong password

Yes

A strong password is required to login

Security updates

Yes

Discord pushes regular security update as necessary.

Manages vulnerabilities

Yes

https://discord.com/security

Privacy policy

Yes

Does the product use AI? information

Yes

Discord allows AI chatbots. Discord recently bought Sentropy, a start-up that makes AI-powered software to detect and remove online harassment.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

No

Does the user have control over the AI features?

Can’t Determine

*privacy not included

Dive Deeper

  • Parents' Ultimate Guide to Discord
    Common Sense Media
  • Discord privacy tips that you should use in 2020
    Cyber News
  • Hackers have turned Discord into an account stealer - here's what you need to know
    TechRadar
  • Discord has won over gamers. Now it wants everybody else
    Financial Times
  • Why Does Discord Not Use Ads? And Why Is Microsoft Interested? We Asked Discord's CEO
    NPR
  • Hackers Are Exploiting Discord and Slack Links to Serve Up Malware
    Wired
  • How to upgrade Discord security
    Kaspersky Lab
  • Inside Discord’s Security Overhaul
    OneZero on Medium

Comments

Got a comment? Let us hear it.