
Density.io - jordanmessina
http://www.density.io
======
chrisfarms
Risky. MAC address tracking is definitely a legal 'grey area' at the moment. I
can imagine mining/fingerprinting in this way could easily become illegal in
the not-to-distant future.

In the UK, City of London already banned the wifi-enabled bins that were
tracking MAC addresses.

It would be really easy to tie a name to MAC address (from point of purchase
with a credit card), then see exactly where that person went via the 'sharing'
of data with other retailers. This is certainly something you would expect to
need 'opt in' to.

~~~
shiftpgdn
City of Houston does MAC address tracking on the freeways and surface streets
to power their traffic tracking measures. It's probably used in hundreds of
other places you haven't thought about. If you're concerned about your privacy
just turn wifi off.

[http://traffic.houstontranstar.org/layers/](http://traffic.houstontranstar.org/layers/)

~~~
parennoob
> If you're concerned about your privacy just turn wifi off.

No, you shouldn't have to turn off a _very_ commonly used service so that
people can do better business by tracking it in an intrusive manner. Privacy
should be the default option in such programs.

If the city used a ton of cameras + facial recognition to track you and your
car everywhere and then sold that data to companies so they could optimize for
whatever meaningless metric, would you still be as casual about this, and go
"Oh, you should just cover your face and walk everywhere if you expect
privacy."?

~~~
Karunamon
Devil's advocate mode:

What privacy is that? Your device is broadcasting information, in the clear,
to anyone who cares to receive that information. You've taken no steps to
prevent anyone from receiving that information.

Your device is doing the equivalent of standing on the street corner and
screaming various things. You can't rightly tell someone not to listen or
write down what's being said.

I don't see how this is any more invasive than CCTV cameras that every
business already has anyways.

~~~
joeshaw
> Your device is doing the equivalent of standing on the street corner and
> screaming various things.

Except there's one huge difference: anyone with eyes and ears can understand
what the person is screaming. I would wager that even fewer than half of HN
readers realize what's being broadcasted here.

What you're saying is that every human must have complete technological and
implementation knowledge of any possible invention or they are not deserving
of privacy. That position is not only elitist as a technophile, it's arrogant
to think that any one person could possess that knowledge, let alone billions.
At some point, you'll be the clueless one.

~~~
Karunamon
And anyone with a smartphone (or any other reasonably general purpose device
with a 802.11 radio) can "understand" (read: pick MAC addresses out of a WiFi
ping). This isn't some hidden, elite, arcane black-arts knowledge as you
imply, this is standard stuff.

The idea that MACs should be somehow private because someone found a novel use
for them doesn't even pass the laugh test. IP addresses are not "private".
Your face out in a _public_ area is not "private". Why is this different? How
is this somehow worse than the CCTV cameras in most public places anyways? How
is a MAC address PII by any stretch of the word?

I'm starting to really think "privacy" has joined the heap along with
"patriotism", "socialism", and "terrorist", words which are being abused so
badly they've lost all meaning and and as a result mean whatever their speaker
wishes them to.

>That position is not only elitist as a technophile

One shouldn't hold strong opinions about things they don't understand even on
a remedial level. This hand wringing is pure and simple fear mongering.

~~~
parennoob
> The idea that MACs should be somehow private because someone found a novel
> use for them doesn't even pass the laugh test. IP addresses are not
> "private". Your face out in a public area is not "private"

I think you might be misunderstanding the part of this I have a problem with,
or perhaps my language wasn't explanatory enough. I have a problem with the
company _linking back this info to a specific person_ , not the information
itself.

MACs shouldn't be "somehow" private. MACs are not private. But when you use
them to tie back to a specific person who is in your shop (with the credit
card purchase info), you are essentially tracking a person. I think this
activity should be regulated and should be an opt-in thing for users.
(Enforcing this regulation could be admittedly a challenge, but it will at
least be a step in the direction of strongly discouraging businesses to
implement such 'features'.)

Similarly, your face out in a public place is not private. But if I have a
startup that sets up CCTVs in participating businesses' premises and then
track the movement of specific customers from shop to shop and generate data
like "Okay -- the same face that was tracked shopping at Nordstrom then went
on to have lunch at the Whole Foods next door; and from the credit card that
was used, we can see that it was Mr. Karunamon", it's going to run up against
major privacy concerns. I think this is very similar, but not that
controversial because it is not so visible.

~~~
Karunamon
>I think this activity should be regulated and should be an opt-in thing for
users.

I think any possible regulatory hurdles that could be imagined will make life
for anyone who does anything neat with wifi or some other combination of
information miserable. The credit card thing makes me wonder.. like what
exactly are they grabbing? Just the fact that a card swipe was recorded at the
same time that X wifi radio was in front of the register?

Somehow I'm still not bothered by this. As long as there's no "hidden"
information being exposed (say, my CC#), my response is a big fat "meh".
Combining different kinds of public information (as in, things that any person
could just walk by and see) doesn't somehow combine to become private
information.

I mean, let's see what pieces of data we're dealing with here:

    
    
        * Entry to the store. Public. Via CCTV, door sensor, etc.
        * Items selected. Public-ish. (Recorded after checkout, some stores use RFID tagging)
        * Location in the store. Public. (Anyone can see.)
        * Time card was swiped. Public. (Anyone in line can see)
        * Basic WiFi information (Mac address, SSID, etc). Public. (Anyone with a smartphone can see.)
    

Given the fact that all of these pieces of information are freely available, I
find it impossible to call for someone's head or feel even vagely "creeped
out" by simply combining that info.

Put yet another way, the information's always been there in the open, but now
that someone decides to collect it, there's a problem??

~~~
andrewfarah
To be clear, we're not collecting credit card data / swipes. Just anonymous
movement. There's been some discussion about eventually using in-store payment
systems with open API's to marry purchasing behavior to foot traffic >> but
this wouldn't be tied to the individual.

The goal is not individual (person) tracking. The goal is identifying and
operationalizing trends at an location-specific and network level.

We encourage users worried about privacy to opt out. But realistically,
they're not individuals to the system. They're part of a trend.

As long as we get a statistically relevant percentage of movement (15-20%) we
believe we can still be useful to the business. Worst case: a lot of people
opt out, we drop from our current 60-70% capture to 20-30% capture and we
simply extrapolate the remainder.

It's an inexact science but, we believe, very useful.

~~~
Karunamon
Thank you for the clarification. I think the NSA shenanigans and everything
surrounding them have people hypersensitive with regard to any kind of
"tracking", no matter how innocuous.

Best of luck!

------
Robin_Message
This idea is cool, but there are some issues with their privacy claim.

They say they are hashing the MAC address (presumably on the device). However,
they can't be salting the hash (else they wouldn't be able to match across
different stores).

Since there is no salt (or a fixed salt), it is trivial to de-anonymise a
specific MAC address (just hash it and see if any server has it).

Worse, there are only 46 bits that are variable in a MAC address, and there is
structure in there (3 bytes manufacturer, 3 bytes serial), so a complete
mapping from MACs to the hashed MAC is very doable.

A secret per-device key for a HMAC would preserve privacy much better, but
would stop them doing the cool stuff they plan — the usual trade off.

~~~
silvertonia
why not salt and store the salt with the hash?

~~~
Robin_Message
That seems like it would work, but it turns into a "open using crowbar found
inside" problem: how do I know to use the same salt on a second density.io
device unless I have already matched the MAC address.

------
albertsun
This is a privacy nightmare.

Perhaps wifi devices should no longer provide constant MAC addresses....

~~~
paulgb
What's the advantage to a constant MAC address anyway? There must be a reason
for it, but my first reaction to this article was to see if I could change
mine.

~~~
jws
At the link level, your MAC is your unique address.

First: You do _not_ want a MAC collision. I have worked with hardware that
sometimes picked a non-unique MAC and your life gets really weird and sucks
away a lot of debugging time to find out why impossible things are happening.

Continuing – It made ethernet easy to implement. They could have added some
complicated address negotiation protocol and then handled address collisions
when partitioned networks healed, but it was "olden times" and something that
complicated would not have gained traction.

Fast forward to Wi-Fi. The reason you have Wi-Fi instead of any number of
other wireless ideas that died is because it looks like ethernet so people
didn't have to think much about it, so you inherit that baggage.

If you really want to change your MAC address then you will want to make sure
you aren't going to collide with anyone else. The odds are tiny, but it would
be rude to ruin their day. Fortunately, there is a locally administered range
of MAC addresses. If your first octet's last digit is 2, 6, a, or e then you
are a locally administered unicast address. Assuming your network segment
doesn't have an administrator actively handing out local addresses, drop 56
random bits in the remaining octets, cross your fingers, and bring up your
network stacks.

~~~
nwh
> _First: You do not want a MAC collision. I have worked with hardware that
> sometimes picked a non-unique MAC and your life gets really weird and sucks
> away a lot of debugging time to find out why impossible things are
> happening._

I can confirm. Working with a bunch of Chinese hardware with non-unique MAC
addresses is painful. It was easier to buy new NICs with real serial numbers
than to work out how to fix them.

------
highace
This is really clever. So it's like Google Analytics (or any analytics) for
your brick and mortar business. This is the kind of stuff I love to read about
and see being developed, it makes a refreshing change from yet another
javascript framework or social network for your pets.

~~~
paulgb
They're not the first; Path Intelligence tried it in 2007:
[http://techcrunch.com/2007/12/14/path-intelligence-
monitors-...](http://techcrunch.com/2007/12/14/path-intelligence-monitors-
foot-traffic-in-retail-stores-by-pinging-peoples-phones/)

------
soithrewitaway
Before you say more, check euclidanalytics.com. The creator of Google
Analytics has been working on this, with funding, for a number of years
already.

I had seen news about this recently and am surprised that more people didn't
notice how it is essentially the same, without funding, and less developed.

------
ynniv
I hadn't realized how trackable cell phones were until I was experimenting on
a wifi project and saw both MAC addresses and Preferred Network List of
devices within the area that had not joined my network. Cell phone wifi is a
privacy nightmare. Even the most technical people don't realize this, so
projects that popularize it are going to kick up huge amounts of mud. Think of
how easy it is to identify "whale" clients, if not by direct tracking, then by
revenue correlation (these N people were present for $N,NNN,NNN in revenue
events). They're valuable to track because when they show up you want your
sales people to be at their best, but a service that starts tracking those
people is going to make real enemies quickly.

------
plusbryan
Without wishing to belittle the privacy concerns of my fellow HNers, I wonder
how long it will take for people to just be ok with being tracked in this way?
This seems like one of those social changes that feels strange and
uncomfortable at first, but over time becomes the accepted norm.

~~~
chrischen
Commercial Wifi routers already do retail traffic analysis.

[https://meraki.cisco.com/blog/2013/12/get-a-visual-on-
your-b...](https://meraki.cisco.com/blog/2013/12/get-a-visual-on-your-black-
friday-foot-traffic/)

So people are probably already being tracked... and no one has noticed.

~~~
blargle
There are multiple companies doing this at scale in the United States. It's a
passive process. Good luck spotting it.

------
agentultra
Has there been any work on developing and commercializing personal RF
"firewalls?" I'd buy one in an instant to block intrusive tech like this.

~~~
buro9
Have you seen the Off Pocket? [https://offpocket.com/](https://offpocket.com/)

Though in the UK I have unlimited 4G for £20 per month, so I just leave WiFi
permanently disabled.

~~~
porker
Is Off Pocket any different to putting your phone in airplane mode every time
you put it in your pocket?

It's certainly more convenient, but also harder on the battery life as the
phone continues to search for a signal.

~~~
buro9
Battery life was talked about on the original Kickstarter campaign:
[https://www.kickstarter.com/projects/offpocket/off-
pocket](https://www.kickstarter.com/projects/offpocket/off-pocket)

I never ordered one as I missed the window of opportunity. But it was claimed
by the creator and users that battery life was variable depending on the make
and model of your phone, and whether you had lots of background apps
attempting to do things.

The claim was that in some combinations you get better battery life by using
Off Pocket, and with others you get worse.

Phones don't drain greatly when they don't have a signal. A day riding the
tube system between meetings in London doesn't significantly affect my battery
life, so I've no reason to believe that Off Pocket would've resulted in a
different outcome.

------
nwh
Keep in mind that these "anonymous" data points aren't. Your phones MAC
address exposes your home wifi network thanks to Google's databases. They also
expose where you work, where your friends houses are, what your favorite
coffee shop is. This is beyond dangerous, it's completely unacceptable.

~~~
tzakrajs
I am confused where you are linking MAC addresses of phones with MAC addresses
of home wireless routers.

~~~
nwh
Your devices broadcast the names of networks it has seen recently in frequent
intervals. "Yo HomeWiFI you there" essentially. Anybody listening can then
correlate them with Googles database to find out detailed information about
the user. Usually people have a huge list of connected networks which will be
announced and give huge information about the user. "MIT" SSID? Probably a
student then.

~~~
lunixbochs
Phones don't simply broadcast a complete list of networks they remember.

~~~
lxa2
yes they do.

[http://conferences.sigcomm.org/imc/2013/papers/imc148-barber...](http://conferences.sigcomm.org/imc/2013/papers/imc148-barberaSP106.pdf)

------
petercooper
Apparently Nordstrom did an experiment with this for a while -
[http://www.nytimes.com/2013/07/15/business/attention-
shopper...](http://www.nytimes.com/2013/07/15/business/attention-shopper-
stores-are-tracking-your-cell.html) \- even going as far as monitoring passing
traffic so you could monitor the percentage of people passing who actually
come into the store. This could be pretty fascinating in the context of
running certain types of window displays, sales/offers, etc, and lead to
ecommerce-style split testing and the like. It says they stopped the
experiment partly due to people whining though, but I imagine it'll just go
'under the radar' in future since it could be too valuable not to try.

------
jamiequint
Everyone here seems to be complaining about the anonymous tracking, which
isn't really an issue for "normals". Its a relatively useless complaint too as
that data already exists in the credit card network.

The real issue with this is that most SMBs are unsophisticated when it comes
to the technology stack they use. I saw this firsthand in many ways working at
Swipely (swipely.com) as we figured out product market fit. While things like
'see where else your customers shop' might seem like an interesting feature
from an outsiders perspective, the businesses don't actually care. They often
barely have the bandwidth to worry about their own customers.

~~~
moogleii
Exactly, this is basically a physical manifestation of what google already
does with your online presence.

------
droob
Don't surveil your customers. It's creepy.

~~~
adamio
Most businesses have video cameras

~~~
reddit_clone
Well at least the cameras have stated purpose of preventing theft and possibly
solving crimes.

Also Cameras are fairly visible.

This tech is stealthy and most people won't have any idea that this is
actually happening.

------
650REDHAIR
This is creepy. I will actively avoid stores that use this.

~~~
icebraining
How will you know?

~~~
650REDHAIR
I guess I have to start looking towards outlets. I wonder if there is any
other way to 'protect' yourself?

~~~
jordanmessina
We have stickers for stores to put on their doors so you know if they're using
Density. We don't want to be sneaky about this.

~~~
JackC
Stores will have a strong incentive not to advertise that they're using your
service, as Nordstrom found out. Will you be doing anything to check whether
stores post the stickers properly? Will you terminate service if they don't?

Euclid Analytics keeps their customers secret, so if a store _doesn 't_ post
notices, there's no way for us to know they're using the service. Will you be
keeping your customers secret as well?

------
Xorlev
Where's their opt out?

~~~
adregan
I guess you always have the option of turning off wifi.

~~~
icebraining
"We're working on more than just wifi as well."

~~~
pjc50
[http://en.wikipedia.org/wiki/IMSI-catcher](http://en.wikipedia.org/wiki/IMSI-
catcher)

------
pfraze
Great execution, completely unethical

~~~
reddit_clone
Looks like I need to turn off WiFi (or Airplane Mode) when I leave home.

People need to know about this and it should be an opt in!

This is why we can't have nice things.

------
zbruhnke
The funny part to me is that people think this is new. Companies like Euclid
have literally been doing this for a couple of years(and quite successfully I
might add) [http://euclidanalytics.com/](http://euclidanalytics.com/)

Not only is it not new, its probably not going away.

------
jroes
I've actually seen a crude version of something like this on a trip to Taiwan
a couple of years ago. I was at a mall and I noticed a wifi network called
"People Counter." I wasn't entirely sure what they were doing with it, but I
assumed it was counting MAC addresses.

------
telecuda
Am I correct to assume that the hardware/device piece is similar to a
Pineapple ([https://hakshop.myshopify.com/products/wifi-
pineapple](https://hakshop.myshopify.com/products/wifi-pineapple))?

As I understand it, the device is like a WiFi Router looking for nearby
clients broadcasting their MAC. Since phones have the ability of turning
themselves into WiFi Hotspots, could a phone/app offer this same capability,
or is it missing a hardware piece that lives in Density/Pineapple?

------
jofer
Now that's cool!

If anyone knows or can say: What physical principle(s) is the sensor operating
on? There doesn't seem to be much information on that (possibly deliberately).

~~~
jordanmessina
Here's a video of a recent pitch where we explain the technology:
[http://www.youtube.com/watch?v=0rVpAKziQJA#t=4198s](http://www.youtube.com/watch?v=0rVpAKziQJA#t=4198s)

We're working on more than just wifi as well.

~~~
pron
So it only counts people that count ;) Just kidding witchya – best of luck!

------
geuis
Did I miss something with the video? It plays an interview between pg and
Calacanis that's 2 hours long.

~~~
stickydink
#t=4198s

------
mrfusion
By the way, I'd love something like this for the gym.

I'd like to check if it's too crowded before I decide to go or not.

I guess for any kind of business with lines or waiting rooms, (banks, ATMS,
restaurants) customers might appreciate a way to quickly gauge the crowd level
before going.

~~~
Sprint
No need for such a perverted privacy violation, the shop could just install a
door step counter like they are commonly used already. Then you would have the
information how many people are currently in the store.

------
mrfusion
I'm seeing people talking about MAC address issues.

But how does this device work exactly? Is every phone throwing around a mac
address, even if it's not trying to connect to wifi?

For example I have my phone set to use 3G expect on my home network. Would I
count?

~~~
cr3ative
I'm making an assumption about your phone, but it is probably broadcasting
packets every now and then saying "Hello, is mrfusion's home network in
range?" \- and that packet has your MAC on it, and can be picked up by other
devices.

------
tomasien
Met these this last week, they're absolutely incredible and they understand
their market really well. They take privacy incredibly seriously and they've
built a product that can change the industry.

~~~
uptown
"They take privacy incredibly seriously"

What does that even mean? They're tracking not only the number of people in a
location, but where they go ... then sharing that with their customers. From
their own website:

Understand your business in the context of others:

1\. Who you share customers with.

2\. Where else your loyal customers love to go.

3\. Where foot traffic in the city is trending.

How is that respecting my privacy?

~~~
jordanmessina
Definitely understand your concerns. In the system you're an anonymous
datapoint. The information can't be used to determine who a specific
individual is.

~~~
uptown
So if a shop signs up for the service, and on Monday morning they have one
customer who comes into the shop and buys something ... then that customer
goes to another shop and just browses. You'll likely have the name of the
person because they paid by credit card. You'll also have the information that
this customer went down the block to some other shop. And you'll know which
customer it was because you only had one customer that day.

So tell me again how I can't use this information to identify who a specific
individual is.

~~~
_derko
It's not like the shop has information on individuals, they only have
information on the total number and total flow. It would take a lot of
collaboration with each and every store owner to be able to get to a point
where they know exactly who you are.

------
matthewmacleod
Pretty good execution. We recently build something pretty similar for keeping
track of who was in our office and where they were (partial write-up here:
[http://matthewmacleod.co.uk/blog/passive-wifi-
tracking.html](http://matthewmacleod.co.uk/blog/passive-wifi-tracking.html)) -
strictly opt-in, but we still had to wrestle with the privacy implications.

Problem is, this is a really effective and totally passive system with great
benefits. But privacy-wise, it's scary.

------
13throwaway
Do devices broadcast their MAC adress when looking for an AP? Do devices
encytpt their MAC when they are connected to an AP?

I want a phone that randomizes the MAC every time it connects to an AP.

------
slackpad
Are there any good apps for location-aware WiFi toggling? I rarely use WiFi
outside of home or work so I'd like it to turn itself off to avoid stuff like
this.

------
obiefernandez
Placemeter offers a substantially similar product that works based on
strategically placed small cameras and machine intelligence. It recognizes
individuals coming in and out of a retail location based on what they look
like. Pretty cool technology and the founders were part of my Techstars class.

[http://placemeter.com](http://placemeter.com)

------
josephlord
I'm OK with the measuring traffic volumes using this method but I'm
uncomfortable with the identifying information being stored without
permission.

If they provided incentives to install an app/visit a website to register for
rewards or be entered into a prize in return for allowing density.io to track
you that would be acceptable.

------
mrfusion
Could a device like this use bluetooth instead of wifi / mac address?

Or for that matter could it somehow look at cell signals?

~~~
nathos
Euclid discusses this on their blog:
[http://blog.euclidelements.com/2013/07/why-wi-fi-is-right-
ap...](http://blog.euclidelements.com/2013/07/why-wi-fi-is-right-approach-for-
retail.html)

------
dgavey
Ok so this system works by tracking MAC addresses. I assume the same sort of
system using cameras and facial recognition would work too, and you can't turn
off your face. I assume this must be already happening somewhere.

The amount of privacy we think we have must be a small fraction of what we
actually have.

------
fiatjaf
What is the percentage of people who always leave wifi enabled? I turn mine
off every time I finish using it.

~~~
Schwolop
From their launch conf pitch, they did an experiment in a stadium with an
attendance figure of 20000 and found 71% of attendees had a phone with wifi
enabled. No idea if that audience is representative, but it seems plausible to
me.

------
80
I wonder if the market for 'dumbphones' will increase as/if this sort of thing
becomes more common? Probably not, but it's fun to think about. I know Nokia
are still making bare-bones, extra-long-life models aimed at developing
countries (eg the 105, 220).

------
sturmeh
Density's worst enemy is this app:
[https://play.google.com/store/apps/details?id=eu.chainfire.p...](https://play.google.com/store/apps/details?id=eu.chainfire.pryfi)
:)

------
skrowl
Why are posts allowed that just have the site's URL as the entire post title?

~~~
dangrossman
The post title is the same as the page title, which is what you're expected to
submit.

~~~
sp0rk
I imagine HN would just scrape the title automatically if that's the low
standard that's been set for headlines here. The "title" field is presumably
there so that people can enter something more descriptive.

------
legec
Mental note : before your next hold up, remember to turn off your smartphone
...

------
deutronium
Interesting idea, but wouldn't you get better coverage of people using GSM
addresses, rather than Wifi MAC addresses?

Also it could be rather easily tricked by competitors, by constantly switching
the MAC address.

------
WillKirkby
Anyone else thinking this looks a bit like Brendan O'Connor's CreepyDOL?

[http://www.youtube.com/watch?v=LFA6lew2tcE](http://www.youtube.com/watch?v=LFA6lew2tcE)

------
simpsond
While I understand the concern about tracking peoples presence with phones, I
don't feel like this is new. The cellular companies can track location, and
it's already happening.

------
Sprint
Time to build a device that pollutes the databases with useless data.

~~~
kej
No need to build anything, just use an existing device that can change its
wifi MAC address.

~~~
larholm
How about an app for rooted Android phones?

'Click here to transmit 802.11* broadcasts with randomized MAC'

------
nickporter
If you want to build one of these, check out this library:
[http://www.secdev.org/projects/scapy](http://www.secdev.org/projects/scapy)

~~~
fiatjaf
Thanks, I've just asked this in another comment.

------
d23
I thought this was a SaaS for dentistry (somehow) and I was going to be
excited since it's been a while since I've gone to the dentist.

------
jayvanguard
Definitely creepy.

------
pbreit
Shouldn't something like Leap Motion be able to do this (for one store at
least) and without the privacy concerns?

------
fiatjaf
What do I need to do to build my own version of this device? Can I do it with
any router? A Raspberry Pi?

~~~
blargle
[http://br1.einfach.org/tech/horst/](http://br1.einfach.org/tech/horst/)

------
CSDude
In this flat, rectangular world, I have liked your flat, but curvy rectangles
in common card UI.

------
thefreeman
If you have Wifi disabled on your device will they still be able to pull your
MAC?

------
PaulHoule
I gotta try this out when I'm wearing my wearable Hadoop cluster ;-)

------
warrenmiller
sounds very similar to this
[http://www.bbc.co.uk/news/technology-23665490](http://www.bbc.co.uk/news/technology-23665490)
which was shut down.

~~~
icebraining
It might be different since those were in public places, and not in shops.

~~~
Sprint
How are you going to restrain the signals to inside the shop?

------
holgersindbaek
Awesome product.

------
circa
my density has bought me to you

------
allan_
are .io domains still so hipster, that you just drop em somewhere and people
klick on it?

------
rokhayakebe
To everyone screaming about privacy, RELAX, this is opt-in.

~~~
finnn
Where does it say that? And how long until it's not?

~~~
_derko
[https://density.wufoo.com/forms/density-opt-
out/](https://density.wufoo.com/forms/density-opt-out/)

~~~
finnn
Okay but where was the link to that? I don't see it anywhere on their site.

