When you use some of our pre-built integrations (Jitsi, Amazon Connect, Vonage, Twilio), those callstats-js-shims automatically send stats and events. Some of those events you may not want to send due to privacy reasons (e.g., geo-ip, available or active devices, etc.). This is quite an important aspect when you start building your data processing agreement with your end-users and customers, and listing what metadata you are providing to third-party. This new enhancement in the dashboard UI allows you to configure exactly what the integration collects automatically collects.
Why did we build it?
At callstats, we care deeply about your end-user's privacy and security. The callstats data-pipeline encrypt the metadata immediately before processing it. Read more about our promise to privacy in an earlier blogpost and we still adhere to it. This is in addition to controls for handling IP addresses.
While a developer can implement stop sending these events at the API level, we noticed that customers using the prebuilt integrations, found it difficult to turn these off by editing the code. We decided to make it easier to disallow or block events from existing integrations by choosing the events in the dashboard UI. With this new update, you are now in full control over what data you send to callstats even before you begin integrating the callstats.js!
How do you incorporate this?
Since every endpoint authenticates with callstats infrastructure, we can tell each point exactly what they should send to us. We are using the callstats authentication token to configure which events are allowed or disallowed.
Figure: Configure which events you send to callstats
|applicationErrorLog||Privacy reason||Depending on what the Logs collect, they can potentially expose information about the end-user which you may already be logging elsewhere, and do not want|
|sdpSubmissionEvent||Privacy reason||SDPs contain IP address, we do not mask IP addresses within SDPs|
|precallTestResultsAutomatic||Security reason||Do not want to run the precall tests that automatically run before a call|
|precallTestResultsManual||Security reason||Do not want to run the precall tests run at regular intervals by your provider|
|userFeedback||Privacy reason||If your end-users send text input along with the star ratings and you want to limit giving that to a third-party|
|connectedDeviceList, activeDeviceList||Privacy reason||Some end-users name their devices and you want to limit giving that to a third-party|
|dominantSpeaker||Privacy reason||Which end-user is speaking when and for how long, it is based on the audio-input level. This also stops populating the speaker stats|
As soon as the settings are saved, the callstats authentication service starts issuing tokens which carry the new restrictions. Therefore, the new users joining the calls, will not send any of the disabled events. However, the existing users will continue to send the disabled events until they rejoin the call or join a new call.
If you need any assistance, please reach out to your account manager or send us a note at email@example.com!
This feature was built by Karthik, Ashutosh, Paul.