Irish technology company Spearline acquires Callstats from 8x8.  Learn More

Improved: Control What Events you Send to callstats

By callstats on July 6, 2021

When you use some of our pre-built integrations (Jitsi, Amazon Connect, Vonage, Twilio), those callstats-js-shims automatically send stats and events. Some of those events you may not want to send due to privacy reasons (e.g., geo-ip, available or active devices, etc.). This is quite an important aspect when you start building your data processing agreement with your end-users and customers, and listing what metadata you are providing to third-party. This new enhancement in the dashboard UI allows you to configure exactly what the integration collects automatically collects.

Why did we build it?

At callstats, we care deeply about your end-user's privacy and security. The callstats data-pipeline encrypt the metadata immediately before processing it. Read more about our promise to privacy in an earlier blogpost and we still adhere to it. This is in addition to controls for handling IP addresses.


While a developer can implement stop sending these events at the API level, we noticed that customers using the prebuilt integrations, found it difficult to turn these off by editing the code. We decided to make it easier to disallow or block events from existing integrations by choosing the events in the dashboard UI. With this new update, you are now in full control over what data you send to callstats even before you begin integrating the callstats.js!

How do you incorporate this?

Since every endpoint authenticates with callstats infrastructure, we can tell each point exactly what they should send to us. We are using the callstats authentication token to configure which events are allowed or disallowed.

Screenshot 2021-07-02 at 16.17.02

Figure: Configure which events you send to callstats

By default, all events are currently turned on for all existing customers, so that it does not surprise them. You can enable or disable them from the App Settings (⚙️-> callstats.js subtab)! In addition to updating the dashboard app settings, you need to be on the latest callstats javascript, which is 3.73.0.

applicationErrorLog Privacy reason Depending on what the Logs collect, they can potentially expose information about the end-user which you may already be logging elsewhere, and do not want 
sdpSubmissionEvent Privacy reason SDPs contain IP address, we do not mask IP addresses within SDPs
precallTestResultsAutomatic Security reason Do not want to run the precall tests that automatically run before a call
precallTestResultsManual Security reason Do not want to run the precall tests run at regular intervals by your provider
userFeedback Privacy reason If your end-users send text input along with the star ratings and you want to limit giving that to a third-party
connectedDeviceList, activeDeviceList Privacy reason Some end-users name their devices and you want to limit giving that to a third-party
dominantSpeaker Privacy reason Which end-user is speaking when and for how long, it is based on the audio-input level. This also stops populating the speaker stats


As soon as the settings are saved, the callstats authentication service starts issuing tokens which carry the new restrictions. Therefore, the new users joining the calls, will not send any of the disabled events. However, the existing users will continue to send the disabled events until they rejoin the call or join a new call. 

If you need any assistance, please reach out to your account manager or send us a note at!


This feature was built by Karthik, Ashutosh, Paul.

Tags:, Security, dashboard, changelog, privacy, pricing