eWitness
PRIVACY POLICY
eWitness ("eWitness") is committed to making its constantly growing database of chats, postings, messages, and other forms of digital content (the "databases") available to computer security researchers,threat analysts, selected law enforcement or government agencies, historians, scholars, and others ("Subscribers") for purposes of identifying threats and malicious activity, criminal activity, and security threats for the benefit of the public. Pursuant to the Statements of Work or other agreements, some of these Subscribers are provided no-cost, or reduced cost access to the database for research or public policy purposes, while others pay a subscription fee for access to enhanced services which may include the ability to select content and channels to be included in the general database, or to create a restricted access database with data of specialized interest to the subscriber alone. eWitness also has a free "community tier" given to anti-abuse workers, certain law enforcement, researchers, academics, journalists, etc.
eWitness offers access to some of its databases mainly by allowing Subscribers to access its cloud-based platform. This open approach is somewhat like the situation in a public library, where staff and patrons might see who else was in the library and a bit of what they were working on. When Researchers using the databases log on to the same Unix machine using different accounts, some sharing of information may take place. While eWitness endeavors to enforce its Terms of Use and maintain standard computer security, it is important for both those who visit the site ("Visitors") and Researchers (collectively, "Users") to be aware of the open nature of eWitness.
eWitness may make changes to this policy from time to time and will notify you of such changes by posting an updated date in the Terms, Privacy, and Copyright link at the bottom the home page of eWitness's cloud-based portal (the "Site"). Your continued use of the Site and/or the databases constitutes your acceptance of any changes to the Privacy Policy concerning, but not limited to, both previously and prospectively collected information.
What Data Does eWitness Collect About Users and Subscribers?
In order to make the service operate, eWitness collects certain information about users. Certain information is collected automatically by the cloud-based platform, including but not limited to cookie settings, unique identifiers, browser type and settings, device type and settings, operating system, mobile network information including carrier name and phone number, and application version number. We also collect information about the interaction of your apps, browsers, and devices with eWitness, including IP address, crash reports, system activity, and the date, time, and potentially the referrer URL of your request.
eWitness also collects the Subscribers previously authenticated email address and other identifiers (including unique userID or passwords, or Single Sign On information) to authenticate that the user is a Subscriber and is in good standing. This includes information about one-time tokens, Multi Factor Authentication, or other device authentication. eWitness also collects information about the subscriber’s first and last name, affiliation (if provided), data and channels entered into the database (including date and time), as well as search history of searches of the database. We use this information to validate users, monitor and respond to security threats to the database or platforms, and to improve the overall service including debugging and troubleshooting. eWitness does not sell this information. eWitness will, in the course of providing services, submit the authentication information to the platform in question in order to obtain a valid session token so our scraper can log in.
Upon successful login, the eWitness scraper pulls everything the account can see via the platform's API. This includes group chats, private messages, and any other category of data available via the API. Subscribers should only enroll accounts used to monitor threat actors or abuse. Personal accounts should not be enrolled with eWitness as this will lead to data from the personal accounts to be scraped and added to the database. eWitness does not guarantee that all data will be scraped, or that data will be scraped over any particular period of time, and many factors may limit the ability of eWitness to scrape a particular channel or account.
As currently configured, in the course of scraping, eWitness collects and stores "bookmarks" (channel IDs and message IDs and account IDs) and will use this information to prevent duplicate load on chat services or re-scraping the same data or for debugging or troubleshooting purposes.
eWitness does not guarantee anonymity against attack in the same way, for example, a rigorously reviewed cryptographic protocol might. While eWitness uses standard security procedures to protect the data on the site (including, but not limited to conducting its own penetration testing on the Site), eWitness makes no warranty or representation concerning the security of the data on the site, including Subscriber data. It is possible that the computers at eWitness could become compromised by others and that the information on eWitness’s computers could be collected and disseminated without the knowledge or consent of eWitness. While eWitness endeavors to block "crackers" from breaking into its machines, eWitness is not responsible or liable for any such unauthorized uses of eWitness or its data. You also agree to comply with the terms of service for the eWitness hosting provider, currently Digital Ocean. These are available at https://www.digitalocean.com/legal/terms-of-service-agreement You agree to indemnify and hold Unit 221B harmless for any claim that your actions have violated these terms of service.
We collect the contents of the pattern and other specifications dictated by the user. We collect the contact information the user wishes to receive alerts at which may include email or phone number. We verify ownership before sending the actual alerts. We share that information with a third party party, Twilio (purpose: to be able to send the alerts)
We store copies of past alerts and make it available to the user (purpose: debugging, making sense of what's happening)
What Personal Information May eWitness Have on Its Computers and Systems?
Because eWitness uses standard logging in its cloud based servers, our server may automatically recognize the domain name of each Visitor, each Visitor’s IP address, what Web page the Visitor requests, and the time of the request, along with a variety of information supplied by the visitor’s browser. In addition, eWitness may collect the email addresses and messages of those who communicate with it via email or who enter email addresses in forms.
eWitness may collect personally identifying information when a Researcher or subscriber registers for access to the databases, including the Researcher’s name, address, telephone number, and email address, and the Researcher’s proposal for using the databases.
eWitness may use certain strictly necessary "cookies" to track Users' activities on the Site and in the databases. The Site cannot effectively operate without these cookies. By using the Site, you “opt in” to the use of these cookies as described.
The primary sources of content for the databases are publicly accessible Web pages that were collected and donated by third parties, but eWitness will expand on such sources through its own database activities. For instructions on removing a particular set of pages currently included in the databases, please see our policies and procedures for page removal.
The communications between you and eWitness may pass through many machines, operating systems, programs, browsers, Web servers, networks, routers, Ethernet switches, Internet service providers, proxy servers, intranets, the public phone system, or other devices (collectively, "Devices") on your premises, at eWitness, and in between. Some of these Devices create logs of activities that are recorded on computer systems.
What Might eWitness Do With the Information on Its Computers?
eWitness has both free (no charge to researcher) and paid access to the databases. eWitness may transfer the information on its machines, including personally identifying information, into the databases. The databases are made available to researchers and may be made available on the Site, or provided to third parties, for any use, without limitation.
Advances in data mining technology may make it possible to discover more personally identifiable information or profiles in the databases. Because of this, data which may not, in its present form, constitute “Personal Information” or “Personally Identifying Information” may, in combination with other information, become personally identifiable in the future. However, all of the data in the database is obtained from data publicly posted on third party websites, forums, or platforms.
You should be aware that it may be possible for other Subscribers or researchers to “reverse engineer” the identity of the account which subscribed to a particular Telegram, Discord or other social media platform, and therefore that this information may neither be completely secure nor completely anonymous.
eWitness may disclose any information it collects from Users if eWitness believes in good faith that such action is reasonably necessary to enforce its Terms of Use or other policies, to comply with the law, to comply with legal process, to operate its systems properly, to protect public health, safety or welfare, or to protect the rights or property of itself, its Users, or others
How to Update Researcher Registration Information
Researchers can help eWitness maintain the accuracy of their information by notifying Unit 221B of any changes to their email address. Contact Unit 221B by email at ewitness-support@unit221b.com to update or delete your information. Unit 221B may collect additional information to verify identity.
While subscriptions may be issued to an individual or an organization, credentials and authorizations are personal and are linked to a specific email address. For organizational subscriptions, any transfer of credentials will require the registration and vetting of the new email address. This may result in loss of access to data connected with the prior email address. eWitness will, if requested, work with Subscribers to attempt to minimize any disruption and/or restore access to databases in the event of a change of ownership or email address.
eWitness ("eWitness") is committed to making its constantly growing database of chats, postings, messages, and other forms of digital content (the "databases") available to computer security researchers,threat analysts, selected law enforcement or government agencies, historians, scholars, and others ("Subscribers") for purposes of identifying threats and malicious activity, criminal activity, and security threats for the benefit of the public. Pursuant to the Statements of Work or other agreements, some of these Subscribers are provided no-cost, or reduced cost access to the database for research or public policy purposes, while others pay a subscription fee for access to enhanced services which may include the ability to select content and channels to be included in the general database, or to create a restricted access database with data of specialized interest to the subscriber alone. eWitness also has a free "community tier" given to anti-abuse workers, certain law enforcement, researchers, academics, journalists, etc.
eWitness offers access to some of its databases mainly by allowing Subscribers to access its cloud-based platform. This open approach is somewhat like the situation in a public library, where staff and patrons might see who else was in the library and a bit of what they were working on. When Researchers using the databases log on to the same Unix machine using different accounts, some sharing of information may take place. While eWitness endeavors to enforce its Terms of Use and maintain standard computer security, it is important for both those who visit the site ("Visitors") and Researchers (collectively, "Users") to be aware of the open nature of eWitness.
eWitness may make changes to this policy from time to time and will notify you of such changes by posting an updated date in the Terms, Privacy, and Copyright link at the bottom the home page of eWitness's cloud-based portal (the "Site"). Your continued use of the Site and/or the databases constitutes your acceptance of any changes to the Privacy Policy concerning, but not limited to, both previously and prospectively collected information.
What Data Does eWitness Collect About Users and Subscribers?
In order to make the service operate, eWitness collects certain information about users. Certain information is collected automatically by the cloud-based platform, including but not limited to cookie settings, unique identifiers, browser type and settings, device type and settings, operating system, mobile network information including carrier name and phone number, and application version number. We also collect information about the interaction of your apps, browsers, and devices with eWitness, including IP address, crash reports, system activity, and the date, time, and potentially the referrer URL of your request.
eWitness also collects the Subscribers previously authenticated email address and other identifiers (including unique userID or passwords, or Single Sign On information) to authenticate that the user is a Subscriber and is in good standing. This includes information about one-time tokens, Multi Factor Authentication, or other device authentication. eWitness also collects information about the subscriber’s first and last name, affiliation (if provided), data and channels entered into the database (including date and time), as well as search history of searches of the database. We use this information to validate users, monitor and respond to security threats to the database or platforms, and to improve the overall service including debugging and troubleshooting. eWitness does not sell this information. eWitness will, in the course of providing services, submit the authentication information to the platform in question in order to obtain a valid session token so our scraper can log in.
Upon successful login, the eWitness scraper pulls everything the account can see via the platform's API. This includes group chats, private messages, and any other category of data available via the API. Subscribers should only enroll accounts used to monitor threat actors or abuse. Personal accounts should not be enrolled with eWitness as this will lead to data from the personal accounts to be scraped and added to the database. eWitness does not guarantee that all data will be scraped, or that data will be scraped over any particular period of time, and many factors may limit the ability of eWitness to scrape a particular channel or account.
As currently configured, in the course of scraping, eWitness collects and stores "bookmarks" (channel IDs and message IDs and account IDs) and will use this information to prevent duplicate load on chat services or re-scraping the same data or for debugging or troubleshooting purposes.
eWitness does not guarantee anonymity against attack in the same way, for example, a rigorously reviewed cryptographic protocol might. While eWitness uses standard security procedures to protect the data on the site (including, but not limited to conducting its own penetration testing on the Site), eWitness makes no warranty or representation concerning the security of the data on the site, including Subscriber data. It is possible that the computers at eWitness could become compromised by others and that the information on eWitness’s computers could be collected and disseminated without the knowledge or consent of eWitness. While eWitness endeavors to block "crackers" from breaking into its machines, eWitness is not responsible or liable for any such unauthorized uses of eWitness or its data. You also agree to comply with the terms of service for the eWitness hosting provider, currently Digital Ocean. These are available at https://www.digitalocean.com/legal/terms-of-service-agreement You agree to indemnify and hold Unit 221B harmless for any claim that your actions have violated these terms of service.
We collect the contents of the pattern and other specifications dictated by the user. We collect the contact information the user wishes to receive alerts at which may include email or phone number. We verify ownership before sending the actual alerts. We share that information with a third party party, Twilio (purpose: to be able to send the alerts)
We store copies of past alerts and make it available to the user (purpose: debugging, making sense of what's happening)
What Personal Information May eWitness Have on Its Computers and Systems?
Because eWitness uses standard logging in its cloud based servers, our server may automatically recognize the domain name of each Visitor, each Visitor’s IP address, what Web page the Visitor requests, and the time of the request, along with a variety of information supplied by the visitor’s browser. In addition, eWitness may collect the email addresses and messages of those who communicate with it via email or who enter email addresses in forms.
eWitness may collect personally identifying information when a Researcher or subscriber registers for access to the databases, including the Researcher’s name, address, telephone number, and email address, and the Researcher’s proposal for using the databases.
eWitness may use certain strictly necessary "cookies" to track Users' activities on the Site and in the databases. The Site cannot effectively operate without these cookies. By using the Site, you “opt in” to the use of these cookies as described.
The primary sources of content for the databases are publicly accessible Web pages that were collected and donated by third parties, but eWitness will expand on such sources through its own database activities. For instructions on removing a particular set of pages currently included in the databases, please see our policies and procedures for page removal.
The communications between you and eWitness may pass through many machines, operating systems, programs, browsers, Web servers, networks, routers, Ethernet switches, Internet service providers, proxy servers, intranets, the public phone system, or other devices (collectively, "Devices") on your premises, at eWitness, and in between. Some of these Devices create logs of activities that are recorded on computer systems.
What Might eWitness Do With the Information on Its Computers?
eWitness has both free (no charge to researcher) and paid access to the databases. eWitness may transfer the information on its machines, including personally identifying information, into the databases. The databases are made available to researchers and may be made available on the Site, or provided to third parties, for any use, without limitation.
Advances in data mining technology may make it possible to discover more personally identifiable information or profiles in the databases. Because of this, data which may not, in its present form, constitute “Personal Information” or “Personally Identifying Information” may, in combination with other information, become personally identifiable in the future. However, all of the data in the database is obtained from data publicly posted on third party websites, forums, or platforms.
You should be aware that it may be possible for other Subscribers or researchers to “reverse engineer” the identity of the account which subscribed to a particular Telegram, Discord or other social media platform, and therefore that this information may neither be completely secure nor completely anonymous.
eWitness may disclose any information it collects from Users if eWitness believes in good faith that such action is reasonably necessary to enforce its Terms of Use or other policies, to comply with the law, to comply with legal process, to operate its systems properly, to protect public health, safety or welfare, or to protect the rights or property of itself, its Users, or others
How to Update Researcher Registration Information
Researchers can help eWitness maintain the accuracy of their information by notifying Unit 221B of any changes to their email address. Contact Unit 221B by email at ewitness-support@unit221b.com to update or delete your information. Unit 221B may collect additional information to verify identity.
While subscriptions may be issued to an individual or an organization, credentials and authorizations are personal and are linked to a specific email address. For organizational subscriptions, any transfer of credentials will require the registration and vetting of the new email address. This may result in loss of access to data connected with the prior email address. eWitness will, if requested, work with Subscribers to attempt to minimize any disruption and/or restore access to databases in the event of a change of ownership or email address.
PRODUCTS