1password does connect to Microsoft AppCenter without user consent

Former Member

4 years ago

It looks like they use Visual Studio App Center, which is a service that provides some developer automation tools. It seems like they are using it for crash reporting and metrics.

I intercepted the traffic and observed it sending the following data elements every time the app starts:

appBuild, appNamespace, appVersion, locale, model, oemName, osBuild, osName, osVersion, screenSize, sdkName, sdkVersion, timeZoneOffset.

Edit: the privacy implications of this depend on how 1Password uses it. Per Microsoft, the information collected as part of the crash reporting system does not include personal information unless the developer chooses to attach PII-containing data to the crash reports. I didn't see any unique ID numbers in the data I collected, though that didn't include a crash dump.

https://learn.microsoft.com/en-us/appcenter/gdpr/does-it-apply-to-me

Forum Discussion

1password does connect to Microsoft AppCenter without user consent

Featured discussions

November at 1Password: the Access-Trust gap, planning your estate, and an updated unlock experience

Recent discussions

1Password error message on Start up

1Password quits unexpectedly on both Windows 10 and Windows 11

1password.exe never closes

Beta version not working on HTTP sites

1Password on Flathub