Last updated October 20, 2022
The Open Podcast Prefix Project (OP3) is a free and open-source podcast prefix analytics service committed to open data and listener privacy.
The production system is made up of three distinct services from a privacy point-of-view, and covered separately below for clarity. Every claim can be audited by looking at the public codebase.
The OP3 redirect service ("the service") saves basic, non-identifying request data every time a podcast listener downloads an episode using the service.
Like other prefix services, it uses this information to compute standarized metrics such as downloads per show.
Unlike other prefix services, it makes the data available over a public Data API (below) at a granular level for the benefit of the wider open podcast ecosystem.
In order to meet both goals of open data and listener privacy, the service saves only basic request attributes, securely hashes and encrypts all listener IP addresses before storing, and does not join data with any third-party services.
The request attributes currently captured for each request are:
No cookies are used.
IP addresses are not personally-identifiable in and of themselves, and the service does not have any associated data that makes them so. However, the service takes extra precautions to avoid republishing them back out to Data API users, who only ever see a secure hash, computed by the service using a monthly-rotating secret key.
Internally, the service also stores a separate symmetrically-encrypted version with another set of monthly-rotating secret keys. This version is never returned in the Data API, and only used internally to apply IP range filters in back-calculations and to combat abuse of the service.
IP addresses are never joined with outside third-party data or services.
The OP3 Data API service ("the Data API") makes podcast and episode download data available to anyone with a valid authorization token.
Users of the Data API are not tracked in any way, other than to implement mechanisms like rate-limiting to prevent abuse of the system.
The data returned by the Data API cannot be used to obtain listener IP addresses, only a secure hash (computed with an internal key rotated monthly). Even if a listener's IP address is known, there is no way to find it in any Data API response.
The op3.dev Website ("the Website") consists of a handful of public web pages hosted by the service.
The source code for every page of the Website is available in the public GitHub repo, part of the same deployment that includes the Prefix Redirect Service and the Data API service.
2022-09-17: Published initial version.
2022-10-20: Documented new list of captured request attributes, consensus derived from a project discussion.