Disqus

Disqus is an American blog comment hosting service for websites and online communities that use a networked platform. The company's platform includes various features, such as social integration, social networking, user profiles, spam and moderation tools, analytics, email notifications, and mobile commenting. It was founded in 2007 by Daniel Ha and Jason Yan as a Y Combinator startup.

In 2011, Disqus was ranked No. 2 in Quantcast's U.S. networks with 151 million monthly unique U.S. visits. Disqus was featured on CNN, The Daily Telegraph, and IGN, and about 750,000 blogs and websites.

On December 5, 2017, Disqus was acquired by Zeta Global.

History
Disqus was first developed in the summer of 2007 as a Y Combinator startup. It was headed by Daniel Ha and Jason Yan, who were undergraduates at the University of California, Davis. Disqus was launched on October 30, 2007.

In early 2011, Disqus raised $10 million in funding from North Bridge Venture Partners and Union Square Ventures.

In March 2011, Disqus was used by 75% of websites that included a third-party commenting or discussion system.

On December 5, 2017, Zeta Global announced that it had acquired Disqus for an undisclosed amount. In a blog post, Disqus stated that it planned to continue operations as normal.

Business model
Disqus operates on a freemium financial model supported by ads. While it is free for commenters and small websites, it displays ads. Users have the option to pay fees to remove ads and access extra features.

In November 2010, Disqus began officially offering three add-on packages for websites.

Starting July 2012, Disqus offered just two premium packages. These were the VIP package and a single-sign-on-only package, for $99/month.

Starting in March 2013, Premium packages were phased out.

On January 4, 2017, Disqus announced new premium packages rolling out in March of 2017. A later blog post clarified that over 95% of sites using Disqus, primarily for personal blogs and non-commercial sites, would be unaffected by the new premium model.

Language support
In 2011, both the Disqus site and comment system were translated into over sixty languages. However, following the introduction of the new Disqus in 2012, language support was reduced to seven languages. Even though Disqus accepts applications for new languages, only one has been added as of 2013. This saw the number of supported languages rising to eight.

As of 2017, Disqus was translated into 36 languages including Spanish, French, Japanese, and Chinese, using crowd-sourced translation on Transifex.

Criticism, privacy, and security concerns
Privacy issues have been noted as inherent in the use of services like Disqus, which serve their content through third-party JavaScript widgets.

As with other embedded web widgets, such as like buttons, the Disqus widget acts as a web bug which tracks a user's activities, even when they are not logged in, across different sites that use the Disqus commenting system. Information tracked by Disqus, which may be disclosed to third parties, includes pseudonymous analytics data, such as a user's IP address, their web browser version and installed add-ons, and their referring pages and exit links. Although this data is referred to by Disqus as "Non-Personally Identifiable Information", such data, when aggregated, has been shown to be usable for de-anonymizing users.

Disqus has also been criticized for publishing its registered users' entire commenting histories, along with a list of connected blogs and services, on the publicly viewable user profile pages. The option to keep profile activity private was later added.

Disqus also was criticized for not giving users control over who follows them. Prior to 2014, any user could follow any other user, but a user being followed could not control or block who was following them, which led to harassment among some users.

If Disqus shuts down, hundreds of millions of comments would be wiped away from a wide range of sites, since by the very nature of the service, comment content is not being managed locally by sites implementing the service. However, it is possible for site administrators to export all of their comments as an XML document which can then be ported into other commenting systems.

In September 2014, it announced an update to its privacy policy: "Disqus will be using anonymous interest data for content personalization and ad targeting."

Third party service Disqussearch can be used to search through all comments by username. This is necessary for viewing old comments of users. On the Disqus site, the user can only load small batches of successively older comments by scrolling down.

2013 security breach
In 2013, a Swedish group called Researchgruppen obtained and exposed a large number of anonymous Disqus identities through the application programming interface (API). The group cooperated with the Bonnier tabloid, Expressen, who subsequently visited some of the commenters in their homes, confronting them with their allegedly racist, misogynic, and derogatory sentiments. Researchgruppen said their database contained millions of comments from Disqus users around the world who are at risk of de-anonymization. In March 2014, Expressen and Researchgruppen won the investigative reporting award Guldspaden.

October 2017 security breach
On October 6, 2017, Disqus announced that a snapshot of its database from 2012, containing 17.5 million users' email addresses, login names and sign-up dates from between 2007–2012, had been exposed. The data dump also included, for about a third of the affected accounts, passwords that had been salted and hashed with SHA-1.

Issues with delete button
Previously, if a user attempted to delete their comment, Disqus "anonymized" their comment by changing the author to a Guest user, without removing the content of the body itself. The only recourse at that time was to flag the comment, contact the site moderator to delete the anonymized Guest comment, or to remember to edit out the body of the comment before deleting a comment.

In April 2015, Disqus revised its Delete button to completely delete a comment from the website.

Affiliate links and third-party scripts
Disqus automatically adds affiliate referral codes to links on the containing webpage and converts plain text into links, in order to add affiliate referral codes (this can be turned off). Disqus also injects untrusted and potentially dangerous third party advertising code into containing webpages.

GDPR violation
In 2021, Norwegian Data Protection Agency announced its intent to fine Disqus 2.5 million euro for failures to comply with requirements of European General Data Protection Regulation. Allegedly, Disqus was collecting users' private data and sharing it with advertisers without obtaining consent from websites using Disqus and users visiting those sites.