This plugin spys on you!

Great functionality. However, a quick inspection of the code shows:

1. Every time the plugin is activated / deactivated your site URL is emailed to the plugin author.
2. This plugin seems to try and write all IP’s it’s ever been accessed from to the file ‘welcome.txt’ on the server. It doesn’t seem to do anything with this information; however anyone with the blog URL can read the contents of ‘welcome.txt’. (The previous point guarantees that the plugin author certainly has the ability to do this.)

Could you please explain why the script is gathering this information?