I can only speak for me, but I'm not against privacy at all, far from it actually. I think GOG should offer as many privacy options as possible and give users complete control over every type of service or feature offered on GOG. In my opinion they don't offer enough currently. I just don't agree those options need to be set at the highest level necessarily by default. By all means GOG should do so though if GDPR requires it to avoid issues, but the rest of the world there is no such requirement.

As long as they are giving users a fair warning before hand (which they did), and letting all users know via normal communication channels (which they probably will via a site announcment, email most likley and probably social media) then GOG has fullfiled their requirement on notification. That is all they really owe us users, outside of giving us a way to opt-out which also they did.

No problem. Thanks for being sensible. Elcook was right when he said: "You guys and gals are also the most sensitive for such changes".

Everyone else said oh cool profiles and either opt-ed out or went on with their day.

A pop up window would also be acceptable though. I agree.

Is it SO hard to converse with people without using foul language?

I have noticed a pattern of your replies hand-waving a lot of arguments against your stance with "I don't know/care enough".

You strike me as too intelligent of a person not to see an issue with that manner of a response while maintaining your opinion.

Oh, so you do have working knowledge of the matter at hand (at least from the implementation standpoint)? Then you do realize that creating such public elements means additional information gathering as well as collating and storage? The very information that is deemed a very desirable trade good by plenty of potential "trusted partners" of GOG in the future?

Also, on a bit of a tangent - a lot of tech people seem unable to grasp the fact that just because you can do something does not always make it a good idea.

And here I thought GOG valued their distinctly different business approach that rewarded them with a not-insignificant market share? Why shouldn't commitment to privacy be another area in which the company ensures long-term securing of customer base the same way it managed (and CDP before in its illegal-distro-competing heydays) to do with its early "customers first" approach?

Because GOG's ToS prohibit falsification of geolocation data, for once.

Also, because any technological solution to a problem that has the potential of being eliminated without such need is not an efficient way to approach it.

In my case is the combination of about two decades worth of exasperation and the same illogical and, frankly, idiotic if not completely clueless argumentation on things that were apparent for years to people willing to put the bare minimum learning effort.

None of the causes of the privacy uproar right now is a surprise (except perhaps the extent to which seemingly benign information can be used for individual tracking, but even tech advances in that were not exactly hidden behind paywalls or enginner-speak research papers). But still, even when faced with direct evidence that the information already gathered at will is being exploited in direct manipulation of the core foundation of democratic process, people will continue to present arguments such as "I have nothing to hide".

Yes, you do. You're just dumb enough not to realize it, and lazy enough not to educate yourself. It's outright fucking depressing.

Also, the use of profanities assists in better mental health and stress relief. "Science, bitches!"

That is not a logical combination of statements.

Perhaps not on the profile page, but in my opinion, the ability to search for and find users by e-mail address is a problem regarding personal information. What if I signed up using a username with no relation to me, but tied my GOG account to an e-mail address that is trivially connected to my legal name (contains it as a substring, or is published on reputable pages that also mention my name, etc.)? Anyone who searches for that e-mail address then discovers my otherwise-anonymized GOG account.
I don't see your point here. All the pieces you cite are to protect GOG in the event someone intentionally makes public his/her personal information. All the complaints here are because GOG is intentionally making public by default and with no advance general warning (this forum thread does not count, because it's so easy to miss) information that was previously non-public and has no legitimate business need to become public.

If I never knowingly publish my e-mail address on the forum, nor private-message it to anyone over GOG's system, nor friend any users, I might reasonably expect that only GOG staff can view it, and that they wouldn't do so without good cause. Nothing you quoted here seems to contradict this hypothetical. Yet the ability to find users by e-mail address directly lets other GOG users discover this that I, John The Private, with e-mail address john.private@example.com, am a GOG user with username Smith29, even though Smith29 never mentions in any of his posts anything that could be used to derive that information.

True, but completely pointless. Suppose tomorrow GOG posts another revision to the privacy policy that I find absolutely abhorrent. I swear off ever using GOG, delete all bookmarks to it, never come to the site again, etc. How does GOG differentiate that from a user who just lost interest in visiting the site because it was boring? How does my cessation of interaction with GOG cause them to in any way exclude my account and all information provided under the old policy from being harmed by the new policy?

The invitation to contact them with "queries" is an equally pointless evasion. There's no indication that there is any way to get them to honor their original agreement, even if I'm willing to give up the service and all its benefits.
Well, it's a legal document that nobody has any hope of actually enforcing against GOG anyway, so no, (almost) nobody reads these. You should know by now that the standard for legal agreements on the Internet is that they're written to ask for things that aren't legal, that corporations are incapable of explaining the terms, that the terms may change at any time without adequate notice (so what's the point of reading it, if it will likely say something different and silently become binding, by the time its contents might matter?), that none of the terms will be negotiable at any price, that users won't read them, and nobody on either side actually expects the other party will obey any term unless explicitly ordered by a court after losing a lawsuit. If the terms weren't so grossly one-sided, people might treat them more reasonably. As is, almost all compliance is incidental rather than intentional.

Well that is just how I feel about it honestly, sorry. I'm not the type of person that get's overly concerned with privacy issues. I'm largly indifferent to it. I think the concept of privacy was lost long ago and as technology becomes more integrated into everyday life (which it will) the worst it will be.

As the saying goes would you like me to tell you the turth or would you rather I lie to you? I really just need to stay out of these type of threads, as I lose interest in the debate far to often. I get myself into this mess far to often also and I'm kind of worn out at this point. :P

Yes I understand how the implementation happens and how that information is stored on the back-end. I even understand from a business standpoint GOG may share that information (even though that was not my area in my day to day when I worked for a large company as a PHP dev, I was just a lonley programmer so that would be way above me).

All I can say is personally there is nothing on GOG that I would have an issue with them sharing when it comes to my own account. But I don't speak for everyone nor would I try. As far as what I would consider actual personal data GOG has very little, if they collected more say like FB I might be a little more concerned.

Oh on that 100% agreed. That pretty true of anything really, but just because some people would find it undesirable doesn't necessarily mean you shouldn't do it either. I'm just saying there is always the other side of the coin.

As a developer I would not want to waist weeks or months of my time on a feature that will be ignored because we defaulted to the highest level of privacy, it's bad enough when features get scrapped. As I posted a link to, it is pretty much a fact based on gathered data that most users don't change default settings. So GOG has to evaluate what is worth more to them, and they probably determined like most sites have, that the the majority of people are more than fine with lax privacy options (I think even more so in something like a gaming service where gaming is by design a sociable thing so you are kind of expected to share data with others).

I don't know I don't speak for GOG. I think people expect them to be a different tyoe of business but I don't think GOG is really any different than any other business out there... at the end of the day their goal is to make money.

Sure it is. We don't live in a all or nothing sort of world. You can be for something (like privacy) in principle but realize there are limits to it as well. By offering options GOG has offered some level of privacy, to some people that isn't enough. Some people simply want all or nothing and that would be non logical.

Oh look, they're adding more bells and whistles to this antiquated dungheap of a website! o.O

I actually agree with you there. I think GOG should break this down into two checkboxes. One being search by GOG username which should be on by default and the other being search by email which should be disabled by default. I do see the need for the feature though.

All we can do is communicate this to GOG though.

The point was to to show that GOG is clear on how certain data may be used (including data like friends or account names, etc) and how they define personal vs non personal data. And to make the point that GOG does indeed view these profiles as public information in the context of "access to personal information by default".

If you disagree with the new policy I would assume you would a) communicate that in writing to GOG b) ask them to delete your account. By not doing that, after 30 days you are telling them you accept the new polices. In the grand scheme of things I agree it really doesn't matter, there isn't much we can do about it if we don't agree, but from a legal standpoint it does matter on GOG's side.

True but you should still read them. In any potiential legal avenue against a company they are the best way of knowing where you stand and what you have to prove / disprove. And sure there mostly written to protect said company and they may not hold up in court, but again it's good idea to at-least know what you are potentially giving up by using said service before you actually use or continue to use said service.

Breja is right, though. That's the best summary I've read yet regarding the way society is moving. I've had my info compromised when Sony was hacked, when some dipshit at the Department of Defense took a work laptop home without permission which was then stolen, and when Yahoo was hacked. Privacy is an utmost concern for me.

"Under certain circumstances, urgent circumstances, desperate circumstances, profanity provides a relief denied even to prayer." - Mark Twain

That is a load of cr*p!

So,it's okay in this thread.Don't make me laugh,this is none of the above reasons unless you are paranoid.

You do realize, though, that if GOG is hacked, your personal information can be leaked whether GOG decides to display it in public via profiles, or not?

What you've written is a bit irrelevant to the situation at hand.

That is very correct. Besides – for some serious shit that can be pulled off with the data, the actual user's name and his address is basically irrelevant. For targeted marketing, it certainly is. For the facebook/Cambridge Analytica scandal, names and addresses were not even a bonus, they were completely superfluous. The whole thing would have worked out just as well if all facebook users employed alts and never gave contact data! The "seemingly innocuous" data or rather: the literally innocuous data, your interests and everyday conversations, was what was mined and used.

I guess that the facebook/CambridgeA scandal should have caused a major paradigm change in how we view our privacy online exactly because innocuous data was sought and used, and exactly because that innocuous data is what facebook "produces" and sells to function.

And GOG is just about to double down on our continued ignorance.

Oh shoot. Somehow I now feel like a DRM free games service should be in a country other than Poland (but not in Germany, God no). :(

Every user's country is displayed under their avatar on the forums since forever and no one ever seemed to complain that it breaches their privacy. Also note that you can't opt-out from your country being displayed.

A feature is going to be introduced that will allow others to see that Terraria is the last game you played. You can avoid this by opting-out or even simply not using Galaxy (which most people who care that deeply about privacy don't use anyway).

A serious question. Do you folks seriously believe that the first is not the case of revealing user's personal information without their consent, while the latter is?

No, but you can change it to anything, you don't have to give true information. But yes, I think we should be able to opt-out from giving any info there at all.

Just like you can change your country to anything, so can you opt-out from making your activity public.

I'm using this example to show that GOG has presented everyone's information (at least some of it) ever since its conception and no one really ever minded that.

I really get the feeling that it's simply the users who decided to take shots at a new feature, given that they're entirely comfortable with with another "leak" of information that is more personal and with no option of opting-out.