It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
Community
General discussion (archive)Privacy Concern: GOG sending order details to Google(151 posts)(151 posts)
(151 posts)
Pages:
1
2
3
4
5
6
7
8
9
10
11
This is my favourite topic
Posted March 31, 2012
avatar
MonstaMunch: Again, the issue here is a very simple one; Disclosure. It wasn't provided and it should have been.
there's nothing to disclose. they've told you they won't share your personal info, and they don't.

avatar
MonstaMunch: there's no need to be so condescending. Even if you don't personally have an issue with it, clearly some people do, and to label them all as idiots is simply ignorant and bigoted.
i didn't call anyone an idiot, did i? i do, however, maintain that anyone who keeps posting walls of text about this non-topic must have no life at all. if those people put at least as much energy into criticising their own government, maybe then they wouldn't live in a surveillance society.

now i bid you a good day, Sir, because i have to get back to my life which i've left somewhere outside the internets.
Post edited March 31, 2012 by Fred_DM
Posted March 31, 2012
avatar
Fred_DM: i didn't call anyone an idiot, did i? i do, however, maintain that anyone who keeps posting walls of text about this non-topic must have no life at all. if those people put at least as much energy into criticising their own government, maybe then they wouldn't live in a surveillance society.

now i bid you a good day, Sir, because i have to get back to my life which i've left somewhere outside the internets.
I think you implied that they were idiots, yes. And if them posting on this thread means they have "no life", then what does that make someone who repeatedly posts on it just to make fun of those people? Glass houses bro.
Posted March 31, 2012
Ok, still don't see where the "personal" information comes into play. Clear it up for me?
Posted March 31, 2012
avatar
stoicsentry: Ok, still don't see where the "personal" information comes into play. Clear it up for me?
It's about domains. A browser will only send a cookie to the domain that created it. so a cookie for gog.com is only visible to gog.com.

a cookie for google.com is visible for any request to google.com. So if I go to amazon and buy something, and amazon cause me to send a request to google analytics, then I go to GOG and buy something, and GOG cause me to send a request to google analytics, then google can associate those 2 actions. The thing about google analytics is that it's very widely used, so there is a very large amount of information that can be associated. So when GOG cause our browser to send information to google, they are throwing that information into the pool of information that other sites also chose to send. Within this pool of information is amost certainly enough information to uniquely identify most people.
Post edited March 31, 2012 by wpegg
Posted March 31, 2012
avatar
stoicsentry: Ok, still don't see where the "personal" information comes into play. Clear it up for me?
I'm in a country where any kind of porn is illegal enough that theoretically, the Witcher 2 could see me sent to jail.

We have posters here from Indonesia too, which as I understand it has even harsher laws. GOG states that they are keeping personal information for use under certain legal circumstances.

Even so, I'm not massively bothered or even remotely worried, but still it would have been very nice to know beforehand. You can understand that right?
Posted March 31, 2012
avatar
stoicsentry: Ok, still don't see where the "personal" information comes into play. Clear it up for me?
avatar
wpegg: It's about domains. A browser will only send a cookie to the domain that created it. so a cookie for gog.com is only visible to gog.com.

a cookie for google.com is visible for any request to google.com. So if I go to amazon and buy something, and amazon cause me to send a request to google analytics, then I go to GOG and buy something, and GOG cause me to send a request to google analytics, then google can associate those 2 actions. The thing about google analytics is that it's very widely used, so there is a very large amount of information that can be associated. So when GOG cause our browser to send information to google, they are throwing that information into the pool of information that other sites also chose to send. Within this pool of information is amost certainly enough information to uniquely identify most people.
So basically the concern is that it helps google compile data and that, even though the data in question is not really "personal" per se, it can be merged with other data that *is* personal. Right?

I think that clears it up for me, thanks.
Posted March 31, 2012
avatar
stoicsentry: Ok, still don't see where the "personal" information comes into play. Clear it up for me?
avatar
wpegg: It's about domains. A browser will only send a cookie to the domain that created it. so a cookie for gog.com is only visible to gog.com.

a cookie for google.com is visible for any request to google.com. So if I go to amazon and buy something, and amazon cause me to send a request to google analytics, then I go to GOG and buy something, and GOG cause me to send a request to google analytics, then google can associate those 2 actions. The thing about google analytics is that it's very widely used, so there is a very large amount of information that can be associated. So when GOG cause our browser to send information to google, they are throwing that information into the pool of information that other sites also chose to send. Within this pool of information is amost certainly enough information to uniquely identify most people.
Actually no, because you have separate tracking codes for each of the websites that use GA, and the cookies generated are independent from one another, as are the requests to Google Analytics.

And this really is a non-issue, because GOG does indeed not disclose any personal details: it does not disclose your username, nor does it disclose your email, nor the credit-card number or paypal account used to use the transaction.

An order ID does not count as personal details, because without access to the GOG database it can not be used to personally identify you as an individual.

avatar
MonstaMunch: Try paying here via paypal. If the info you gave them doesn't match the info you give paypal, the transaction doesn't go through.
And what information is that? I'm honestly asking because I've never used PayPal to pay on GOG, but from what I see, once you select PayPal it redirects you to their website to complete the payment.

I mean, I need clarification on what information you refer to when you say "the info you gave them" and to what you refer when you say "the info you give paypal".
Post edited March 31, 2012 by AndrewC
Posted March 31, 2012
avatar
AndrewC: Actually no, because you have separate tracking codes for each of the websites that use GA, and the cookies generated are independent from one another, as are the requests to Google Analytics.
I don't quite understand how they could achieve this, unless they generate a separate subdomain per GA account and label the cookies as being specific to that domain, they will be sent all cookies with each request. So if they wanted to then they could link the traffic.
Posted March 31, 2012
I'm ill today so I'm not really up to a long reply here in the thread--kids, don't buy kebabs from dodgy street vendors!--but I've passed the concern you guys have on to our development team, and we'll have a reply for you guys on Monday after they've explained the developery things to me.
Posted March 31, 2012
Using and [url=https://addons.mozilla.org/en-US/firefox/addon/ghostery/?src=search]Ghostery along with BetterPrivacy with Firefox gives me the illusion of privacy . . . if nothing else.

On the attached image, image A shows what NoScript is blocking with image B showing what Ghostery is blocking on GOG.

I do have GhostRank disabled in the Ghostery Options. I can't see any diff in blocking with it disabled or enabled so I leave it disabled as I prefer not to send them data.

I assume GOG wants user data to some degree (maybe getting it from Google???) so they may not be too helpful concerning blocking methods
Attachments:
gogblock.jpg (158 Kb)
Posted March 31, 2012

I do not know if Ghostery's situation has changed recently but months ago there was a lot of warning about this plugin so I stopped using it. Just a word of warning for you.
What's the concern about Ghostery? I tried Google it but found nothing. Has been using that thing for months on my Opera.
Posted March 31, 2012
It seems that by European law, websites have to inform their users if they are collecting data for GA. This was ruled in May 2011, and companies have one year to comply before it is enforced.

Source.
Posted March 31, 2012
avatar
MonstaMunch: It seems that by European law, websites have to inform their users if they are collecting data for GA. This was ruled in May 2011, and companies have one year to comply before it is enforced.

Source.
Too bad most websites won't do a thing about it.
Posted March 31, 2012
avatar
MonstaMunch: It seems that by European law, websites have to inform their users if they are collecting data for GA. This was ruled in May 2011, and companies have one year to comply before it is enforced.

Source.
This is not how EU legislation works. EU can create "directives" but then it's up to each member countries to enforce laws from such directives (or don't). What you're linking is true for UK websites and that's it.
Posted March 31, 2012
avatar
TheEnigmaticT: I'm ill today so I'm not really up to a long reply here in the thread--kids,
Get well soon.
Pages:
1
2
3
4
5
6
7
8
9
10
11
This is my favourite topic
Community
General discussion (archive)Privacy Concern: GOG sending order details to Google(151 posts)(151 posts)
(151 posts)