It seems that you're using an outdated browser. Some things may not work as they should (or don't work at all).
We suggest you upgrade newer and better browser like: Chrome, Firefox, Internet Explorer or Opera

×
avatar
Ziemowiterkens: What I dont't get is why are some people sort of arguing AGAINST privacy?
I can only speak for me, but I'm not against privacy at all, far from it actually. I think GOG should offer as many privacy options as possible and give users complete control over every type of service or feature offered on GOG. In my opinion they don't offer enough currently. I just don't agree those options need to be set at the highest level necessarily by default. By all means GOG should do so though if GDPR requires it to avoid issues, but the rest of the world there is no such requirement.

As long as they are giving users a fair warning before hand (which they did), and letting all users know via normal communication channels (which they probably will via a site announcment, email most likley and probably social media) then GOG has fullfiled their requirement on notification. That is all they really owe us users, outside of giving us a way to opt-out which also they did.

avatar
Taro94: Thank you. This is exactly why I totally understand GOG's decision to make the profiles public by default.
No problem. Thanks for being sensible. Elcook was right when he said: "You guys and gals are also the most sensitive for such changes".

Everyone else said oh cool profiles and either opt-ed out or went on with their day.

A pop up window would also be acceptable though. I agree.
Post edited April 20, 2018 by user deleted
low rated
avatar
Ziemowiterkens: What I dont't get is why are some people sort of arguing AGAINST privacy?
avatar
Breja: Because we live in a fucked up dystopia where lack of privacy is becoming the norm and insisting on retaining it an aberration.
Is it SO hard to converse with people without using foul language?
high rated
avatar
BKGaming: Oh I understand the possiblity of doing so, I just don't see how pratical it is with what data we are talking about in this specific case but maybe it's because it's not something I place of high importance on personally.
I have noticed a pattern of your replies hand-waving a lot of arguments against your stance with "I don't know/care enough".

You strike me as too intelligent of a person not to see an issue with that manner of a response while maintaining your opinion.

avatar
BKGaming: I'm also probably biased because I do web development and I can see the benifts of having profiles public vs private and why profiles being public is typically the rule not the exception. If I was making some kind of profile system for a web site I would also set the default setting to public, otherwise the feature would be a waste of development time because it probably won't be adopted large scale.
Oh, so you do have working knowledge of the matter at hand (at least from the implementation standpoint)? Then you do realize that creating such public elements means additional information gathering as well as collating and storage? The very information that is deemed a very desirable trade good by plenty of potential "trusted partners" of GOG in the future?

Also, on a bit of a tangent - a lot of tech people seem unable to grasp the fact that just because you can do something does not always make it a good idea.

avatar
BKGaming: GOG is really no different than any other company that sells a service or goods online in this regard. Until somebody takes them to court over it or laws catch up to 2018 it probably won't change.
And here I thought GOG valued their distinctly different business approach that rewarded them with a not-insignificant market share? Why shouldn't commitment to privacy be another area in which the company ensures long-term securing of customer base the same way it managed (and CDP before in its illegal-distro-competing heydays) to do with its early "customers first" approach?

avatar
BKGaming: And what would stop you from changing some settings so you can have said privacy in this case in regards to GOG if they did decide to use geolocation to have different defaults based on location?
Because GOG's ToS prohibit falsification of geolocation data, for once.

Also, because any technological solution to a problem that has the potential of being eliminated without such need is not an efficient way to approach it.

avatar
Tauto: Is it SO hard to converse with people without using foul language?
In my case is the combination of about two decades worth of exasperation and the same illogical and, frankly, idiotic if not completely clueless argumentation on things that were apparent for years to people willing to put the bare minimum learning effort.

None of the causes of the privacy uproar right now is a surprise (except perhaps the extent to which seemingly benign information can be used for individual tracking, but even tech advances in that were not exactly hidden behind paywalls or enginner-speak research papers). But still, even when faced with direct evidence that the information already gathered at will is being exploited in direct manipulation of the core foundation of democratic process, people will continue to present arguments such as "I have nothing to hide".

Yes, you do. You're just dumb enough not to realize it, and lazy enough not to educate yourself. It's outright fucking depressing.

Also, the use of profanities assists in better mental health and stress relief. "Science, bitches!"

avatar
BKGaming: I can only speak for me, but I'm not against privacy at all, far from it actually. I think GOG should offer as many privacy options as possible and give users complete control over every type of service or feature offered on GOG. In my opinion they don't offer enough currently. I just don't agree those options need to be set at the highest level necessarily by default.
That is not a logical combination of statements.
Post edited April 20, 2018 by Lukaszmik
high rated
avatar
BKGaming: I'll probably be criticized for this, but I'm just being honest. I fail to see how this is giving personal information by default? Personal information would be your real name, email, or home address. Anything that can allow one to identify who you are in real life. As far as I am aware, GOG has not stated any of this info will be visible on profile pages.
Perhaps not on the profile page, but in my opinion, the ability to search for and find users by e-mail address is a problem regarding personal information. What if I signed up using a username with no relation to me, but tied my GOG account to an e-mail address that is trivially connected to my legal name (contains it as a substring, or is published on reputable pages that also mention my name, etc.)? Anyone who searches for that e-mail address then discovers my otherwise-anonymized GOG account.
avatar
BKGaming: Your GOG account name or account activity or even game list is not personal information and as I said before these are public accounts.

Even GOG's Privacy Policy even states:
2.2 Specifically, this Privacy Policy governs personal information and non-personal information which we collect from you when you're using GOG services. ("Personal information" means information which, on its own or in combination with other information, can be used to identify you).
avatar
BKGaming: And they even tell you how they use information linked to your account like the following:
a) To enable GOG.com functionality that helps you and your friends keep updated about what you’re doing within GOG services, e.g. notifying you and your GOG.com friends about who is playing what games.
avatar
BKGaming: They also make it clear these are public profiles and things you do on them may be made publicly available.
Also, any information you post publicly using GOG services (e.g. your public profile) will be publicly available to GOG users and others. We are not responsible for your use of otherwise private personal information, which you make available via GOG services, or the activities of other users or other third parties to whom you give or make available your information.
avatar
BKGaming: So it seems to me GOG is clear about their intent, and that some people actually have issues with GOG's overall privacy policy (in which those people should maybe not even use GOG) rather than this particular change.
I don't see your point here. All the pieces you cite are to protect GOG in the event someone intentionally makes public his/her personal information. All the complaints here are because GOG is intentionally making public by default and with no advance general warning (this forum thread does not count, because it's so easy to miss) information that was previously non-public and has no legitimate business need to become public.

If I never knowingly publish my e-mail address on the forum, nor private-message it to anyone over GOG's system, nor friend any users, I might reasonably expect that only GOG staff can view it, and that they wouldn't do so without good cause. Nothing you quoted here seems to contradict this hypothetical. Yet the ability to find users by e-mail address directly lets other GOG users discover this that I, John The Private, with e-mail address john.private@example.com, am a GOG user with username Smith29, even though Smith29 never mentions in any of his posts anything that could be used to derive that information.

avatar
BKGaming: GOG is even clear that if you don't agree with the privacy policy or any changes they make to it that you should cease using GOG after being notified of said changes:
True, but completely pointless. Suppose tomorrow GOG posts another revision to the privacy policy that I find absolutely abhorrent. I swear off ever using GOG, delete all bookmarks to it, never come to the site again, etc. How does GOG differentiate that from a user who just lost interest in visiting the site because it was boring? How does my cessation of interaction with GOG cause them to in any way exclude my account and all information provided under the old policy from being harmed by the new policy?

The invitation to contact them with "queries" is an equally pointless evasion. There's no indication that there is any way to get them to honor their original agreement, even if I'm willing to give up the service and all its benefits.
avatar
BKGaming: Do people actually read these?
Well, it's a legal document that nobody has any hope of actually enforcing against GOG anyway, so no, (almost) nobody reads these. You should know by now that the standard for legal agreements on the Internet is that they're written to ask for things that aren't legal, that corporations are incapable of explaining the terms, that the terms may change at any time without adequate notice (so what's the point of reading it, if it will likely say something different and silently become binding, by the time its contents might matter?), that none of the terms will be negotiable at any price, that users won't read them, and nobody on either side actually expects the other party will obey any term unless explicitly ordered by a court after losing a lawsuit. If the terms weren't so grossly one-sided, people might treat them more reasonably. As is, almost all compliance is incidental rather than intentional.
low rated
avatar
Lukaszmik: I have noticed a pattern of your replies hand-waving a lot of arguments against your stance with "I don't know/care enough".

You strike me as too intelligent of a person not to see an issue with that manner of a response while maintaining your opinion.
Well that is just how I feel about it honestly, sorry. I'm not the type of person that get's overly concerned with privacy issues. I'm largly indifferent to it. I think the concept of privacy was lost long ago and as technology becomes more integrated into everyday life (which it will) the worst it will be.

As the saying goes would you like me to tell you the turth or would you rather I lie to you? I really just need to stay out of these type of threads, as I lose interest in the debate far to often. I get myself into this mess far to often also and I'm kind of worn out at this point. :P

avatar
Lukaszmik: Oh, so you do have working knowledge of the matter at hand (at least from the implementation standpoint)? Then you do realize that creating such public elements means additional information gathering as well as collating and storage? The very information that is deemed a very desirable trade good by plenty of potential "trusted partners" of GOG in the future?
Yes I understand how the implementation happens and how that information is stored on the back-end. I even understand from a business standpoint GOG may share that information (even though that was not my area in my day to day when I worked for a large company as a PHP dev, I was just a lonley programmer so that would be way above me).

All I can say is personally there is nothing on GOG that I would have an issue with them sharing when it comes to my own account. But I don't speak for everyone nor would I try. As far as what I would consider actual personal data GOG has very little, if they collected more say like FB I might be a little more concerned.

avatar
Lukaszmik: Also, on a bit of a tangent - a lot of tech people seem unable to grasp the fact that just because you can do something does not always make it a good idea.
Oh on that 100% agreed. That pretty true of anything really, but just because some people would find it undesirable doesn't necessarily mean you shouldn't do it either. I'm just saying there is always the other side of the coin.

As a developer I would not want to waist weeks or months of my time on a feature that will be ignored because we defaulted to the highest level of privacy, it's bad enough when features get scrapped. As I posted a link to, it is pretty much a fact based on gathered data that most users don't change default settings. So GOG has to evaluate what is worth more to them, and they probably determined like most sites have, that the the majority of people are more than fine with lax privacy options (I think even more so in something like a gaming service where gaming is by design a sociable thing so you are kind of expected to share data with others).

avatar
Lukaszmik: And here I thought GOG valued their distinctly different business approach that rewarded them with a not-insignificant market share? Why shouldn't commitment to privacy be another area in which the company ensures long-term securing of customer base the same way it managed (and CDP before in its illegal-distro-competing heydays) to do with its early "customers first" approach?
I don't know I don't speak for GOG. I think people expect them to be a different tyoe of business but I don't think GOG is really any different than any other business out there... at the end of the day their goal is to make money.

avatar
Lukaszmik: That is not a logical combination of statements.
Sure it is. We don't live in a all or nothing sort of world. You can be for something (like privacy) in principle but realize there are limits to it as well. By offering options GOG has offered some level of privacy, to some people that isn't enough. Some people simply want all or nothing and that would be non logical.
Post edited April 20, 2018 by user deleted
avatar
elcook: So there is a very cool and nice feature coming to GOG blah blah blah....
Oh look, they're adding more bells and whistles to this antiquated dungheap of a website! o.O
avatar
advowson: Perhaps not on the profile page, but in my opinion, the ability to search for and find users by e-mail address is a problem regarding personal information. What if I signed up using a username with no relation to me, but tied my GOG account to an e-mail address that is trivially connected to my legal name (contains it as a substring, or is published on reputable pages that also mention my name, etc.)? Anyone who searches for that e-mail address then discovers my otherwise-anonymized GOG account.
I actually agree with you there. I think GOG should break this down into two checkboxes. One being search by GOG username which should be on by default and the other being search by email which should be disabled by default. I do see the need for the feature though.

All we can do is communicate this to GOG though.

avatar
advowson: I don't see your point here. All the pieces you cite are to protect GOG in the event someone intentionally makes public his/her personal information.
The point was to to show that GOG is clear on how certain data may be used (including data like friends or account names, etc) and how they define personal vs non personal data. And to make the point that GOG does indeed view these profiles as public information in the context of "access to personal information by default".

avatar
advowson: True, but completely pointless. Suppose tomorrow GOG posts another revision to the privacy policy that I find absolutely abhorrent. I swear off ever using GOG, delete all bookmarks to it, never come to the site again, etc. How does GOG differentiate that from a user who just lost interest in visiting the site because it was boring? How does my cessation of interaction with GOG cause them to in any way exclude my account and all information provided under the old policy from being harmed by the new policy?

The invitation to contact them with "queries" is an equally pointless evasion. There's no indication that there is any way to get them to honor their original agreement, even if I'm willing to give up the service and all its benefits.
If you disagree with the new policy I would assume you would a) communicate that in writing to GOG b) ask them to delete your account. By not doing that, after 30 days you are telling them you accept the new polices. In the grand scheme of things I agree it really doesn't matter, there isn't much we can do about it if we don't agree, but from a legal standpoint it does matter on GOG's side.

avatar
advowson: Well, it's a legal document that nobody has any hope of actually enforcing against GOG anyway, so no, (almost) nobody reads these.
True but you should still read them. In any potiential legal avenue against a company they are the best way of knowing where you stand and what you have to prove / disprove. And sure there mostly written to protect said company and they may not hold up in court, but again it's good idea to at-least know what you are potentially giving up by using said service before you actually use or continue to use said service.
Post edited April 20, 2018 by user deleted
avatar
Breja: Because we live in a fucked up dystopia where lack of privacy is becoming the norm and insisting on retaining it an aberration.
avatar
Tauto: Is it SO hard to converse with people without using foul language?
Breja is right, though. That's the best summary I've read yet regarding the way society is moving. I've had my info compromised when Sony was hacked, when some dipshit at the Department of Defense took a work laptop home without permission which was then stolen, and when Yahoo was hacked. Privacy is an utmost concern for me.

"Under certain circumstances, urgent circumstances, desperate circumstances, profanity provides a relief denied even to prayer." - Mark Twain
Post edited April 20, 2018 by Firefox31780
low rated
avatar
BKGaming: Oh I understand the possiblity of doing so, I just don't see how pratical it is with what data we are talking about in this specific case but maybe it's because it's not something I place of high importance on personally.
avatar
Lukaszmik: I have noticed a pattern of your replies hand-waving a lot of arguments against your stance with "I don't know/care enough".

You strike me as too intelligent of a person not to see an issue with that manner of a response while maintaining your opinion.

avatar
BKGaming: I'm also probably biased because I do web development and I can see the benifts of having profiles public vs private and why profiles being public is typically the rule not the exception. If I was making some kind of profile system for a web site I would also set the default setting to public, otherwise the feature would be a waste of development time because it probably won't be adopted large scale.
avatar
Lukaszmik: Oh, so you do have working knowledge of the matter at hand (at least from the implementation standpoint)? Then you do realize that creating such public elements means additional information gathering as well as collating and storage? The very information that is deemed a very desirable trade good by plenty of potential "trusted partners" of GOG in the future?

Also, on a bit of a tangent - a lot of tech people seem unable to grasp the fact that just because you can do something does not always make it a good idea.

avatar
BKGaming: GOG is really no different than any other company that sells a service or goods online in this regard. Until somebody takes them to court over it or laws catch up to 2018 it probably won't change.
avatar
Lukaszmik: And here I thought GOG valued their distinctly different business approach that rewarded them with a not-insignificant market share? Why shouldn't commitment to privacy be another area in which the company ensures long-term securing of customer base the same way it managed (and CDP before in its illegal-distro-competing heydays) to do with its early "customers first" approach?

avatar
BKGaming: And what would stop you from changing some settings so you can have said privacy in this case in regards to GOG if they did decide to use geolocation to have different defaults based on location?
avatar
Lukaszmik: Because GOG's ToS prohibit falsification of geolocation data, for once.

Also, because any technological solution to a problem that has the potential of being eliminated without such need is not an efficient way to approach it.

avatar
Tauto: Is it SO hard to converse with people without using foul language?
avatar
Lukaszmik: In my case is the combination of about two decades worth of exasperation and the same illogical and, frankly, idiotic if not completely clueless argumentation on things that were apparent for years to people willing to put the bare minimum learning effort.

None of the causes of the privacy uproar right now is a surprise (except perhaps the extent to which seemingly benign information can be used for individual tracking, but even tech advances in that were not exactly hidden behind paywalls or enginner-speak research papers). But still, even when faced with direct evidence that the information already gathered at will is being exploited in direct manipulation of the core foundation of democratic process, people will continue to present arguments such as "I have nothing to hide".

Yes, you do. You're just dumb enough not to realize it, and lazy enough not to educate yourself. It's outright fucking depressing.

Also, the use of profanities assists in better mental health and stress relief. "Science, bitches!"

avatar
BKGaming:
avatar
Lukaszmik:
That is a load of cr*p!

avatar
Tauto: Is it SO hard to converse with people without using foul language?
avatar
Firefox31780: "Under certain circumstances, urgent circumstances, desperate circumstances, profanity provides a relief denied even to prayer." - Mark Twain
So,it's okay in this thread.Don't make me laugh,this is none of the above reasons unless you are paranoid.
Post edited April 20, 2018 by Tauto
avatar
Tauto: Is it SO hard to converse with people without using foul language?
avatar
Firefox31780: Breja is right, though. That's the best summary I've read yet regarding the way society is moving. I've had my info compromised when Sony was hacked, when some dipshit at the Department of Defense took a work laptop home without permission which was then stolen, and when Yahoo was hacked. Privacy is an utmost concern for me.

"Under certain circumstances, urgent circumstances, desperate circumstances, profanity provides a relief denied even to prayer." - Mark Twain
You do realize, though, that if GOG is hacked, your personal information can be leaked whether GOG decides to display it in public via profiles, or not?

What you've written is a bit irrelevant to the situation at hand.
Post edited April 20, 2018 by Taro94
avatar
Lukaszmik: You fail to see because you do not apparently understand how far past are we in terms of technological capacity for identifying individual users with seemingly innocuous data (also, hardware/software fingerprinting methods).
That is very correct. Besides – for some serious shit that can be pulled off with the data, the actual user's name and his address is basically irrelevant. For targeted marketing, it certainly is. For the facebook/Cambridge Analytica scandal, names and addresses were not even a bonus, they were completely superfluous. The whole thing would have worked out just as well if all facebook users employed alts and never gave contact data! The "seemingly innocuous" data or rather: the literally innocuous data, your interests and everyday conversations, was what was mined and used.

I guess that the facebook/CambridgeA scandal should have caused a major paradigm change in how we view our privacy online exactly because innocuous data was sought and used, and exactly because that innocuous data is what facebook "produces" and sells to function.

And GOG is just about to double down on our continued ignorance.

avatar
Lukaszmik: I really hope the Polish government gets shut down hard on this by the EU.
Oh shoot. Somehow I now feel like a DRM free games service should be in a country other than Poland (but not in Germany, God no). :(
Post edited April 20, 2018 by Vainamoinen
avatar
gogtrial34987: If a bit of data can be used to identify an individual in any way (or to distinguish between individuals) - even if only through the use of other data sets, then that's personal data.
avatar
BKGaming: They keyword here is "IF". So unless you can prove that by using "activity" and "active friends" you can identify any random GOG user that you have never met, then you will be hard pressed to prove that this information can be classified as "personal information" or "personal data" (and I very much doubt you will be able to do that).
from my understanding that's the wrong way to look at this. The question is not whether you can be identified by information about your "gaming activity" alone.
the directive explicitly states:

‘personal data’ means any information relating to an identified or identifiable natural person
I think we can easily conclude that to GOG you as the user are an identifiable person through your registered account. That means that any additional information that GOG collects, that is tied to you or your account, has to be regarded as "personal data" wrt to the GDPR. This would include things like your "gaming activity" and "active friends" i think.
Consequently the collection, processing and sharing of that information requires explicit consent from the "data subject", i.e. you, the user.
And from what I heard most seem to agree that presenting the user with an option where the choice to share their data is pre-selected(aka the default choice) does not constitute "explicit consent".

that being i am not a lawyer, so what do I know ? :p
legal things aside, from my pov GOG is still first and foremost a store, not a social media hub. I would very much like any additional "social function" to be an optional opt-in.
Post edited April 20, 2018 by immi101
Every user's country is displayed under their avatar on the forums since forever and no one ever seemed to complain that it breaches their privacy. Also note that you can't opt-out from your country being displayed.

A feature is going to be introduced that will allow others to see that Terraria is the last game you played. You can avoid this by opting-out or even simply not using Galaxy (which most people who care that deeply about privacy don't use anyway).

A serious question. Do you folks seriously believe that the first is not the case of revealing user's personal information without their consent, while the latter is?
avatar
Taro94: Every user's country is displayed under their avatar on the forums since forever and no one ever seemed to complain that it breaches their privacy. Also note that you can't opt-out from your country being displayed.
No, but you can change it to anything, you don't have to give true information. But yes, I think we should be able to opt-out from giving any info there at all.
avatar
Taro94: Every user's country is displayed under their avatar on the forums since forever and no one ever seemed to complain that it breaches their privacy. Also note that you can't opt-out from your country being displayed.
avatar
Breja: No, but you can change it to anything, you don't have to give true information. But yes, I think we should be able to opt-out from giving any info there at all.
Just like you can change your country to anything, so can you opt-out from making your activity public.

I'm using this example to show that GOG has presented everyone's information (at least some of it) ever since its conception and no one really ever minded that.

I really get the feeling that it's simply the users who decided to take shots at a new feature, given that they're entirely comfortable with with another "leak" of information that is more personal and with no option of opting-out.
Post edited April 20, 2018 by Taro94