anna2358

GDPR and off-world databases

Recommended Posts

As I hope you all know by now, the EU's GDPR regulation comes into effect in a few days, and it will mean that, at least for EU-resident SL users, new controls on what can be held in databases about someone will come into force, and will introduce new right for individuals to order the removal of data pertaining to them.  Linden Labs have already made their plans, and have told us that we need to be compliant too.

Quite a few things that I have purchased in SL make use of off-world databases.  A good example is CTS Wardrobe which maintains a database of the items in my #RLV folders and allows me, through a hud, to choose what to wear.   I also have an off-world database myself, I wrote the system to record every avatar who comes onto my parcel, and show their Display Name on my Visitor board.

Neither of these databases contain any way of linking an SL avatar to an RL person, so probably doesn't fall foul of the GDPR.  Of course, I may be wrong, I'm not a lawyer, but I would be very interested in what people think about this.

 

Edited by anna2358
added link to LL Blog

Share this post


Link to post
Share on other sites
37 minutes ago, anna2358 said:

Neither of these databases contain any way of linking an SL avatar to an RL person, so probably doesn't fall foul of the GDPR.  Of course, I may be wrong, I'm not a lawyer, but I would be very interested in what people think about this.

Casper thinks different:

https://blog.caspertech.co.uk/gdpr-is-coming-and-it-affects-you/

... and his customers just store usernames as well

Edited by Fionalein
  • Like 1

Share this post


Link to post
Share on other sites
58 minutes ago, anna2358 said:

I also have an off-world database myself, I wrote the system to record every avatar who comes onto my parcel, and show their Display Name on my Visitor board.

That's the only thing that anna asked about, and with that system nothing of any real world data is stored, so nothing is stored that can be linked to any real world person. Therefore, nothing is stored that would come under the new law.

I've no idea what Casper stores, but, just like everyone else, he's entitled to an opinion, right or wrong. He may store IP addresses - he probably does - so he may be a bit concerned.

ETA: If anna will be in breach of the new law, then every SL user will be too, because we all store chat logs, even if we don't realise it, and chat logs have usernames. To be honest, the idea that what anna described could be in breach of the new law, would be total nonsense. (I know you didn't suggest it).

The law is about data stored about a person. It is not aboult data stored about an avatar/character. It would only become data about a person if information about the person behind the avatar is stored, and anna doesn't do that.

Edited by Phil Deakins

Share this post


Link to post
Share on other sites

OK... so I post a blog-post on my RL blog revealing my avatar loginname. BANG! And it contains RL-relevant data, not even your fault but now it does. Stupid situation, eh? But I am sure big strong Mr "I-dont-care-for-foreign-laws" will reccomend you to risk letting someone sue hell out of you because revealing the RL connection was not your fault. Yeah might not be your fault they did. Now that does not change the situation...

Edited by Fionalein

Share this post


Link to post
Share on other sites

The question isn't about blog posts. It's about anna storing avatar names, and nothing else. It isn't about storing anything that can be linked to a person. So,  apart from being silly, the situation you suggested is irrelevant.

Edited by Phil Deakins

Share this post


Link to post
Share on other sites
3 minutes ago, Phil Deakins said:

The question isn't about blog posts. It's about anna storing avatar names, and nothing else. So the situation you suggested is irrelevant.

*headdesk* No, it isn't

Share this post


Link to post
Share on other sites

No it isn't what? Not irrelevant? Streuth! If YOU post YOUR SL username in YOUR blog, that's your business. You're allowed to do that, y'know lol. But I'm just addressing what anna asked about - the topic of this thread.

Edited by Phil Deakins

Share this post


Link to post
Share on other sites

I am trying to expain to you that revealing your avatar name to the public changes the nature of the beast of every database that stores said avatar name...

Share this post


Link to post
Share on other sites

You can explain what you like, but anna asked about what she stores. That's the topic.

If you (or anyone else) want reveal your user name to the public, so that the public can link it to the RL you, then you are totally free to do that. It doesn't get anywhere near the new law. It's also off-topic.

Share this post


Link to post
Share on other sites
39 minutes ago, Phil Deakins said:

ETA: If anna will be in breach of the new law, then every SL user will be too, because we all store chat logs, even if we don't realise it, and chat logs have usernames.

Actually, no we don't, you can turn chat logs OFF, and many do, it just wastes disk storage for many of us.
 

Share this post


Link to post
Share on other sites

I'd say Phil is right.

This law would get struck down by every judge on the planet if I could make everyone here a violator of it just by saying "Oh by the way, my real name is Paul and I live in Boston."

You haven't recorded any personal information, I divulged it. There's a big difference.

Share this post


Link to post
Share on other sites
1 hour ago, anna2358 said:

<snip>

Neither of these databases contain any way of linking an SL avatar to an RL person, so probably doesn't fall foul of the GDPR.  Of course, I may be wrong, I'm not a lawyer, but I would be very interested in what people think about this.

 

But I don't want to repeat the argument in the other thread, thanks!

My database stores:  SLAvatarKey, DisplayName, Timestamp.

So I can link the display name to the avatar key, and I know the first time that that avatar appeared on my land.  I don't re-record avatars I've seen before.  And the database has never been backed-up.  I don't ask permission for this either, or issue a warning, I just do it.

I am seriously thinking of ditching the whole thing though, just to be safe.  Or maybe, delete the existing db, and re-write it to pop-up a request for permission.

Share this post


Link to post
Share on other sites
5 minutes ago, anna2358 said:

But I don't want to repeat the argument in the other thread, thanks!

My database stores:  SLAvatarKey, DisplayName, Timestamp.

So I can link the display name to the avatar key, and I know the first time that that avatar appeared on my land.  I don't re-record avatars I've seen before.  And the database has never been backed-up.  I don't ask permission for this either, or issue a warning, I just do it.

I am seriously thinking of ditching the whole thing though, just to be safe.  Or maybe, delete the existing db, and re-write it to pop-up a request for permission.

If you are worried, a purge and popup request is the best way to go, probably. Just make sure it defaults to "No" if they ignore it.

Share this post


Link to post
Share on other sites
35 minutes ago, anna2358 said:

I am seriously thinking of ditching the whole thing though, just to be safe.  Or maybe, delete the existing db, and re-write it to pop-up a request for permission.

You can do that for your own peace of mind, but you don't have to. You don't store any data about the person, and it's only the person that the law is about. So that law has nothing to do with non-personal data about avatars in SL. But do as Gadget suggested if you feel uncomfortable about it.

Or scrap the whole thing since (I assume) it's just a visitor logger that stores visitor data externally, and has no useful purpose other than to satisfy your curiosity about your avatar visitors. You could even sell that data without infringing any laws, because it contains nothing at all about any people.

ETA: Incidentally, the wardrobe thing you mentioned isn't your problem. It's the problem of the one(s) who maintain the external database. And it's not a problem for them unless they are somehow linking avatars to RL people, and storing that information too.

Edited by Phil Deakins

Share this post


Link to post
Share on other sites
4 hours ago, anna2358 said:

Neither of these databases contain any way of linking an SL avatar to an RL person, so probably doesn't fall foul of the GDPR.  

As I sell and run a visitor tracker, I paid and checked this with my lawyer a few weeks ago. Only real people are protected. An avatar is not a natural person, and the UUID we hold in our databases has no possible link back to a natural person (for us). 

As long as there is no link to a natural person or anything that can identify a natural person, then it's fine. 

But if you wish to go further then the law needs, only retain for a few days so you can search back to find the griefers.

Edited by Callum Meriman
  • Thanks 3

Share this post


Link to post
Share on other sites
27 minutes ago, Callum Meriman said:

As I sell and run a visitor tracker, I paid and checked this with my lawyer a few weeks ago. Only real people are protected. An avatar is not a natural person, and the UUID we hold in our databases has no possible link back to a natural person (for us). 

As long as there is no link to a natural person or anything that can identify a natural person, then it's fine. 

But if you wish to go further then the law needs, only retain for a few days so you can search back to find the griefers.

Callum, that is really good of you to report.  Paid advice from a real lawyer beats my amateur law-reading, any day.  I'll stick with what I've got, it works.

Only Linden Labs can link an Avatar-Key (UUID) to an account, and thence to a Paypal or Credit Card account.  So only they can see that I'm really ....

Share this post


Link to post
Share on other sites
2 hours ago, Bradford Mint said:

Casper is wrong, that text has misinterpreted the legislation, a few moments of google time will yield that GDPR result.  This has already been discussed.

Fortunately for me, their page starts 'If you do business in Second Life'.  Well I don't.  And then 'I am not a lawyer.'  Well Callum consulted one.

Share this post


Link to post
Share on other sites

If you do business, it's still very likely fine. The issue is the over interpretation about what constitutes data to a natural living person. On their own, IP addresses do not. UUID's do not. Avatar names do not.  None of these aggregated constitute data that relates to a natural living person.

Now, if you had LL's database, or collected RL info on a web page that also collected the above elements, then combined, they could be construed to constitute personal data.

Furthermore, there are reasons to collect such data which would not grant a reason for the right to be forgotten, a key one being where the data is required in order to fulfill a contract or for business purposes for audit and recording for the duration that the data is required to be maintained for.

E.g. "I just rented a car last week and now I wish for you to remove ALL the data that you hold about me - ALL OF IT!". For tax reporting purposes, some data will be retained.

"I rented a car 8 years ago, why are you still holding data about me, how is it being processed?  Oh! Just for marketing purposes which is no longer required for tax reporting?" - DELETE!

Consent to send a game message to a game client which does not represent a natural living person?  Good luck prosecuting that one.

  • Like 1

Share this post


Link to post
Share on other sites

I think a case could be made that any financial transaction, even between two people operating under an alias (avatar), could constitute personal information under GDPR. But its such a far stretch, and the ability to track down the parties involved and actually bring a complaint would seem to make the effort not worth the time. I think some of the items in Casper's message are good to note. I think shops in SL need to start thinking more like a real business and less like a hobby. A privacy policy is good, encrypting stored data in transit and at rest is good. Both of which are defenses against GDPR claims. 

i am also not a lawyer but have been reviewing GDPR for my organization. I am also a pretty heavy user of CTS Wardrobe in Second Life. In my opinion, tools of this sort don't constitute data covered under the rule. Wardrobe in particular lets you remove yourself from the system at anytime giving the end user even more control.

<soapbox>I think that GDPR is a bit over reaching in its scope. Offering a service over the internet, which can be accessed from the EU, is different from doing business in the EU. If you have a service in Second Life, with a database in the US, you are doing business in the US. If someone from the EU decides to pay for or utilize services from the business you are not doing business in the EU. No more than someone travelling to the US IRL and using a credit card at a local store here. Neither is covered by GDPR despite what the law might say, they are not doing business in the EU. Of course any one could chose to comply with the regulations because you feel its the right thing to do  , or because you might want to do business in the EU in the future and dont want to risk compliance later. I think it goes back to my earlier comment though. Create a privacy policy, encrypt your data, in general be a good netcitizen, but don't worry so much about GDPR unless you are actually in the EU and doing business in the EU.</soapbox>

  • Thanks 1

Share this post


Link to post
Share on other sites

Well thanks for making me think about it, I run/ran a blog on a big platform and as I cannot state anything on compliance (thank you for your lack of cooperation so far, multi-billion dollar internet cooperation I host my blog on.... yes they non opt in analyze my traffic for me, I cannot switch it off - so byebye blog) I will delete it just to be sure. I have no desire to be part of that first wave of hapless cease and desist victims...

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now