New data protection Laws avatar line hud breaking them?

[Kyrah Abattoir]

Well you know, you neighbors have to make sure that you are who you claim to be. They alsogotta figure out your routine so they don't mow the lawn when you're home, gotta be able to recognise your car in case of theft, etc etc

[Bradford Mint]

Nah, as far as SL is concerned, it's just paranoia.

It's overly dramatic to equate the function of an LSL script or group membership option to RL behaviour.

[Callum Meriman]

On 7/15/2018 at 3:22 AM, L0leta said:

Validate what claim Bigmoe putting words in my mouth is not a good thing to do .. i was asking simple question i guess u either have one or  you make them huh ?

It's not hard to make these things...

// Who shall we watch?
string sMonitor  = "Callumn.Meriman";

// How often (seconds) shall we check if they are online?
float UPDATE_INTERVAL = 5.0; 

// ====================================================================
// Don't change anything below here unless you know what you are doing
//
key UUID;
key nameQuery;
key onlineQuery;
integer toggle;

updateStatus(string s)
{
    if(s == "1") {
        if (!toggle) {
            toggle = 1;
            llPlaySound("fc372181-20ea-8180-28b8-bc84c36df065", 1);
            llOwnerSay(sMonitor+" is now online");
            llSetColor(<0,1,0>,ALL_SIDES);
            llSetAlpha(1,ALL_SIDES);
        }
    } else {
        if (toggle) {
            toggle = 0;
            llOwnerSay(sMonitor+" is now offline");
            llSetColor(<1,0,0>,ALL_SIDES);
            llSetAlpha(.2,ALL_SIDES);
        }
    }
}

default
{
    state_entry()
    {
        nameQuery = llRequestUserKey(sMonitor);
    }
    
    on_rez(integer n) {
        llResetScript();
    }
    
    changed(integer change) {
        if (change & (CHANGED_OWNER | CHANGED_INVENTORY)) {
            llResetScript();
        }
    }
    
    dataserver(key req, string data) 
    {
        if (req == nameQuery) {
            UUID = (key)data;
            llOwnerSay("Now monitoring "+sMonitor+"'s online status");
            llSetTimerEvent(UPDATE_INTERVAL);
            return;
        }
        
        if (req == onlineQuery) {
            updateStatus(data);
        }
    }
    
    timer()
    {
        onlineQuery = llRequestAgentData(UUID,DATA_ONLINE);
    }
}

 

Edited July 18, 2018 by Callum Meriman
Changed the name to monitor

[Tari Landar]

7 hours ago, Lancewae Barrowstone said:

NO, the OP's concern is NOT paranoia.  It's, in fact, sensible.



IF you noticed someone watching your home, recording every package delivered to your door,  noting all the mail going in and taken out your letterbox,  jotting down the times when lights go on or off in certain rooms,  watching when your car leaves the driveway and returns, and maybe where your car goes,  etc, and indeed, etc.   Well, that is the world of today which to many of us became utterly predicable and apparent years ago in the meteoric rise of Google and it's ilk.  All those much touted sweet "freebies" we could download for neat applications, and yes I remember the birth of the famous Gmail that we were all urged by the great tech pundits of the time to quickly go get one while they are still available!  Hah!  And so now it seems most the world has one of those including some high uppity leaders and/or consultants, who should know better.  Finally today, even the general public seems to realize the behemoth giant data vacuum-cleaners at work out there gathering all they can from us. Facebook, et al.   And rather a bit too closely resembling the fantasy image above of the mysterious car with blackened windows that stays in front of your house.  And you suddenly begin to wonder is it there in traffic behind you...,  oh! is that it?  Did I just glimpse it there?  Is it not?  Am I going crazy?



No.  You are not crazy, and neither are you paranoid. You are awake.



Is this Legal?  I can't say.  But we are sensitized to it enough now to know that it is CREEPY.

Ok, I've had a super bad day...can someone explain what ANY of this has to do with someone knowing you are online using your very PUBLIC UUID?

For that matter, can someone explain how someone knowing you are online, again using that same very public UUID, is a violation of one's privacy? 

I'm befuddled. 

[Madelaine McMasters]

36 minutes ago, Tari Landar said:

Ok, I've had a super bad day...can someone explain what ANY of this has to do with someone knowing you are online using your very PUBLIC UUID?

For that matter, can someone explain how someone knowing you are online, again using that same very public UUID, is a violation of one's privacy? 

I'm befuddled. 

I certainly can't explain what ANY of that has to do with SL, Tari.

But, if I explain that it's not you that's befuddled, does that help?

[Madelaine McMasters]

8 hours ago, Lancewae Barrowstone said:

IF you noticed someone watching your home
My home is in inventory, which is big enough to hold it (and the planet Saturn), but too small to hold a human (or a virus). I'm not worried.

recording every package delivered to your door
My purchases are delivered to inventory. I'm not worried.

noting all the mail going in and taken out your letterbox
My SL messages are forwarded to a yahoo e-mail address unconnected to my RL self. I'm not worried.

jotting down the times when lights go on or off in certain rooms
There are no lights in my one room home (which is in inventory). I'm not worried.

watching when your car leaves the driveway and returns, and maybe where your car goes,  etc, and indeed, etc.
I have no driveway. I drive a homebuilt spaceship (no VIN to track), which teleports at the speed of light (when it's not in inventory). I'm not worried.

Well, that is the world of today which to many of us became utterly predicable and apparent years ago in the meteoric rise of Google and it's ilk.
There is no Google inside SL (have you tried searching for anything here?). I'm not worried.

You are not crazy, and neither are you paranoid. You are awake.
And when I'm not awake, my avatar is in inventory. I'm not worried.

 

[MoiraKathleen]

I fail to understand how someone knowing whether my avatar is online or not is a violation of my real life self privacy.  I don't have information in my avatar's profile that personally identifies my real self.   I'm not familiar with the HUD or other scripted items that return an avatar's online status, but I have not considered that piece of information as private, because I know that it can be shown in group member lists.  So I wouldn't consider it a data protection law rule breaker. 

 

[Phil Deakins]

Summary:

The OP asked a sensible question. Correct answers were given, the answers being 'no'. The OP hasn't been back for a while, so it can be assumed that s/he has finished with the thread, having got the answer.

 

Comment:

Whether or not the answer was the one that the OP wanted or expected is known only to the OP, but I suspect it is not what s/he wanted.

Edited July 18, 2018 by Phil Deakins

[Callum Meriman]

1 hour ago, Phil Deakins said:

Summary:

The OP asked a sensible question. Correct answers were given, the answers being 'no'. The OP hasn't been back for a while, so it can be assumed that s/he has finished with the thread, having got the answer.

 

Comment:

Whether or not the answer was the one that the OP wanted or expected is known only to the OP, but I suspect it is not what s/he wanted.

Future:

In three years someone will necro this thread with a single word reply.

[Qie Niangao]

5 hours ago, Callum Meriman said:

        nameQuery = llRequestUserKey(sMonitor);

 

How very modern !

(In fact, I only recently changed all my own private creepy stalker spy scripts to use the new function, until then forgetting I had anything that still queried Name2Key.)

[Kotelle]

Just a question, out of curiosity, does this hud display that I am online, even if I use a feature that allows me to appear as offline? If it does, then all these features are... useless?

[Qie Niangao]

29 minutes ago, Kotelle said:

Just a question, out of curiosity, does this hud display that I am online, even if I use a feature that allows me to appear as offline? If it does, then all these features are... useless?

Scripts can always tell if you're online or not (subject to delay, vagaries of the Presence system, and alignment of the celestial bodies). So yeah, there's no true hiding one's online presence, but you can use those settings to reveal to others that you'd like to be thought of as being offline.

There's a whole complicated reason why scripts kinda need to know this, which I frankly forget now. I think it's something to do with being able to deliver something (inventory? messaging?) when somebody finally comes back online after being absent when the delivery was planned. I vaguely recall this requirement somehow a function of throttles that were put in to prevent griefing, but that may be wrong.

[Phorumities]

7 hours ago, moirakathleen said:

I fail to understand how someone knowing whether my avatar is online or not is a violation of my real life self privacy.  I don't have information in my avatar's profile that personally identifies my real self.   I'm not familiar with the HUD or other scripted items that return an avatar's online status, but I have not considered that piece of information as private, because I know that it can be shown in group member lists.  So I wouldn't consider it a data protection law rule breaker. 

 

years ago there were six checkboxes beside each name on your friends list. 3 you controlled and 3 your friend controlled.

show when im online

show my location on world map

allow friend to edit my stuff

you could also see which checkboxes your friend had checked

however LL decided that you being able to see if your friend was hiding their online status from you was a violation of their privacy, so that checkbox is no longer visible to you.

the online tracker hud overrides the privacy of being able to hide your online status.

[Maitimo]

On 13/07/2018 at 9:00 PM, L0leta said:

I would like to know is the Avatar on line hud breaking the New EU Data Protection Rules.  Because if someone is scanning me daily and collecting data on me then i feel it is invading my privacy.

GDPR regulations refer to personal data. This is defined by law as data which can identify a real, living person. It means your real name, your real address, your date of birth, your gender. It also includes such things as your religion, political affiliation, your health, marital status, credit rating and whether you are a member of a trade union.

Note: real, living person.

People who are deceased do not count. Gaming characters and avatars etc do not count. Online usernames do not count. Pseudonyms do not count. IP addresses do not count.

Unless Avatar Online is collecting real names and real addresses then no, they are not breaking the GDPR.

(Management of personal data is my real life job).

Edited July 18, 2018 by Matty Luminos

[MoiraKathleen]

2 hours ago, Phorumities said:

however LL decided that you being able to see if your friend was hiding their online status from you was a violation of their privacy, so that checkbox is no longer visible to you.

the online tracker hud overrides the privacy of being able to hide your online status.

I would think that being able to see if one of your friends was hiding their online status from you, that it would certainly be a drama-maker.

It's been my understanding though that you can't completely hide your online state - you can check the box to restrict your online state to just friends and groups, and then turn it off for each friend on your friend list, but that still leaves groups being able to show your online state, and people sending you IM's may not get the "user is offline... " message so may deduce that you are in fact online.  Because of all this I don't see the online tracker HUD overriding anything that was truly and fully hidden and private.   

[Fionalein]

1 minute ago, moirakathleen said:

I would think that being able to see if one of your friends was hiding their online status from you, that it would certainly be a drama-maker.

You can and it is... just ping them with a message. 

[Maitimo]

2 hours ago, Phorumities said:

years ago there were six checkboxes beside each name on your friends list. 3 you controlled and 3 your friend controlled.

show when im online

show my location on world map

allow friend to edit my stuff

you could also see which checkboxes your friend had checked

however LL decided that you being able to see if your friend was hiding their online status from you was a violation of their privacy, so that checkbox is no longer visible to you.

the online tracker hud overrides the privacy of being able to hide your online status.

Wasn't this on the Emerald viewer, or Phoenix? And it was one of the features that contributed to the viewer getting banned? I seem to remember some drama about privacy on one of the 3rd party viewers.

[Phorumities]

23 minutes ago, Matty Luminos said:

Wasn't this on the Emerald viewer, or Phoenix? And it was one of the features that contributed to the viewer getting banned? I seem to remember some drama about privacy on one of the 3rd party viewers.

it was phoenix and singularity. for a while you could even see which viewer people were using.

[Phil Deakins]

39 minutes ago, Matty Luminos said:

Wasn't this on the Emerald viewer, or Phoenix? And it was one of the features that contributed to the viewer getting banned? I seem to remember some drama about privacy on one of the 3rd party viewers.

It was in the LL viewer. Other viewers had it because they used (and still use) the LL viewer code.

Emerald was banned because every time someone logged in with it, it accessed a completely different server as it did so - a competitor's server. The code that did it was hidden from most of the Emerald's developers, so they weren't aware it was happening. One of them discovered it and blew the whistle. It was described as a DDoS attack on the other server, but it was never that. A DDoS attack needs a massive number of accesses to achieve it, and there's never been anywhere near that number of Emerald logins at around the same time.

Edited July 18, 2018 by Phil Deakins

[LittleMe Jewell]

1 hour ago, moirakathleen said:

I would think that being able to see if one of your friends was hiding their online status from you, that it would certainly be a drama-maker.

One girl I knew was so worried about people not being honest with her (as if she'd ever really know everything in an online world) that every time she logged in, she'd send a "Hi, how are you" IM to everyone on her friends list that showed offline.  If they were really online, she dropped them from her friends list.

[Love Zhaoying]

2 minutes ago, LittleMe Jewell said:

One girl I knew was so worried about people not being honest with her (as if she'd ever really know everything in an online world) that every time she logged in, she'd send a "Hi, how are you" IM to everyone on her friends list that showed offline.  If they were really online, she dropped them from her friends list.

Hmm..remember the old bug where a friend showed offline until you IM'd them, then they would show online suddenly?  I wonder how many times she mistook that bug for friends "hiding"?

[Bradford Mint]

2 hours ago, Matty Luminos said:

GDPR regulations refer to personal data. This is defined by law as data which can identify a real, living person. It means your real name, your real address, your date of birth, your gender. It also includes such things as your religion, political affiliation, your health, marital status, credit rating and whether you are a member of a trade union.

Note: real, living person.

People who are deceased do not count. Gaming characters and avatars etc do not count. Online usernames do not count. Pseudonyms do not count. IP addresses do not count.

Unless Avatar Online is collecting real names and real addresses then no, they are not breaking the GDPR.

(Management of personal data is my real life job).

Hmm, you might want to brush up on that then for your RL job because GDPR Article 4 contradicts your position as do many other interpretations.  We had a far more fun thread on this recently which you may have missed.

https://gdpr-info.eu/art-4-gdpr/

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/

To us, inworld, we don't have the ability to identify the real natural person from the inworld only data, thus to US, the data would not fall under GDRP.  To LL however, an avatar name, an IP address can constitute personal data because it CAN be related to a natural living person. The subtlety being whether the avatar name, UUID, IP address etc. CAN relate to... etc.

For what it's worth, I am encountering very few people who have correctly implemented GDPR so far yet, many of whom have changed their website T&C to boilerplate "We comply with GDPR" etc. yet you can sail a battlefleet armada through the gaps.

Priceless one currently so far underway, I was booking a parking space at an airport. Their default to receive marketing spam was blank requiring the visitor to positively opt out.  That's a GDPR "no no". I phoned them up, purely to be helpful and advise them that they needed to change that. They were positively difficult about it so ended up getting served an SAR. Two days later, even though I had opted out, I was sent a marketing spam email!

Their response was that their legal reason to process my data was to further their business activities.  You couldn't make this up.

So, in addition to them being bloody minded, they got the next salvo of me upgrading the data that I required, to include CCTV images captured by them.

They no doubt thought they would be smart and replied back pointing out that they would need date, time, location, my appearance etc. to assist them.  No problem!  Guess where I was the next day on a trip...same airport   It passed the time, logging my journey through the terminal just so that I could provide a full narrative about my passage past all their cameras, now some bored CCTV operator has to trawl through that to respond to my somewhat vexatious request.

All the time, starting out by pretty much demanding that I fill in their SAR form, which I pointed out I do not need to fill in, the form even states (correctly) that the completion of it is not required.

Fun today, they  sent me a form to the car park operator for that bit of the SAR completion.  Car park operator had no clue, yet again, claiming to be compliant, demanding their form be completed, demanding that I MUST submit the request in writing.  I pointed out that I could submit it to the toilet cleaner if I chose to, or via email or social media too.

GDPR is being given lip service by many companies from my experience and those who think they are set up, simply are not.  The most successful response was from a previous employer who proudly sent me 14 pages of paper with their privacy policy, how your data is processed etc.  They stated that data was only kept for 7 years etc.  Then managed to find my HR records from 10 years go, somewhat blowing that policy statement out of the window.  When served with a Right to Erasure request with audited proof...can't do that because it's in one backed up database and they can't delete individual records.  So, that's waiting for another 6 months before that goes poof. Oh and this is a major company which has to meet stringent compliance requirements beyond just data protection.

37 minutes ago, LittleMe Jewell said:

One girl I knew was so worried about people not being honest with her (as if she'd ever really know everything in an online world) that every time she logged in, she'd send a "Hi, how are you" IM to everyone on her friends list that showed offline.  If they were really online, she dropped them from her friends list.

She did her "friends" a favour by removing her paranoid self from their association.

[Ivanova Shostakovich]

   This would be akin to someone in real space having some device that could tell them, whatever distance separated us, whether or not I am alive at any given moment. Wait.... there's a joke in there... somewhere.

[L0leta]

Thank you Lancewae i appreciate you input is creepy ^^ when someone in SL is noting when i was logging in and out every day all day .. some people truly  do need get a Life a proper one.  Thank you all to everyone for giving me good advise regarding this new privacy laws just recently brought in.

Edited July 21, 2018 by L0leta
added input

[bigmoe Whitfield]

So this still is alive...  at this point I'm chuckling to myself more and more at all the replies, while I'm not going to change how I collect data within SL,  I did change my website to reflect that I am following it, least for those it applies too.