New Feature: Scripted Agent Estate Access Discussion

[Galaxy Littlepaws]

1 minute ago, M Peccable said:

This PII thing seems full of inconsistencies. For example, it seems to me many visitor trackers in SL is in violation. Even if the owner "opted-in" to having their user name and UUID placed in a list, all of the visitors being recorded didn't opt-in. So if the visitor counter is storing its list outside of SL, which many do, it's a potential PII violation.

I know the CasperTech security system does this. I've been wondering how that may be affected by the new policy.

[Love Zhaoying]

4 minutes ago, Rolig Loon said:

I use Tyche Shepard's gridsurvey when I'm curious about why I can't TP to a spot that I have a SLURL or a LM for.  The standard error message that pops up is not very helpful.  It only tells me what I already know: that the destination is unavailable.  If I look on gridsurvey.com I can see that it was abandoned in June 2022, so I shouldn't waste my time waiting for the servers to let me in.

That's a trivial example. Here's another .... If I wanted to name a new region, I would probably want to poke around and see whether someone else had already used the name I was thinking of or, perhaps more importantly, whether there's some other region with a name that is very close to it. I'd like to avoid naming a region Rolig Home if there's an RP region somewhere named Rolling Home, so I don't get any of their visitors dropping in to my region by mistake.

Those are fairly simple things that any resident might like to be able to do, but which would be much harder or even impossible without gridsurvey.

Good examples! Not sure what it says about the survey "marketing" that I was unaware of these basics. Could be that I'm not social enough, and some of the info travels word of mouf.

[Silent Mistwalker]

4 minutes ago, Rolig Loon said:

I'd like to avoid naming a region Rolig Home

How about Loon Lagoon?

*ducks then runs 🤭

[Quistess Alpha]

4 minutes ago, M Peccable said:

This PII thing seems full of inconsistencies. For example, it seems to me many visitor trackers in SL is in violation. Even if the owner "opted-in" to having their user name and UUID placed in a list, all of the visitors being recorded didn't opt-in. So if the visitor counter is storing its list outside of SL, which many do, it's a potential PII violation.

indeed, but all they have to do is hash the key to "fix" the issue.

[M Peccable]

2 minutes ago, Quistess Alpha said:

indeed, but all they have to do is hash the key to "fix" the issue.

Really? That's a new one on me...

I would love to hear some official confirmation on that.

Edited March 31, 2023 by M Peccable

[Quistess Alpha]

1 minute ago, M Peccable said:

Really? That's a new one on me...

if the only reason you're storing a user's key is to not double-count them, you can just obfuscate ther key before storing it on your server, then there's no PII storeed outside SL.

[Love Zhaoying]

3 minutes ago, Quistess Alpha said:

indeed, but all they have to do is hash the key to "fix" the issue.

That kind of applies to most everything, right? Not forgetting that we may not WANT them storing our info on their feelthy servers. Ew.

[M Peccable]

1 minute ago, Quistess Alpha said:

if the only reason you're storing a user's key is to not double-count them, you can just obfuscate ther key before storing it on your server, then there's no PII storeed outside SL.

Then also according to PII, I would have to hash the user name too.

[Sparkle Bunny]

14 minutes ago, M Peccable said:

I have done the same thing over a similar time period. However, that is irrelevant. Her bots, along with mine and all the other responsible bot owners, are getting swept away by all the botphobia. No exceptions, regardless of the owner's reputation or the purpose of the bots.

Well, that's what happens when others deploy bots irresponsibly and chuck all the data they can find up on a website without bothering to run it by residents, LL, or legal counsel first; not to mention the idiots with two dozen zombies parked on a platform in the sky. If they can't play nicely, nobody gets to play at all. Seems to me that careless bot runners are significantly more to blame for the situation in which you now find yourself than the residents who got tired of their Linden Home parcels getting invaded n times a day.

[Quistess Alpha]

1 minute ago, M Peccable said:

Then also according to PII, I would have to hash the user name too.

Depends on the specific use case. I don't see why the server should ~need any user-names.

[bunboxmomo]

5 minutes ago, Love Zhaoying said:

Another form of travel. Not sure I've ever personally used grid-based teleporters (needed to, for "fun", except when forced to) in my 16 years in SL. But, it's an example and I didn't exclude it. There ya go!

An edge case is still a use case.

Well heres another.

Second Life has a discoverability problem.
The way it's search algorithm is currently programmed, it popular regions have an easier time staying popular, than they do losing popularity, likewise unpopular, new or unknown regions have a harder time gaining popularity.
With the traffic system as it is, each successive point of traffic is easier to get than the point before, as alongside other things this impacts search ranking as well as people going "Oh it has a high traffic, it must be good!" as a result it is much harder to innovate and create new experiences and find a community organically for them, versus simply hanging out at the same old place.

Well, one bot network came up with a solution to this, and many in this thread won't like to hear it, but it's name was BonnieBots.
BonnieBots maintains an API endpoint of popular regions. This is updated every 60 minutes, but what makes this really good, is that it does not look for simply avatar count nor does it look at traffic, but rather it maintains an algo similar to how reddit handles voting up regions and then that decay of that vote, but it does so with popularity in the form of people there *and new people coming and going* as factors of this.

As a result, you are reliably seeing regions that have a high amount of people coming to them, rather than simply a high amount of people *in them*. This is a much better way to find popular places, because it shows you places that people are *currently* wanting to go to, rather than where they already are.

This algorithm is brilliant for discoverability and massively offsets the advantage the LL traffic algorithm gives to established communities, which in turn allows new experiences and new places to have a much better chance at life, which benefits SL as a whole, making a more diverse and rich experience across all of it's regions by massively lowering the barrier to accessibility and viability for created public land experiences.

It's important to note, that this depends on widespread adoption of BonnieBots as a way to find cool places to meet people, however the "botphobia" has naturally hamstrung that.

There's another example for you about what bot networks enable us to do.

[M Peccable]

Just now, Quistess Alpha said:

Depends on the specific use case. I don't see why the server should ~need any user-names.

To offload the lookup of the names from SL's servers. If  just the UUID is stored, then the script has to look up the all user names anytime they want to see the visitor list.

[bunboxmomo]

5 minutes ago, Sparkle Bunny said:

Well, that's what happens when others deploy bots irresponsibly and chuck all the data they can find up on a website without bothering to run it by residents, LL, or legal counsel first.

Actually based on responses of people who maintain BonnieBots in this thread, they did actually talk to LL about it and did have the go ahead from what I understand. It was apparently LL's idea to even talk about the opt out here in this forum, hoping it would help win residents over and alieve those fears, but this instead had the opposite impact.

It's ok to not like BonnieBots, but lets not engage in revisionism to asume our position is an objective truth? Subjective opinions about if you like it or not can be, and are, equally valid without having to do that.

Edited March 31, 2023 by bunboxmomo

[Rolig Loon]

9 minutes ago, Love Zhaoying said:

Not sure what it says about the survey "marketing" that I was unaware of these basics.

I don't think Tyche does any "marketing".  At least I've never seen any. Many times over the years, though, I have seen people post a link to gridsurvey.com here in the forums as part of an answer to some question ("There used to be a region named something like Fluffernutter', but I can't find it.  I think it was an Adult region, if that helps.") .  If you're weird like me, you collect useful things like that URL.   

[Quistess Alpha]

1 minute ago, M Peccable said:

To offload the lookup of the names from SL's servers. If  just the UUID is stored, then the script has to look up the all user names anytime they want to see the visitor list.

a bit off-topic, but being able to see a visitor list and being able to test an ID against the list are different. IMHO the kind of info storage needed to retrieve a specific visitor list necessarily violates PII.

3 distinct people visited on Friday, one of the people visited twice = ok,

Love, M Peccable and Tessa visited on Friday, Tessa visited twice = probable PII violation.

[bunboxmomo]

1 minute ago, Quistess Alpha said:

a bit off-topic, but being able to see a visitor list and being able to test an ID against the list are different. IMHO the kind of info storage needed to retrieve a specific visitor list necessarily violates PII.

3 distinct people visited on Friday, one of the people visited twice = ok,

Love, M Peccable and Tessa visited on Friday, Tessa visited twice = probable PII violation.

Worth mentioning that most visitor boards also email daily visit lists (I know the SHX-VWB does for example).

[M Peccable]

1 minute ago, Quistess Alpha said:

a bit off-topic, but being able to see a visitor list and being able to test an ID against the list are different. IMHO the kind of info storage needed to retrieve a specific visitor list necessarily violates PII.

3 distinct people visited on Friday, one of the people visited twice = ok,

Love, M Peccable and Tessa visited on Friday, Tessa visited twice = probable PII violation.

If that's true then a GREAT MANY ITEMS in SL are currently in violation, including attendance recorders that are used in SL classrooms and many businesses with employees that are paid by the hour.

[Quistess Alpha]

1 minute ago, M Peccable said:

attendance recorders that are used in SL classrooms and many businesses with employees that are paid by the hour.

both have implied consent, or can easily obtain consent of the people they're tracking.

[Sparkle Bunny]

Just now, bunboxmomo said:

Actually based on responses of people who maintain BonnieBots in this thread, they did actually talk to LL about it and did have the go ahead from what I understand.

I'm sure they mentioned the traffic tracking to someone at LL, yes. Whether they ran the entirety of their operation by them is not at all clear, let alone whether they consulted with anyone who actually specialises in privacy stuff. Given the amount of data that subsequently vanished from the site, it seems doubtful.

If they'd had the sense to remain within their traffic-tracking remit then most of the 'botphobia' could have been avoided. Instead, they did the usual techbro thing of doing what they could without stopping to question whether they should.

[bunboxmomo]

1 minute ago, Sparkle Bunny said:

I'm sure they mentioned the traffic tracking to someone at LL, yes. Whether they ran the entirety of their operation by them is not at all clear, let alone whether they consulted with anyone who actually specialises in privacy stuff. Given the amount of data that subsequently vanished from the site, it seems doubtful.

If they'd had the sense to remain within their traffic-tracking remit then most of the 'botphobia' could have been avoided. Instead, they did the usual techbro thing of doing what they could without stopping to question whether they should.

I don't think it's fair to blame others for people's anxious concerns.

"This is new and scary and I don't like" while totally valid, is the responsibility of the person with that response, not the person who triggered it.

When I use the term anxious, I don't mean that in a put down sense, just as in the proper term of a triggered and sustained alarm response.

From what I understand, they made efforts to try and reach out and explain this and resolve concerns, but past a certain point an assumption of threat acts as a filter to anything they tried to say.

You are perfectly valid to have your opinions of them and their operation, but it's not fair to blame them for your own fears, discomfort and worries about it when that was fueled by speculation. That doesn't make your point invalid, its just dont displace that onto others.

[xDancingStarx]

I can imagine that there is currently a lot of work offloaded to servers outside of SL simply out of efficiency reasons, or maybe because it can't be done otherwise, or because it would make the work way tougher and more expensive. I don't have a scripting business in SL but this seems pretty obvious. Casperlet is surely only one example. I'm all pro data privacy but I can well imagine that not being able to process a UUID outside of SL without explicit consent beforehand (if we're talking about GDRP we're talking about an active form of consent) is at least two steps backwards technology wise.

[M Peccable]

13 minutes ago, Quistess Alpha said:

both have implied consent, or can easily obtain consent of the people they're tracking.

I would like to know more about how implied consent works, but it seems that if the type of explicit consent required to avoid all of this can be put in the TOS that everyone has to agree to, then it would clear up a lot of ambiguity and risk.

[Scylla Rhiadra]

42 minutes ago, M Peccable said:

This PII thing seems full of inconsistencies. For example, it seems to me many visitor trackers SL are in violation. Even if the owner "opted-in" to allowing their user name and UUID to be stored in a list, all of the visitors being recorded didn't opt-in. So if the visitor counter is storing its list outside of SL, which many do, it's a potential PII violation.

The answer then is surely to not store it off-grid, or to send a message that includes an opt-in to anyone being added to such a list.

[Scylla Rhiadra]

36 minutes ago, Quistess Alpha said:

if the only reason you're storing a user's key is to not double-count them, you can just obfuscate ther key before storing it on your server, then there's no PII storeed outside SL.

I know of at least one bot-driven data collection operation that does exactly this -- and is transparent enough to say so on the project web page.

[M Peccable]

Just now, Scylla Rhiadra said:

The answer then is surely to not store it off-grid, or to send a message that includes an opt-in to anyone being added to such a list.

Neither is an acceptable answer without losing a lot of capabilities (scripts don't store large amounts of data very well), drastically increasing server load, and/or sending SL back into the dark ages by making you answer a question in a menu box that for each place you visit that has a security system or visitor tracker.

No thanks.