Tjay Wicken

https://www.tilia.io/legal/terms-of-service “Effective July 29, 2024”

Brought to you with the help of Claude AI: Effective Date: Old version: November 20, 2023 New version: July 29, 2024 Section 9.2 Termination for Cause: Old version: Included a paragraph about providing notice and reasons for refusal of transactions, and procedures for correcting errors. New version: This paragraph has been removed entirely. Section 9.3 Termination for Convenience: Old version: Included a paragraph about lifting suspensions and completing transactions once reasons for refusal no longer exist. New version: This paragraph has been removed entirely. Section 9.5 Termination - General: Old version: The paragraph about re-completing identity verification procedures was in the middle of the section. New version: This paragraph is now at the end of the section. Section 12.4 Limited Liability: Old version: Mentioned "service Publishers" in the list of parties not liable for certain types of losses. New version: The term has been corrected to "service providers". Section 13.1 Notifications of Dispute: Old version: The mailing address for dispute notices was "Tilia Inc., 548 Market St. PMB 59201, San Francisco, California 94104-5401 US". New version: The company name has changed from "Tilia Inc." to "Tilia LLC" in the mailing address. Throughout the document: Old version: Referred to the company as "Tilia Inc." in several places. New version: All instances of "Tilia Inc." have been changed to "Tilia LLC". Edit: To sum it up (my interpretation): 1) Before they had to give you notice and reason for refusing a transaction and tell you how to fix it. Now they no longer need to. 2) Prior to the change, they had to lift your account suspension and attempt to complete the transaction once reasons for refusal had been remediated by you, but as they no longer need to notify you, they no longer have to attempt completing the transaction again either. 3) Moved a paragraph around, corrected typos as well as changing to Tilia LLC from Tilia Inc.

Third-Party Risk Management. While it does not translate to any direct skill benefiting my SL, I do like to think that the personality traits and practical skills it has brought me (and continues to) benefits myself and hopefully others in some capacity.

That's indeed afoot.

I'm usually not one to speculate, but it could sound like a companywide training. From my own past experiences that's usually a result of some kind of incident, especially if said training takes place in the middle of the summer where there's already going to be a higher level of absence.

Can't wait to get my SL Blue checkmark

Likely to keep the spamming and phishing bots out.

Yeah. Ultimately, I would probably recommend just sticking to paying staff manually. Besides Caspervend I wouldn't personally want any script outside of my control having any access to my lindens.

The L$ does not really work that way. They are not considered an object in that sense, and you wouldn't be able to "put them" in any object. One way you could imitate that behavior would be through a script, but ultimately, you would have to grant the script access to debit your (or a "bank alt's") permissions to debit your Lindens. Not sure if there's already a script that does what you want on the marketplace, but you could check. Otherwise, you would need to get someone to write a script like that for you. If you go that route, please be careful and ensure that it's someone who knows what they are doing and someone you trust.

I honestly don't get why you are so upset or what your problem really is. I want to make it clear that I have never - and will never for that matter - use those words. If you feel I have been replying to you in any derogatory capacity, then I'd very much like you to point out where, and when. Should I explicitly have stated that it wasn't used in games at the time of its initial conception? Yes absolutely, and that's on me. We can probably have a discussion from now and until the end of days of what art is, but what art is, is neither for me, nor you to define - that's for the artist expressing themselves to define. We can then either agree with it or not. You cannot possibly deny the fact that the PBR implementation has given creators a wide range of new possibilities of defining the look and feel of their textures, and with the upcoming option to import scenes, the creators will have even more capability of defining their creations.

Excuse me, I am not a spammer. You're constantly crossing the line - and repeatedly. You continue to call people for elitist and use degrading language constantly in your replies.

I'd be happy to respond to each section, but your attitude is extremely degrading, and you appear to be resolute on Linden Lab being able to improve the implementation. Have a wonderful day!

I did not say that it had been in use that early, I wanted to make it clear that PBR is not a new idea. Why is it inherently unsuitable? To me, Second Life is, if anything, one of the most suitable examples as user creation one of the core elements of the platform. PBR allows creators to truly define how their creation will be perceived visually to a degree that wasn't really possible with Blinn-Phong. Did it take a while? absolutely but the benefits it brought made it worth the struggles IMHO. While I don't believe that the PBR performance within Second Life is ever going to be comparable to a game comprised of highly optimized assets, the performance is going to improve. Regardless of the used rendering system, it is always going to be an uphill battle to highly optimize the performance when creators have no restrictions imposed for the optimization of the meshes and textures they bring into SL.

Massive improvement, but the new Privacy Policy and Legal Notice also raises a few new questions. Need to review and digest the changes a bit further before I'll provide any detailed comments, but certainly an improvement. But that being said, at least there is now a lot more transparency and that is very positive. Update: A minor precision is necessary. I retract my old statement regarding SmartBots as it is clearly only used to fetch the UUID using the legacy name.

Apples and oranges. Neither Meta, Youtube, or X requires a Second Life account to sign up. Primfeed does. Primfeed's primary and only target audience is the users of Second Life and you cannot sign up for, nor use the platform without a Second Life account, and in my opinion, this differentiates it from essentially any other social media platform in this aspect. Edit: And for what it is worth, I am not suggesting Linden Lab cannot use the platform. I am just requesting an official stance on the platform from their perspective, I believe this would be instrumental in allowing their users to make an informed decision on whether to use it or not.

Can we at the very least request some kind of stance from Linden Lab on the platform? Linden Lab appears to have registered an official Second Life account on the page and is actively using it to promote events. That on its own can be seen as an approval or at the very least a stamp of approval from the Lab and I feel the users deserve more transparency from Linden Lab on what the official stance is, especially as there are tens of thousands of users (and in turn, Second Life customers). Thank you.

Not presumably. I for one can say with certainty that he must. I work with GDPR compliance auditing professionally and I would happily validate that with a Mole or Linden if they reach out. Data privacy is not something you figure out along the way, there are already tens of thousands of data subjects using the service and while I cannot speak for other legislations, the GDPR does not provide any grace periods - if you're not ready to be compliant, you are not ready to run your social media service. The fact that Luke is not answering inworld contact attempts regarding this matter, nor taking any time to participate in the discussion on this forum does not exactly convey commitment. The terms of service have not been updated for 29 days to provide data subjects with better insight into what is going on, and at this point it is clear that there is a concerning lack of information provided. The vast majority of the items pointed out by others, and I can easily be rectified. As mentioned further up in this response, there is no grace period for being in compliance with the GDPR and if Luke for whatever reason cannot rectify the lack of privacy transparency and controls pointed out in a timely manner, then the processing should at the very least halt until he is in a position to make the rectifications.

It’s not a matter of anything being overblown, it’s a matter of a website potentially breaking the law. in some parts of the world, and especially in the European Union, privacy is a fundamental - and legal right.

With the other settings you are more or less adjusting or fine tuning the features of the PBR system. PBR is so much more than just the textures and reflections, it is now the underlying mechanism for rendering the world, impacting everything from how light is calculated to how shadows are formed - including how light and shadow changes the perceived view of the objects. While PBR is new to Second Life, it is and has de facto been the standard for rendering in 3d applications and games for many years at this point and something which has been around since the 80s! I think everyone had hoped for a better transition and launch, I am certain that performance is going to improve for many of those being impacted now, however the reality is also that there are a lot of users that are running well below the recommended hardware specifications and in some of those cases, the situation is likely not to improve until they upgrade - but again, for a lot of people performance will be improving in the coming weeks and months.

I still see many submissions under Feature Requests relating to people being unhappy with PBR. Being able to turn off PBR is not a viable option and something I doubt LL wants to pursue as we would just end up in another situation akin to people disabling the advanced lighting model. With PBR however, having the ability to disable it would result in a much worse experience for the ones opting to do so in the long run as creators will gradually stop adding Blinn-Phong textures.

It goes even further than that as the Canny SDK also stores a unique token in your browser's local storage, which in turn appears to be used to identify you on the Canny/Feedback (feedback.primfeed.com - a CNAME DNS entry pointing towards cname.canny.io) which once visited, effectively transfers at the very least your avatar name to Canny. Not only should this be clearly defined in the privacy policy, but it should also be possible to opt out from through a cookie consent form in accordance with the ePrivacy Directive as it is absolutely not essential for the functionality of the website. Edit: After revalidating the above, it may not be the correct order of the events, however the same logic still applies. Additionally, a Canny user also appears to be created on your behalf with a non-existent e-mail address. This is another potential violation as I as the data subject have no access to withdraw that consent, nor do I have any ability to exercise my rights via Canny as I have no effective means if evidencing that this account created on my behalf belongs to me. Update 2: I have lodged a complaint with Canny as a potential violation of their terms of use and privacy policy, they have acknowledged the complaint and assigned it to their operational team for investigation.

Thanks! all valid points and I will include these.

Following my initial forum reply a bit further up in this thread about my GDPR compliance concerns with Primfeed, I wanted to provide a quick update. Despite communicating my concerns directly to Luke Rowley, I have not received any response or any indication that these issues will be addressed. As a result, I have decided to escalate the matter by lodging formal complaints with the relevant data protection authorities. I am going to be filing complaints with the following authorities: Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten - IMY) Commission Nationale de l'Informatique et des Libertés (CNIL) I believe it is important to take these steps to ensure that my own, but also other European data subjects' data privacy is protected and that Primfeed operates within legal requirements. If any other European residents feel concerned about the protection of personal information in relation to Primfeed, I strongly encourage you to lodge a complaint as well, you can do this either through your local authority, or any of the available EU data protection authorities - In my case I will be lodging a complaint with the Swedish and the French authorities. At the end of the day, I still hope that Luke can succeed with Primfeed. However, the lack of response, action or any communication around the concerned matter leaves me no other option but to take this route.

Reading through the post here, I see a lot of concerns about the compliance with GDPR (and potentially other privacy legislations, especially those "inspired" by the GDPR, such as LGPD in Brazil). I work professionally with GDPR compliance and audits, and while I see a clear attempt at compliance through the Terms of Use, it is far from enough. While I have a lot of concerns, and I have communicated these to Luke already - there are a few that stands out as severe and something that needs corrected without undue delay is: Data Protection Officer / Identity and contact details of the controller Data Protection Officer is operating under a pseudonym and there are no conventional methods available to contact the entity or person acting as the controller. Based on previous experiences, this would almost certainly be considered non-compliant with the GDPR’s principles of transparency and accountability. The regulation expects the DPO to be a real, identifiable person to whom data subjects and authorities can reach out. Transparency and Disclosure Not all information collected and processed is listed under the Terms of Use. Security Measures not defined Primfeed allows the users to define a password which they can use instead of the OTP, but the users are not informed of any controls in place to protect the data, such as whether it is encrypted and if it is stored securely. Data Subject Rights In my opinion, Primfeed does not provide the users with appropriate methods of exercising their Data Subject Rights as the only listed method of contact is through IMs and notecards inworld. If a user for whatever reason is unable to access their Second Life account, then they will also be unable to exercise those rights. At the end of the day, I hope that Luke can succeed with Primfeed and if he hasn't already, I strongly urge that he obtain legal advice on compliance, not just in terms of GDPR but also other legal regulations around the world. As the social media relies upon - and is built around - Linden Lab's service and IP, I would also urge Linden Lab to engage themselves as any incident involving (the already widely used) social media could also impact their reputation indirectly as well as the confidence of their users - even if the service is not indorsed or provided by LL.