Some online games to shut down or limit access because of new EU privacy laws
48 replies, posted
https://www.pcgamer.com/moba-super-monday-night-combat-to-shut-down-because-of-new-eu-privacy-laws/
Ragnarok Online servers to shut down in most of Europe | RPG Sit..
I have mixed feelings about this.
The law seems to be quite effective at stopping invasive 'services' dead in their tracks, but it's also affecting some older online games where it's apparently not really economical to fix their system. The two above are to my knowledge the online ones that have announced this so far, though.
Super Monday Night Combat is still going on? I thought they killed that game a long time ago.
They had 2 years to prepare. Knowing SMNC having a low player-count .. it sounds more like an attention-cry.
https://www.youtube.com/watch?v=n5WJOncaHt4
I goddamn love the "Companies cannot use indecipherable terms and conditions" .. no more selling your soul without it being there in plain non-legal text. And no more "terms and condition" footnote-webpages .. it gotta be there.
Also other notes:
Right to access your data. (Show what they know)
if breach of data .. companies are required to notify users and risks within 72 hours.
Only collect data you need. (And tell what you're going to use them it for)
Right to be forgotten (I don't want you to keep the picture of my drunk night)
Data portability (Gotta make it obtainable to access the data)
And if you don't comply .. its £20 Million or 4% global turnover.
So no Steam .. can't "pay it off" like in Australia.
There's also https://gdpr-info.eu/art-32-gdpr/, which nicely auto-updates the security requirements. No more plaintext passwords, I hope!
Fuck yes!
I'm glad some legislators are finally giving the proper attention the internet desperately needs. The shutting down of some games may be unfortunate, but it's quite negligible for the fact that this is big step for user privacy.
I find it quite shady that they had to shut them down in the first place.
"Sir, new EU Larry requires us to be transparent with their data"
"Alright shut the servers down"
"What?"
"We can't afford the PR backlash with how we use the kids information for"
I'm amazed SMNC hadn't shut down already, the game was fucking dead years ago
Meanwhile the US is basically doing the opposite of this lmao
Somewhat relevant, but I find it both incredible and insane that while the EU are passing new privacy laws, the Danish government is about to pass a law that basically allows them to take any and all information you may have without informing you, for whatever reason and for whatever purpose.
GDPR is a move in the right direction but I'm doubtful it will have that much effect considering most people are quite happy to give up their privacy for
a service, also it's pretty much unenforceable outside the EU, even in the EU it will likely be barely adhered to by smaller companies.
The punishment for a larger company is quite considerable, it's not a simple slap on the wrist. 20m EUR or 4% of your annual revenue isn't anything to turn your nose at, plus damages for anyone who feels they were negatively impacted by the claim, PLUS it now being well known that your company doesn't remotely respect users.
Companies within the EU are currently scrambling to get their shit in line for GDPR, bit and small, because it is reasonably harmful to not comply with it. Explaining your loss of 20m EUR to shareholders isn't going to be a fun time.
I think you read that backwards.
Still, the best agreement rate Springer could get from their users was about 48% and that was with the most concise purely factual summary. Any appeals to their users to help them fund their site actually made that nose-dive, especially in video form.
I think right to be forgotten is one of the worst parts of it, but everything else for the most part was a long time coming.
Is this because some of the games in question have an "offers for premium currency" system? I am sorry to seem ignorant but that is the only thing I could see being a factor. Especially since Offers for currency pretty much IS selling user data, only by having the user fill out the form for them.
If that is the case then I could totally see older free to plays having to shut down. Switching back to a subscription system would kill them many times over.
Most legit western companies already have major external audits, its just a few requirements they add to an already massive list I'd imagine
So I did. Whoops!
I'd still say, compared to previous attempts at similar legislation, this one might be scarier than most to try and avoid. Big or small.
talking about small businesses here
They've always had to comply with mandatory audits though, part of the reason many small businesses moved to the cloud was that it was easier to keep compliant.
What?! That's fucking insane. It might be a good idea to post a thread about that in Polidicks if there isn't one already?
It's less that and more that GDPR places a lot of new responsibilities on websites and services.
-They have to appoint a Data Officer
-They have to allow users to retrieve all data about themselves stored on the website; this is not an easy thing to do, nor is it cheap. The data can be quite scattered, and piecing it together into a human-legible format is a very large new burden.
-They have to allow users to delete all data about themselves stored on the website; this, personally, is a ridiculous requirement. Does a ban record count as "personal data"? How can they reasonably prevent cheaters if anyone can just delete their data, which requires you delete everything that identifies who has broken the rules.
GDPR has some very negative and expensive effects for legitimate businesses who were not misusing data. For some -- like with SMNC here -- it's cheaper to simply pull out from the EU than deal with the new requirements.
For those curious about the 10m EUR / 2% annual global revenue, and how much of a difference that split makes, Facebook's global revenue in 2017 was $40bn , which converts to 34bn Euro. If Facebook were hit with just that 2% penalty, they would end up paying 680 million Euro. Which is 68 times greater than the 10m penalty.
Having that split is an amazing thing, and I wish more penalties had it. 10 million Euro sounds like a metric fuckton of money, until you realize that against companies like Facebook, where 10m Euro is less than 0.03 percent of a single year's revenue, that's literally less than a single drop in the bucket for them.
its killing tunngle too which i used a hell of a lot to play LAN games easily with friends
Tunngle
You should place your faith somewhere else
What the fuck, noooo
Its likely that they were harvesting the crap out of your data and selling it off willy nilly, any product which is free etc
GDPR just ensures that companies don't share and mess with personal data. Like how google-software now runs on nearly every website and tracks you.
Cookie notifications now need a box to click yes to before saving cookies. Where before you could just imply the website saves cookies. (No more implied consent).
You need a policy for what data you save and what you use it for (incl cookies). In non-legal text. (What, why and if there is third-party links like google aralytics).
Avoid storing data .. if you do at least encrypt it. (You don't need to know a persons post address if you got a chat-forum)
No per-ticked boxes. People have to consent. (No more implied consent).
Think "opt-in" when applying these changes to your web-server.
The right to be forgotten only applies if the personal data is no longer
necessary in relation to the purposes for which they were collected or
otherwise processed.
No .. you can keep a ban as long its minimal data like email and/or ip .. until your service stops.
You're only required to have a data officer if you work with certain things like; Cloud-service. Since companies have been shown to store data in plain-text and ignore data-protection.
These are excellent points and I appreciate the clarity you've provided.
However, my point still stands that GDPR brings with it extra expense and responsibilities that, for certain companies, do not justify operating within the EU.
SMNC is an old game. It likely has a very small playerbase. The expense of making SMNC GDPR-compliant was probably not at all worth it.
I didn't really care since the service they provided is top notch.
Complying with the GDPR is hardly expensive even for a small company:
Consent: Make a new registration form, add some checkboxes, etc.
Data access: Most data is likely in a database already, just collect and send to the user.
Right to be forgotten: Add an option to delete an account, doesn't even need to be automated.
Privacy by design: No effect on existing software
I get the feeling that most of the companies complaining are the ones that are actively selling user data, and it's not like they was not given enough time to comply, they had two whole
years to sort their shit out.
Sorry, you need to Log In to post a reply to this thread.