Unity caught spying on developers using the editor - Sensationalist Headlines

I remember using ent_fire to trigger clientside commands on people with sv_cheats 1, but this is so immature, even by my standard. I'd crash people's games by setting their mouse sensitivity to 99999999. lol.

I have yet to see anything personalized so far. Even the e-mail in question looks like identifying information was not filled in or was stripped from it. If they're just blindly contacting anyone who has x amount of idle minutes in the editor, that's not really 'not anonymous'. They'd have no idea who they're contacting. The information itself might've come from an individual source, but it wasn't recorded in an individualized manner. Again, where's the beef?

If it's supposed to be anonymous why are they making it look like a real person like a fucking spam bot Even if there's nothing wrong with it it's stupid as hell.

I don't disagree it's stupid. It could very well be a real person. Just like you never get to see the internals of who you're contacting whenever you do a website 'contact us' form, these support staff members may just be assigned to people with the awareness that they'll be getting e-mails back from random people and their job is to attempt to retain them or assist them as they may be encountering difficulty using the editor.

They contacted his private email? How did they get that if the data being sent is anonymous? Pulling the email from whoever is logged in is not anonymous lol

The e-mail associated with his account which is linked to his copy of Unity. If the identity of the person behind the account is obfuscated from anyone who might be able to see it, I don't know how that's 'not anonymous'.

Sending strange emails aside. https://files.facepunch.com/forum/upload/237427/155a3438-d07f-4ba9-b69c-21a107a6e520/image.png He didn't replace it. I would have chewed him out for this one.

If it's an automatic survey tool sending the messages then I guess it's okay, albeit possibly pestersome As long as they aren't personally watching your editor as the tweet makes it seem. That wouldn't be acceptable.

Well, it IS useful for the guys at Unity who try to improve their Editor. That way, they have an insight of how people use which tools and how they use them and try to improve the usability, since barely anyone sends feedback to Unity or fills out their surveys. It's not like they actively look inside of the editor, seeing every step you have taken, a lot of this is automatized and your workflow is documented and sent back to Unity for evaluation.

User Experience design wpuldn't be where it is today without analytics. Sure, getting live user testing is also a very valuable tool, but it is far from the only one. Designers find usage statistics to be very valuable, but of course doing it ethically is very important.

An e-mail is personally identifiable information.

This email wasn't sent because the recipient left their editor open, lmao. Correlation != causation. I got the same email on the same day, as I've already stated. https://files.facepunch.com/forum/upload/107231/9b0ce972-4953-4bc7-a05b-cb52dc61d1a6/image.png

I remember changing peoples keybindings in Gmod. Had a blast by changing peoples W to kill-command. I also made spacebar say stupid stuff like "Please BAN ME NOW" etc. Their confusion was absolutely hilarious to watch. Then I changed the bindings back and I bet they lost some sleep wondering what the fuck is going on.

I don't even necessarily disagree with you but you should really take a step back and consider the way you argue. You argued much the same way in another thread regarding something about copyrights and it does far more harm to your own argument than anything. You tend to come across as a zealot which basically guarantees people are going to refrain from listening to you no matter if you have valid points or not.

How? If nobody knows what your e-mail address is, how have you been identified? Are you saying they shouldn't keep any e-mails at all? Even Facepunch has your e-mail.The issue isn't that they know what your e-mail address is (because you gave it to them) - the issue is them distributing that e-mail to others. If nobody sees your e-mail address then how was your personally identifiable information distributed?

Then it may have been a true mistake on my part, but "sperging" out about a company spying is not inane.

I assume you're similarly outraged by Facepunch tracking the time you spend here on the forums in order to generate coins for your account?

It's not the same, as that is public information. You are making it sound as if tracking time is the only thing unity does.

In this case, that's literally all that's been done here. They tracked idle time. Idle time exceeded a particular value; therefore the system sent out an e-mail to try and get that developer hooked up with someone to provide them assistance. Where was their information publicized? Did it tell anyone how much time they spent in idle? Did it tell them their name? Did it distribute their e-mail account? Did it identify them in any capacity other than that they'd spent some time with the editor open but with them not doing anything?

People have a right to privacy, it doesn't matter how basic the data is, if it has personally identifiable information it has to be protected and under the GDPR this includes access to the collected data, which unless I'm missing something there is no provision for currently other than contacting Unity, this is even worse when it comes to games since the user is not provided the unique identifier to request data unless the developer implements the Unity data privacy plugin, of course this then becomes the developers problem but Unity should be taking steps to help developers comply, other than releasing a plugin Unity have done very little and continue to collect data, it is an obligation for Unity to assist developers to obtain compliance as outlined in article 28 (3)(e): taking into account the nature of the processing, assists the controller by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the controller’s obligation to respond to requests for exercising the data subject’s rights laid down in Chapter III;

I don't think anyone's arguing in this thread that they don't, broadly. Instead, what's being argued is that people's privacy isn't being denied or breached by Unity.

I agree with you it isn't being breached, the only thing Unity can really be accused of is not doing enough to help developers obtain compliance, other than that Unity is one of the better companies as far as GDPR compliance goes.

Yar, and in this case I don't see any of that being distributed.

The only thing i take issue with here is the trend of automatic e-mails that pretend like they're a direct message from a person. That's scummy - and lots of companies are suddenly doing it.

The email and usage of it in this case? Stupid and pointless IMO. However, tracking of how people move in your app (on average): What parts consume the most time of someones day? How many times does a person have to click "undo" in a day? What are the top 10 actions being done before someone hits "undo"? etc That sort of thing is a greatly helpful tool when making apps. As a developer you should want to know these things to improve the UX (in addition to the other ways you get such info, like focused testing or whatnot). Granted, I think everyone can agree the tracking of unique users isn't all that great if you can avoid it.

Unity do actually do significant data aggregation including from third parties, I suggest having a read through the privacy policy it is quite detailed. Consent also isn't required as it's a legitimate interest.

It's unavoidable to 'track unique users' if you want that sort of information. What is entirely avoidable, however, is having any idea who any of those users are. I don't see any wrong or harm in collecting that data so long as the personally-identifiable information is disconnected and discarded from the data you actually wanted wherever it is viewed. The collection isn't harmful, I mean, it's the distribution that's harmful. That said, It'd be hard to do so in all cases. I mean, presumably, we'd also be talking about disconnecting even IPs from that data to ensure total anonymity -- but then you'll have no idea at all whether you're looking at one user's gathered information or one million user's gathered information. The only component you'd have left to segregate data with is time - and that's very unreliable when you have more than 2 users sending any information at all at any given time. I've read through it a few times now. I'm fully aware of what sorts of data you permit Unity to gather and I'm also aware that consent wouldn't be required here. What I'm saying is, even in spite of both of those facts, Unity has chosen to nonetheless strip the personally identifiable information out here even though they didn't have to. They're being even more safe than what the GDPR -- or even users -- are allowing them to do in this case. So I really don't see the outcry or the wrongdoing here.

I haven't been following your conversation closely so I might just be getting the wrong impression here but what would be the problem with the gathered information being impossible to tell apart from other users? The point of this telemetry is to figure out how people are using Unity and to hopefully learn about places it should be improved, no? Unique identification is completely irrelevant to accomplishing that.

It's very relevant. Here's the difference in practice. The first data stream is segregated by associated metadata, the second is pure data. What we're gathering is the amount of time the mouse spends hovering over 'help' buttons and interfaces in our program. We only gather this information when the window is active, meaning if it's alt-tabbed or not focused the timer pauses. 202.13.03.222 | <b@ mail.com> | 1344ms 92.22.183.002 | <a@ nobody.com> | 1782ms 202.13.03.222 | <b@ mail.com> | 1912ms 202.13.03.222 | <b @ mail.com > | 12 ms <-- User restarted application 92.22.183.002 | <a@ nobody.com> | 1883ms 08:03:00 | 712ms 08:03:03 | 1612ms 08:03:14 | 904ms 08:05:12 | 4ms 08:05:30 | 1000ms 08:13:16 | 18812ms The second data set can only tell you approximately how much time per session any user has spent hovering over help stuffs, which is only bare-minimumly useful as its devoid of all context and we can't tell how many people are attempting to gain help on things or how often they need help. We also can't see when a user becomes so frustrated that they simply restart or quit the program - that would require us to know who was with what data. That information is personally identifiable by necessity -- even the IP -- but if this is how it's displayed to anyone that's reading the data, I don't see how it's a problem that said information was gathered to begin with so long as the information is securely stored, salted, and protected: User 0332 | 1912ms avg | 1 Restart(s) User 0201 | 18812ms avg | 0 Restart(s)

I suppose I see what you mean but I still at least partly disagree with what you're saying. For the most part your example is far too vague to have been useful regardless of unique identifiers. With proper telemetry it would be possible to work out that different entries are different sessions from different users without having to tag them as a unique user. I think a good alternative would be to do something like generate an identifier (as in a completely random one that has no basis at all in anything truly identifiable) on system startup then use that for every bit of telemetry until the system is rebooted again. Then you can easily connect different bits of telemetry to one user's session without risking violating that user's privacy in any notable fashion. That seems like a pretty fair trade off since it still provides the vast majority of the benefits of more invasive methods while respecting the end user's privacy. IP shouldn't really be necessary there. b195b307 | <b@ mail.com> | 1344ms 9fd3b95c | <a@ nobody.com> | 1782ms b195b307 | <b@ mail.com> | 1912ms b195b307 | <b@ mail.com > | 12 ms* 9fd3b95c | <a@ nobody.com> | 1883ms *User Restarted Application This is superior. No actual personally identifiable information but you can still easily differentiate between users.