FYI: Civ6 contains Red Shell Analytics Software

[Karpius]

In any case, "That guy does it, too, so let's not care about this guy!" isn't a good argument for pretty much anything, ever.

You seem to be under the misconception that I am excusing Firaxis and Red Shell, which I am not. But people are acting as if their data was secure before Red Shell, and is now suddenly exposed. People are acting as if this is something new.

Was it sneaky? Perhaps...though the original "terms" seem fairly open ended to me, but I would defer to a lawyer's opinion on that. The original "terms' already indicate that Firaxis will share the information without being too specific about which entities will get what. Some vague stuff there...but I agreed anyway.

This is not a practice I particularly like...yet I always hit that agree button.

So if you don't want to take the chance that your data might go somewhere you did not explicitly approve of, then stay off the grid. Don't depend on the government and laws. All the laws in the world won't protect your data. Laws only give you the chance to cry foul...but in a long winded document that defines the "foul" and your use of the word "foul" and all the parties involved in committing the said foul, along with the parties that helped craft the definition of the foul involved as well as the parties that wrote the code that allowed the foul to occur.

 

[Duuk]

Basically what Karpius said. I'm involved in politics. Are you ready to blow your mind?

Using marketing data that is already available, political parties have a *96% chance* of knowing who you will vote for and if you are a likely voter.

That's not just betting odds, that's take-it-to-the-bank odds. The irony of people logging into a forum on the internet to complain about spyware is stunning in its failure to comprehend its own futility. If you really want to defend yourself from having your data mined, it's time for you to move to Montana, buy 50 acres, install a well and learn to live without electricity. Otherwise you're screwed, because we live in a world where the ability to cross-reference data points has become one of the key marketable skills for companies to have.

Welcome to Orwell's future. At least it's the capitalist version. It could be worse.

 

[DWilson]

Basically what Karpius said. I'm involved in politics. Are you ready to blow your mind?

Using marketing data that is already available, political parties have a *96% chance* of knowing who you will vote for and if you are a likely voter.

That's not just betting odds, that's take-it-to-the-bank odds. The irony of people logging into a forum on the internet to complain about spyware is stunning in its failure to comprehend its own futility. If you really want to defend yourself from having your data mined, it's time for you to move to Montana, buy 50 acres, install a well and learn to live without electricity. Otherwise you're screwed, because we live in a world where the ability to cross-reference data points has become one of the key marketable skills for companies to have.

Welcome to Orwell's future. At least it's the capitalist version. It could be worse.

I imagine they'd have an interpretation that they were pretty confident of your opinions on with a lifestyle change like that alone, too.

 

[Karpius]

The irony of people logging into a forum on the internet to complain about spyware is stunning in its failure to comprehend its own futility.

So very well put!

And yes, I will be using that quote any chance I get because, well, you put it out on the net....so fair game!

 

[Mr. Shadows]

I know enough about computers to know how much I don't know. It looks like what Red Shell is doing is benign and probably standard for anyone who makes and distributes software, but I don't completely understand how it works. I'm still sour and reticent because U-Play was compromised- yes that's a very different thing but the experience has made me wary in general. I'm willing to accept that their mission is above-board but I (and many other people) want to see greater transparency. Simply including it in the user agreement isn't good enough, it needs to be displayed prominently in language anyone can understand. It isn't enough to tell me I agreed to it just because it was included in wall of legalese. I'm not accusing Firaxis or Red Shell of anything, but I am suggesting that we as consumers are demanding greater transparency as regards data collection and distribution.

 

[Kwami]

I'm not sure why these points won't stick, but I'll try again.

1. Using someone else's bad behavior to justify Firaxis's bad behavior is not valid. It doesn't matter if Facebook, Microsoft, or this forum also collect data. None of that is relevant to Red Shell, CIv VI, or Firaxis.

2. Willingly allowing a company to collect data is not equivalent to being tricked into submitting data to an unknown company. And, yes, we were tricked. The EULA was updated more than a year after release with no announcement and Red Shell isn't even mentioned.

This is not OK. We shouldn't just look the other way because, eh, what can you do?

 

[Trav'ling Canuck]

I'm not sure why these points won't stick, but I'll try again.

1. Using someone else's bad behavior to justify Firaxis's bad behavior is not valid. It doesn't matter if Facebook, Microsoft, or this forum also collect data. None of that is relevant to Red Shell, CIv VI, or Firaxis.

2. Willingly allowing a company to collect data is not equivalent to being tricked into submitting data to an unknown company. And, yes, we were tricked. The EULA was updated more than a year after release with no announcement and Red Shell isn't even mentioned.

This is not OK. We shouldn't just look the other way because, eh, what can you do?

Well said. You've captured the essence of the issue.

Firaxis acted poorly. That happens sometimes, but Firaxis is compounding it by failing to own up to the issue. With a simple "oops, we messed up" statement, I'd likely forgive and forget. The longer we go without such a statement, the more it suggests that Firaxis thinks their behaviour was okay, and that's the part that really concerns me.

 

[Archon_Wing]

That's not just betting odds, that's take-it-to-the-bank odds. The irony of people logging into a forum on the internet to complain about spyware is stunning in its failure to comprehend its own futility. If you really want to defend yourself from having your data mined, it's time for you to move to Montana, buy 50 acres, install a well and learn to live without electricity. Otherwise you're screwed, because we live in a world where the ability to cross-reference data points has become one of the key marketable skills for companies to have.

That's such a ridiculous strawman and just as much hyperbole as the other end.

Just because it is unreasonable to expect absolute privacy does not mean all requests for privacy are invalid.

That's like saying that since you have no right to privacy in public (and you don't) you don't care about people finding out what kind of underwear you're wearing or what you're carrying in your bags. Or maybe if you don't care about that, maybe nobody else cares too.

There's always ways to simplify someone's position into something incredibly stupid. It might even sound ed Problem is that it doesn't really reflect on the argument, it just reflects on the person making that simplification.

I mean, I don't even care about Red Shell. I think it's fine for me to share my information Microsoft and Steam, because believe it or not, I actually don't mind doing business with them and trust them more than No Name, INC. But this is just silly.

It's also funny how we're talking about "comprehending" spyware when the same logic of "you clicked, you agreed" is also the same way malware also gets installed on a lot of people's computers. Now I agree that people should read before they click, but whether you like it or not, it's the for many a botnet and will affect you eventually, so....

The issue is hardly that black and white. Besides, some of Take Two's games are already getting rid of Red Shell anyways due to complaints, so reality

Welcome to Orwell's future. At least it's the capitalist version. It could be worse.

Yea, it could be worse if people are defeatist about it. Except Take-Two's already going to remove Red Shell from some of their games already due to customer feedback, so, hey, capitalism's not all that bad. Or they could just have asked Red Shell to stop collecting their data (I'm sure the law has nothing to do with this)

I mean, all people had to do was complain, which actually works. It also doesn't make for an exciting novel I admit even if some are spinning it as such.

 

[Gedemon]

I'm not sure why these points won't stick, but I'll try again.

1. Using someone else's bad behavior to justify Firaxis's bad behavior is not valid. It doesn't matter if Facebook, Microsoft, or this forum also collect data. None of that is relevant to Red Shell, CIv VI, or Firaxis.

2. Willingly allowing a company to collect data is not equivalent to being tricked into submitting data to an unknown company. And, yes, we were tricked. The EULA was updated more than a year after release with no announcement and Red Shell isn't even mentioned.

This is not OK. We shouldn't just look the other way because, eh, what can you do?

I agree to both point.

But IMO the most important point is the type of collected data and how it can be used.

AFAIK the data collected by Redshell (from their site documentation, or, for those who don't trust them, from the decompiled DLL) is deidentified in a way that can't link back to a person.

And knowing that, then this:

The irony of people logging into a forum on the internet to complain about spyware is stunning in its failure to comprehend its own futility.

is perfectly valid.

 

[Trav'ling Canuck]

I agree to both point.

But IMO the most important point is the type of collected data and how it can be used.

AFAIK the data collected by Redshell (from their site documentation, or, for those who don't trust them, from the decompiled DLL) is deidentified in a way that can't link back to a person.

And knowing that, then this:

The irony of people logging into a forum on the internet to complain about spyware is stunning in its failure to comprehend its own futility.

​

is perfectly valid.

Firaxis sold us a product, not Redshell. Firaxis should be communicating to its customer base in a clear fashion about what it is doing and why. And it should do so at the time of making a change, not after an outcry.

And I disagree that making your voice heard that you think something is wrong is "futile". In this particular example, I would not have been aware of Firaxis' behaviour in the absence of people logging onto this forum and letting me know about it.

Now, maybe it doesn't change Firaxis' behaviour, and is "futile" in that sense. But it's seriously diminished and likely eliminated the potential that I will buy another Civ 6 expansion if Firaxis doesn't address the issue. And I suppose that's irrelevant, too, because I'm only one customer so really, who cares?

But I do take corporate behaviour into account in my purchasing decisions, and Firaxis is on my radar screen now as a company that I cannot trust to do the right thing by its customers. If it wants to take the time to alleviate my concerns and change my opinion on this, it has a communication department fully capable of doing so.

 

[Archon_Wing]

https://www.kotaku.com.au/2018/06/1...leged-spyware-from-pc-games-after-fan-outcry/

Very futile. They probably just removed it because they were in a good mood.

 

[Gedemon]

Firaxis sold us a product, not Redshell. Firaxis should be communicating to its customer base in a clear fashion about what it is doing and why. And it should do so at the time of making a change, not after an outcry.

And I disagree that making your voice heard that you think something is wrong is "futile". In this particular example, I would not have been aware of Firaxis' behaviour in the absence of people logging onto this forum and letting me know about it.

Now, maybe it doesn't change Firaxis' behaviour, and is "futile" in that sense. But it's seriously diminished and likely eliminated the potential that I will buy another Civ 6 expansion if Firaxis doesn't address the issue. And I suppose that's irrelevant, too, because I'm only one customer so really, who cares?

But I do take corporate behaviour into account in my purchasing decisions, and Firaxis is on my radar screen now as a company that I cannot trust to do the right thing by its customers. If it wants to take the time to alleviate my concerns and change my opinion on this, it has a communication department fully capable of doing so.

The action is not futile, I've not bought the DLC/Expansion and won't buy civ7 until they change the way they communicate with us (specifically in relation to modding), because yes, it's the only action that matters.

But acting this way for that reason (Redshell) is futile.

Protest because you don't like the game's design.

Protest because you don't like the AI.

Protest because they don't communicate.

Protest because you don't like the DLC pricing.

Protest because you don't like the art design.

Protest because they've changed the EULA after you bought the game.
Protest because they've not released the source code for modding yet (yes, please, everyone, do that )

Those are much more valid reasons to log on a forum/steam/facebook (!) to protest than to do it for a tool that only check if you've clicked on an ad without collecting personal data.

 

[Kwami]

I agree to both point.

But IMO the most important point is the type of collected data and how it can be used.

AFAIK the data collected by Redshell (from their site documentation, or, for those who don't trust them, from the decompiled DLL) is deidentified in a way that can't link back to a person.

And knowing that, then this:

is perfectly valid.

No, it's not. This forum isn't collecting data without my knowledge. I can easily verify what it's collecting and I can easily prevent it from collecting most of that data. Further, I knowingly joined this forum and read the ToS. I'm here on purpose.

Until a month ago, I didn't even know what Red Shell was. The EULA for Civ VI said nothing about collecting this soft of data when I bought the game. The updated EULA wasn't publicized. I'm pretty sure that Red Shell still isn't explicitly mentioned in the EULA. I never knowingly entered into an agreement with Red Shell to collect any information whatsoever.

That's a very, very important difference.

 

[Gedemon]

No, it's not. This forum isn't collecting data without my knowledge. I can easily verify what it's collecting and I can easily prevent it from collecting most of that data. Further, I knowingly joined this forum and read the ToS. I'm here on purpose.

Until a month ago, I didn't even know what Red Shell was. The EULA for Civ VI said nothing about collecting this soft of data when I bought the game. The updated EULA wasn't publicized. I'm pretty sure that Red Shell still isn't explicitly mentioned in the EULA. I never knowingly entered into an agreement with Red Shell to collect any information whatsoever.

That's a very, very important difference.

You mixing the EULA and redshell, those are different issues, and the important point, again, is the type of data collected.

We'll see in a few months how it goes on the legal side, but I'm almost certain of 2 things:

1/ redshell will be removed before, because it's easier to do it that to explain what it does to scared customers.
2/ if Firaxis/2K games are fined, it will not be because of redshell itself.

 

[Trav'ling Canuck]

The action is not futile, I've not bought the DLC/Expansion and won't buy civ7 until they change the way they communicate with us (specifically in relation to modding), because yes, it's the only action that matters.

But acting this way for that reason (Redshell) is futile.

Protest because you don't like the game's design.

Protest because you don't like the AI.

Protest because they don't communicate.

Protest because you don't like the DLC pricing.

Protest because you don't like the art design.

Protest because they've changed the EULA after you bought the game.
Protest because they've not released the source code for modding yet (yes, please, everyone, do that )

Those are much more valid reasons to log on a forum/steam/facebook (!) to protest than to do it for a tool that only check if you've clicked on an ad without collecting personal data.

I agree with all of your reasons, Gedemon, and yes, they're all reasons people may wish to express their concerns.

I disagree, however, that they are "more valid reasons" to protest than the Redshell issue.

For me, personally, this issue is much more important than all the others rolled together. Of course you may feel otherwise, but for me, this is a major and evolving issue affecting society as a whole.

I don't particularly care what Redshell is or is not doing. What I care about is what are the norms going to be on this topic? And the first and most important norm to me should be full, complete and informed consent. In this particular instance, what I believe Firaxis should have done is issued a statement concurrent with updating the EULA saying "hey, we're going to start using Redshell. Here's what it does and why we're using it." Once they didn't do that and this issue flared up, then they had another opportunity to communicate. Updates to a legal document should not, to my mind, be considered sufficient communication to customers, especially when those terms aren't clear on how exactly the data is being used and the changes are being made after the product sale has already taken place. Let's have a plain language explanation of what they're going to do and why they think that's appropriate.

 

[Duuk]

Guys.

The Supreme Court of the United States had to rule (literally two weeks ago) that the government required a warrant to get cell phone companies to turn over your location info, because your cell phone bounces off different cell towers as you move around which means you are literally monitored 24x7.

...and it was a split decision, because the legal precedent wasn't exactly clear. You are literally carrying in your pocket a device that tells people your location at all times. Literally at all times. If you spend 30 minutes a week in PetSmart, it knows. If you spend 12 hours a week at a bar, it knows. If you never leave your house, it knows.

And you think Civ6 is a big issue?

I am literally stunned that this is the Big Issue in your Privacy Concern.

Whenever I hear people complain about invasions of privacy, my first question is, "Do you own a cell phone?" If they say "yes", I tell them to shut their pie holes because they are a hypocrite being angry because someone on the internet told them to be angry. There is a very simple way to prevent Redshell from learning anything about you that you don't want them to know: Don't use your gaming PC for anything work related. I don't.

 

[sanchopanda]

AFAIK the data collected by Redshell (from their site documentation, or, for those who don't trust them, from the decompiled DLL) is deidentified in a way that can't link back to a person.

That's true, they said that, but you can't find any real information on that topic. Their documentation is way too vague. It can't be really anonymous data because they can spot you if you provide your steam ID (that's how you opt out). And Steam has a reference between your Steam ID and your name. That's enough to make is personal data. I know that those are different companies, but that doesn't matter.

 

[Gedemon]

I agree with all of your reasons, Gedemon, and yes, they're all reasons people may wish to express their concerns.

I disagree, however, that they are "more valid reasons" to protest than the Redshell issue.

For me, personally, this issue is much more important than all the others rolled together. Of course you may feel otherwise, but for me, this is a major and evolving issue affecting society as a whole.

I don't particularly care what Redshell is or is not doing. What I care about is what are the norms going to be on this topic? And the first and most important norm to me should be full, complete and informed consent. In this particular instance, what I believe Firaxis should have done is issued a statement concurrent with updating the EULA saying "hey, we're going to start using Redshell. Here's what it does and why we're using it." Once they didn't do that and this issue flared up, then they had another opportunity to communicate. Updates to a legal document should not, to my mind, be considered sufficient communication to customers, especially when those terms aren't clear on how exactly the data is being used and the changes are being made after the product sale has already taken place. Let's have a plain language explanation of what they're going to do and why they think that's appropriate.

It's not that I feel otherwise, it's that I can't even begin to understand the community reaction around this, it's simply completely illogical from my point of view, really.

But I think that I will stop posting in this thread, because I've the impression that this goes both way and that I will never be able to clearly explain why this is a complete non-issue in my opinion, which means I can't contribute in a positive way to the thread.

I'll just wish good luck to Firaxis/2K games PR to fix this, it's seriously time to communicate guys. And remember the devs to give us the source code while you're here, please, TIA.

 

[Trav'ling Canuck]

Guys.

The Supreme Court of the United States had to rule (literally two weeks ago) that the government required a warrant to get cell phone companies to turn over your location info, because your cell phone bounces off different cell towers as you move around which means you are literally monitored 24x7.

...and it was a split decision, because the legal precedent wasn't exactly clear. You are literally carrying in your pocket a device that tells people your location at all times. Literally at all times. If you spend 30 minutes a week in PetSmart, it knows. If you spend 12 hours a week at a bar, it knows. If you never leave your house, it knows.

And you think Civ6 is a big issue?

I am literally stunned that this is the Big Issue in your Privacy Concern.

Whenever I hear people complain about invasions of privacy, my first question is, "Do you own a cell phone?" If they say "yes", I tell them to shut their pie holes because they are a hypocrite being angry because someone on the internet told them to be angry. There is a very simple way to prevent Redshell from learning anything about you that you don't want them to know: Don't use your gaming PC for anything work related. I don't.

It's an evolving issue for society as a whole. Trying to shut down discussion on the basis of a single data point, like whether you own a cellphone, isn't particularly helpful, I don't think.

It's also not helpful to characterize people as being "angry" when some of us, having taken the time to reflect on the issue, aren't angry. We just think there should be a different approach to how companies approach the collection and use of personal data. I, at least, am concerned that if Firaxis chooses to behave in the way they have with Redshell, that suggests an approach at the executive level to consumer relations that cause me to distrust their company as a whole.

It's not that I feel otherwise, it's that I can't even begin to understand the community reaction around this, it's simply completely illogical from my point of view, really.

The last thing I want to do is put words in your mouth, but from reading your posts, the sense I got was that it wasn't a big issue for you because of the nature of what was being collected and how. And, frankly, based on your understanding of what was being done, I wouldn't be concerned about what they are doing, either. And my feelings may indeed be illogical, but what has come to bother me as time has passed is the idea that Firaxis thinks this is something that shouldn't be talked about, that it's something they should just do, without explaining why. And you're probably correct in your prior post, what they'll likely do now is just drop Redshell and still not talk about it, because they'll take that as the path of least resistance. Which I think would be wrong, too.

 

[Equilin]

Guys.

The Supreme Court of the United States had to rule (literally two weeks ago) that the government required a warrant to get cell phone companies to turn over your location info, because your cell phone bounces off different cell towers as you move around which means you are literally monitored 24x7.

...and it was a split decision, because the legal precedent wasn't exactly clear. You are literally carrying in your pocket a device that tells people your location at all times. Literally at all times. If you spend 30 minutes a week in PetSmart, it knows. If you spend 12 hours a week at a bar, it knows. If you never leave your house, it knows.

And you think Civ6 is a big issue?

I am literally stunned that this is the Big Issue in your Privacy Concern.

Whenever I hear people complain about invasions of privacy, my first question is, "Do you own a cell phone?" If they say "yes", I tell them to shut their pie holes because they are a hypocrite being angry because someone on the internet told them to be angry. There is a very simple way to prevent Redshell from learning anything about you that you don't want them to know: Don't use your gaming PC for anything work related. I don't.

For me, I'm fine with my information leaking to the "government" of the state, because that's kind of expected and cannot really be prevented by me (their reasons are also valid to an extent e.g. security). I'm okay with many information go to tel company, FB or Google because i expect those to do good to me. Are you saying once my info got out everyone who have a receiver would get it? I doubt so. And that's why privacy matters, you only want to give information to those who you expect something in return and not anyone else.