-
Our friends from AlphaCentauri2.info are in need of technical assistance. If you have experience with the LAMP stack and some hours to spare, please help them out and post here.
FYI: Civ6 contains Red Shell Analytics Software
- Thread starter anandus
- Start date
- Status
sixty4half
I drink and I know things
- Joined
- Apr 12, 2015
- Messages
- 749
Pointless pandering
sixty4half
I drink and I know things
- Joined
- Apr 12, 2015
- Messages
- 749
The entire thing is a witch hunt based on hysterics and propaganda overinflated by basement dwellers that have nothing better to do with their time. The companies stripping redshell from their products are pandering to this group. I don't begrudge them doing it, as they are losing money to this farce of a "boycott" so their hand has been forced.
Everyone wants net neutrality but nobody wants anyone else to be able to make money off of them. People gotta wake up. If you're not paying for a service, that's because you are the product. If you don't want to be the product (or Information to be the product) then you have to pay for the service.
And I'm not joining a debate. I'm just voicing an opinion
Everyone wants net neutrality but nobody wants anyone else to be able to make money off of them. People gotta wake up. If you're not paying for a service, that's because you are the product. If you don't want to be the product (or Information to be the product) then you have to pay for the service.
And I'm not joining a debate. I'm just voicing an opinion
Last edited:
Yeah, I'm pretty sure that I paid for both Civilization VI and my ISP's service. Why should I be OK with them spying on me to make more money off of my private information?
There's nothing hysterical here and neither is there propaganda. I think that it's pretty clear why some of us are upset about this. If you aren't, then that's fine.
Anyway, none of this has anything at all to do with net neutrality. Not even a little bit.
There's nothing hysterical here and neither is there propaganda. I think that it's pretty clear why some of us are upset about this. If you aren't, then that's fine.
Anyway, none of this has anything at all to do with net neutrality. Not even a little bit.
To me, it all comes down to what information that they're actually collecting, and in what manner that data is being used for. In this case, what they were actually collecting seems to be nothing much more than what cookies in your browser would collect on you. But the problem is that obviously none of these games were upfront about this, there's no easy way to opt out, and it's all buried deep down that people start prescribing a sinister motive about selling my data.
If the game had a simple button that you clicked that was the same basic boilerplate that you get when you go to a site that uses cookies to track you, it would be out in the open and wouldn't be a big deal overall.
I do also think people get a little too sensitive about data sometimes, although I understand it. It's still creepy when I'm checking out something on Amazon and then suddenly all my facebook ads switch to being related to that. But on the other hand, in theory if these systems work, at least I should be getting relevant ads. And obviously any data that's very personifiable, I don't want. Like I really don't want my facebook ads to suddenly be "Hey, we saw you were browsing reddit on Tuesday afternoon, and your bank account is looking a little thin. Maybe it's time to look for a new job?"
Clearly, because starting one with a barrage of attacks-to-character is a fast way to get laughed out of any legitimate debate. If your post depends on name-calling to make its point, it's clearly not a very good one.
Part of the problem is that we don't know what information they're collecting. Even if they actually spelled it out for us (they don't), we'd still be trusting them on the honor system. They haven't provided any source code or any way for us to verify that they aren't collecting more than they say. There are numerous examples of companies "accidentally" collecting more than they claim. And remember, a few pieces of seemingly anonymous data here mixed with a few pieces of anonymous data from over there can often be enough to identify someone. I'm not comfortable with sending any data to a company that I don't know and trust. Red Shell is not such a company.
But even if they were only collecting a few bits of data to improve marketing, they should still ask us if that's OK. Sneaking around makes everyone suspicious. After all, if they're just collecting my IP and Steam ID and matching it with an ad click from elsewhere, then why do they feel the need to sneak around? Why not be clear about what's happening?
And when they ask my permission, "no" should be a valid answer. I should be able to play Civilization VI without accepting Red Shell's data collection. Forcing me to click "OK" or never play the game isn't asking. That's especially true when software refunds aren't always so easy to obtain.
For now, I'll continue to block communication with Red Shell on all of my networks and I'll continue to make my preferences known to the developers. I guess that's the best that I can do in the US where we don't have many useful data protection laws.
Yep, that's all valid. In theory, if we trust Firaxis/TakeTwo, then we should likely trust the people that they deal with to collect analytics for them, but obviously fair to be skeptical about it. As mentioned, the fact that this only came about because people went snooping always leaves a bad taste. As does the fact that virtually every other game company out there has bailed on them at the first mention of all of this, you start wondering a little more what kind of "deal" Red Shell has with all these companies.
But yes, a simple "We collect analytics on usage. The details about what we take and store is here. Do you agree to provide this? Y/N" would be the logical way to do this, and then it's up to each use whether they want to provide that data or not.
If your baseline is "nothing that they say publicly can convince me that they're actually doing those things", then there is no honest debate that can be had here.
If they are being correct, they don't need to be upfront about anything, because it's data that isn't personal. Your argument undermines itself. Either they're doing all that they say that they're doing, so there isn't a problem, so you don't even need to know about it. Just like you don't need to know how a crash reporter works by demanding to see the source code to trust that it's doing its job and nothing more. Or you can't take them at their word, nothing they say is going to convince you, and this is kinda a waste of time.
The opt-out exists, and doesn't need to be built into the game's UI (or worse, Steam's installation process which would require Valve to modify Steam to support such) to be useable. Regardless of whether or not you take them at their word, this is a basic fact.
There could be a third position, I'm sure, but I personally can't think of it. Open to ideas.
I'm not sure what point you're making. I think that mine was quite clear.
1. If you're using a third party to collect information from my PC, whether or not it's personal, then you should ask for my permission. You should do so in an obvious way. It should be easy to say no.
2. The third party data collection tool should be transparent. It shouldn't be hard to see what it's doing and to verify that it's doing what it claims to do. Perhaps the easiest way to achieve this goal is to use open source software.
3. If I choose not to allow data collection, then that should be the end of it. I should still be allowed to play the game and I shouldn't have to keep re-disabling the data collection every time there's an update or something.
The current "opt out" method is ridiculous. First, we had to discover that data was being collected by a third party. Then, we had to figure out who was collecting that data (Red Shell). Then, we had to find the opt out process. Finally, we have to send an email containing information that very well could be PII to that third party. Finally, we just have to trust that it worked and that we aren't being tracked anymore. Does that really sound reasonable to you? It's totally ridiculous (and almost certainly violates GDPR).
Besides, the opt out doesn't make sense. It doesn't stop Red Shell from collecting my IP and whatever else when I view or click their ads. It doesn't stop Civilization from sending my Steam ID, IP, and whatever else to Red Shell when I play the game. All it does (in theory) is stop Red Shell from matching my IP to my IP. I call BS on that.
TheMeInTeam
If A implies B...
- Joined
- Jan 26, 2008
- Messages
- 27,995
It should be, but then you watch a political debate and realize that unfortunately CFC manages to hold itself to a higher standard than people allegedly attempting to make salient points to voters to convince them what option is best...but can't consistently answer questions asked of them and rely on ad hominem at every level. I suppose you could make the case that's not legitimate debate, but bizarrely that's a minority opinion even though I agree.
I don't know what Red Shell is collecting, but what the 2k EULA allows them to collect in principle is pathetic. There are free to play games that treat their customers with more respect.
A third position example is that collecting data immediately relevant to the game (crash logs, in-game choices) is fundamentally different than tracking non-game data for marketing purposes.
Besides, even if you hold that Firaxis doesn't have bad intent (which is reasonable), they're sloppy. That clearly manifests repeatedly in the product they're selling to end users. If they provably can't vet the information their own patch notes or game provides with any consistency, why should we anticipate they can vet that a third party company is holding itself to a given set of standards?
Again, TheMeInTeam you're still assuming it's purely for marketing purposes. This is avoiding the debate of the worth of marketing data (which is significant, as a consumer, if you want them to keep making things you enjoy playing).
Also it's funny you raise F2P games, as they tend to either exist on Steam, or a mobile OS. All of these platforms are known for excessive amounts of data collection. This isn't whataboutism, this is me finding your notion of respect somewhat flexible. Your definition for respect has to be similar for all these companies. Not necessarily your judgement of their actions, but what you mean by "treating customers with respect". Again, I think there's too much bias against either Red Shell, or simply just Firaxis and / or 2K. That's colouring the arguments here, and I think people need to ask themselves why.
Your put forward the argument that "if everything Red Shell are doing is legitimate, why are they [hiding] it". My point was it can be legitimate and still buried in a EULA. It being buried in an EULA does not make it in any way below board, or misused, or any other negative consequence you can possibly attribute to such an act. You're free to not like it (I think that's well-established at this point).
You put forward a number of claims you never support, or even offer a shred of evidence for (see: GDPR violations and what the opt-out does or doesn't do). You keep repeating that you find things ridiculous (fair, but a personal emotional judgement, and one that holds no legal or moral basis).
If you just want to stop at "I don't trust this company or anything it says", that's fine, but then there's no discussion to be had. That's not something anyone can discuss. Much like claims that people put "blind trust" in things are similar (I think it was you that said this earlier in the thread). I don't characterise your concerns as blind skepticism. It doesn't get us anywhere. It doesn't help me understand you.
I think a good question to ask is what companies do you trust? What companies do you know? Red Shell fails both of these, but I just want to understand what kind of company could possibly pass this test, so we can understand what companies need to do.
Also it's funny you raise F2P games, as they tend to either exist on Steam, or a mobile OS. All of these platforms are known for excessive amounts of data collection. This isn't whataboutism, this is me finding your notion of respect somewhat flexible. Your definition for respect has to be similar for all these companies. Not necessarily your judgement of their actions, but what you mean by "treating customers with respect". Again, I think there's too much bias against either Red Shell, or simply just Firaxis and / or 2K. That's colouring the arguments here, and I think people need to ask themselves why.
I'm going to avoid everything we've been down before. It's a complete replay of earlier discussions.
Your put forward the argument that "if everything Red Shell are doing is legitimate, why are they [hiding] it". My point was it can be legitimate and still buried in a EULA. It being buried in an EULA does not make it in any way below board, or misused, or any other negative consequence you can possibly attribute to such an act. You're free to not like it (I think that's well-established at this point).
You put forward a number of claims you never support, or even offer a shred of evidence for (see: GDPR violations and what the opt-out does or doesn't do). You keep repeating that you find things ridiculous (fair, but a personal emotional judgement, and one that holds no legal or moral basis).
If you just want to stop at "I don't trust this company or anything it says", that's fine, but then there's no discussion to be had. That's not something anyone can discuss. Much like claims that people put "blind trust" in things are similar (I think it was you that said this earlier in the thread). I don't characterise your concerns as blind skepticism. It doesn't get us anywhere. It doesn't help me understand you.
I think a good question to ask is what companies do you trust? What companies do you know? Red Shell fails both of these, but I just want to understand what kind of company could possibly pass this test, so we can understand what companies need to do.
TheMeInTeam
If A implies B...
- Joined
- Jan 26, 2008
- Messages
- 27,995
Civ 6 also exists on Steam, and while the platform itself has its own issues they'd be universal to products on Steam.
That said, the F2P games that came to mind are PC-exclusive in one case and massively cross platform in the other. I didn't say all F2P games were better...
Tethering "marketing data" in a grimey fashion to a paid product is questionable. I'm not "assuming" what it's for - it's pretty obvious we don't entirely know. We can safely conclude it has utility for marketing and maybe for debug (not sure why you'd need Red Shell for debug/crash though), but we can't safely rule out whatever else.
Earlier you mentioned trust and differential reasoning to distrust companies. Actually, Firaxis has given us reasoning to distrust them specifically. In both patch notes and gameplay, their representation of information is inaccurate and inconsistent in multiple places with no apparent prioritization to amend this issue (track record suggests they don't care). Speaking of assumptions, why should we assume they handle other things better than this?
Baseline trust of any for profit organization is reasonably low; you expect them to act on their incentives. Organizations that have done things to violate trust, however, are distrusted further.
Nobody can have perfect knowledge. An untrustworthy organization which has arbitrarily just happened to do right by one person consistently may be trusted by that person. From my own perspective/observed evidence, companies like Riot and Ludeon are significantly more trustworthy than Firaxis/2k. The reason is that in my own observations/experiences, their products are of consistently higher quality and they have not misled me to nearly as much of a degree, especially in-game. Nor have they put DLC over such abstract gameplay concepts as "what are the rules" or "x happens when the game says that x will happen". Their presentation and experience is consistently more professional, and so I trust them more than Firaxis/2k.
That's not to say I trust them overmuch, but if one of these and Firaxis each announced a new game tomorrow I would trust the former products to be of higher quality. Based on evidence that I have seen, I'd be crazy not to do so. But I could also later discover something that lowers my trust of Riot enough that Firaxis is less untrustworthy for example.
It's not an on/off switch.
Last edited:
Even if everything that Red Shell does is legitimate, Firaxis should still have made it clear to us that the data collection was happening. I'm sorry, but burying that information in a lengthy EULA doesn't count. Almost nobody reads those for obvious reasons.
As some evidence that a Steam ID counts as PII under GDPR, a number of games from large publishers pushes patches recently to stop collecting Steam IDs with their telemetry. Surviving Mars (Paradox) is one recent example. Since the "opt out" for Red Shell requires sending a Steam ID, there's a very high chance that they're collecting the Steam ID as part of their data collection.
I think it's pretty clear which companies I trust. But, sure, I'll rephrase it again.
I trust companies that are open and transparent about what data they're collecting, why they're collecting it, and who they're sharing it with. I trust companies that provide me with a means to verify their claims, such as open source software and tools to decode the collected data. I trust companies that ask me if it's OK to collect data and then respect my wishes.
Red Shell and Firaxis fail on all of these counts.
"they'd be universal to products on Steam"
Yes! And this, uh, isn't a defense?
I mean, if you're going to invoke the spectre of "F2P" titles when you say there are such titles that treat customers with more respect, you're playing to the allusion of
a) F2P games, as some kind of a collective whole, do not, and / or
b) that this is such a low bar that a game with an upfront price should clear it easily.
Otherwise there's no need to compare Civilisation VI against unnamed F2P titles in a negative context. You did it for a reason, let's not be coy.
---------------------
You can assume whatever you want. Like I said, that's entirely your choice. When it comes down to personal choice there are a huge number of factors that influence our decisions. My intent isn't to shame you for that at all. The problem is when it's dressed up in some kind of package about "wrongdoing", or when people repeatedly cite GDPR, or whatever. The one thing isn't the other. I don't like peas. That doesn't make peas bad for me. That's a bit of a random example but it's the easiest one I can think of (because I really don't like peas. There aren't many video games I actively dislike outside of off-topic reasons). Do you understand my argument? You not liking something doesn't make that something a bad thing. It just means you don't like it.
You don't know what the data is for. You say you can't assume, but you are assuming. When you say "we can't safely rule out whatever else", you are also casting that inference. It's simpler to say "exercise your right to an opt-out, and I don't want to say anything else because I don't know". But people aren't doing that. You aren't doing that. You are basing your advocacy on assumptions, whether or not you realise it. As am I. My baseline is "if I can't trust this company at their word, I can't trust any company, and I honestly don't have the headspace to go through life like that". Other people do - it's entirely their choice. Your choice. My choice. But what's important is that it is a choice.
And you don't have to dress that choice up in some kind of continuously-negative subtext. Red Shell could be some kind of transparent benevolent thing, and you could still want to opt-out, and that would be entirely your choice. And there would be nothing wrong with that.
There's a reason we have due process, why we shouldn't cast blame if we can't prove something. An absence of evidence that it doesn't do something is not evidence that it does. Much like a lack of evidence that I have supernatural powers, unfortunately, doesn't mean that I have them. I mean, it doesn't rule it out. And certainly, a company abusing the data it holds for any reason (even if that data is arguably anonymous), is a lot more likely. But the principle stands.
What other companies, and what other products? Did Paradox patch all of their games? Did they explicitly state it was for the reason of data privacy?
And I understand the reasons you state for what you trust. I'm asking for literal, actual examples. To be clear, because I suspect I'll find it incredibly easy to construct the kind of case you're making against Red Shell and / or 2K, against them. It's basic devil's advocacy. We can't "prove" no wrongdoing is happening ergo on some level wrongdoing must be happening. Like I said earlier in the thread. It's scaremongering. And you don't seem to recognise that personal bias for or against companies affects your personal view of trust.
For example, I do community moderation for Relic Entertainment. I like Relic. But I have to put that aside - or try to (I'm only human) - when I want to seriously analyse a part of their games (which I play a lot). People are often shouted down for being "white knights", or the like. But what I find more common is people not being able to set apart negative bias from any arguments they're trying to make. And given how we prize criticism in all its forms, this makes for a difficult conversation when trying to find out why people don't like a certain thing, or why they oppose a certain thing. Because it's simply not thought about in any such depth. That again, is also human nature. Introspection is hard!
Noble Zarkon
Elite Quattromaster - Immortal (BTS)
Super Moderator
Hall of Fame Staff
GOTM Staff
Supporter
I think this is the critical point and the biggest mistake Firaxis made.
I'm sorry, but anyone concerned by this kind of issue should read those EULAs, for obvious reasons.
Now, changing the EULA after people have bought the game, and without any possibility of refund, that is a real problem.
Still, IIRC the initial EULA was already mentioning data collecting, and I was a bit surprised that nobody seemed to care about that at the time, but as I was only interested in the part about modding, my memory may not be accurate on that point.
TheMeInTeam
If A implies B...
- Joined
- Jan 26, 2008
- Messages
- 27,995
It's not a point for either side in the discussion, insofar as there are sides.
Actually no. What it does mean is that I can think of at least a few F2P games that operate better. Not all of them. I guess closer to b), since games that ask for money up front shouldn't be mirroring practices that even some F2P don't do...unless we're going with a Jim Sterling "fee to pay" interpretation. If placed alongside that ilk, Civ 6 doesn't look as bad...but they're still on this spectrum!
As I have pointed out, there is explicit reasoning that argument doesn't hold: Firaxis persistently provides inaccurate and incomplete (much more of the latter) information relevant to the usage of their end product...while other companies in the industry either lack evidence of doing this at all or do it with less frequency. Trust directly implies reliability/ability.
The assertion of "if I can't trust this company at the word I can't trust any" does not hold when there are measurable differences in the accuracy of said company's word compared to others...
Obviously. And yet, this behavior pattern is consistent with activity that one expects is, on average, not beneficial to the consumer. Why do we expect this? Because Firaxis did not anticipate it would be viewed in a positive fashion (otherwise it would be a selling point)...at best it's neutral but even that's a bit iffy given the behavior.
We can't prove crime (we don't even have much evidence that it's illegal), but we can still reasonably observe that this behavior is consistent with shady actions and assign higher probability to it being something mildly bad to the consumer. I'm not advocating we ignore due process. I'm not strictly advocating anything specifically. I am throwing shade on Firaxis for their practices. For that, I've observed plenty.
- Status
