The previous version of the launcher had this settings screen.
However, the current version has this settings screen.
With the removal of the "Allow Mojang to collect user data" switch, does this mean it is PERMANENTLY collecting user data? I sincerely hope not. I hope it means it is disabled forever, rather than enabled forever.
This is especially important, because this upgrade was FORCED. I just started up my launcher today, and without asking me it started updating the launcher. And I can't find ANY settings to disable forced updates either. It seems that with this new launcher all updates are forced, whether you want them or not.
Unfortunately that is both worrisome and apparently too recent for any data on what this is about to be available…
Before panicking, however, I suspect this may be in response to GDPR [EU net privacy rules (qv https://techcrunch.com/2018/01/20/wtf-is-gdpr/ ) ] which is "set to apply across the 28-Member State bloc as of May 25, 2018"
Given some of the requirements in GDPR, the previous data collection switch ('buried' in the settings tab) may have been non-compliant with the new laws. [Each EU country (& Britain) is implementing the EU rules under their own laws. ]
There has already been discussion in various fora about IP & UUID collection in relation to MC & GDPR.
IP addresses seem to be clearly defined as personal data under GDPR; the status of UUIDs is less clear.
Due to the newness of the regulations (and the resulting lack of jurisprudence & precedent) this area is murky at best.
With that in mind Mojang may be making changes to ensure they are in compliance with the GDPR. [Or have at least made a good-faith attempt.]
How GDPR will affect data colection vis-a-vis users outside the EU/Britain is very much in question. [MS (which owns Mojang) is a US based corporation.]
Rollback Post to RevisionRollBack
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
Unfortunately that is both worrisome and apparently too recent for any data on what this is about to be available…
Before panicking, however, I suspect this may be in response to GDPR [EU net privacy rules (qv https://techcrunch.com/2018/01/20/wtf-is-gdpr/ ) ] which is "set to apply across the 28-Member State bloc as of May 25, 2018"
Given some of the requirements in GDPR, the previous data collection switch ('buried' in the settings tab) may have been non-compliant with the new laws. [Each EU country (& Britain) is implementing the EU rules under their own laws. ]
There has already been discussion in various fora about IP & UUID collection in relation to MC & GDPR.
IP addresses seem to be clearly defined as personal data under GDPR; the status of UUIDs is less clear.
Due to the newness of the regulations (and the resulting lack of jurisprudence & precedent) this area is murky at best.
With that in mind Mojang may be making changes to ensure they are in compliance with the GDPR. [Or have at least made a good-faith attempt.]
How GDPR will affect data colection vis-a-vis users outside the EU/Britain is very much in question. [MS (which owns Mojang) is a US based corporation.]
Mojang is a Swedish company so they will have to comply with the new rules as they are part of the EU. Doesn't matter who the parent company is.
How GDPR will affect data colection vis-a-vis users outside the EU/Britain is very much in question. [MS (which owns Mojang) is a US based corporation.]
Mojang is a Swedish company so they will have to comply with the new rules as they are part of the EU. Doesn't matter who the parent company is.
Something of a legal 'niceity', but the point I was trying to convey [without adding too much discussion of legal technicalities] is that there is some question over whether MS (which, as a US corporation, must comply with GDPR only with respect to its EU/British operations [and what exactly that covers is the point of another discussion]) has available a mechanism by which it can collect information from non-EU/British users to whom GDPR restrictions do not [arguably] apply.
What such a mechanism might be is currently unknown.
A larger question is to what degree the complexity/expense of maintaining seperate data collection regiems for GDPR-affected- and non-GDPR affected-users may incline companies to extend GDPR protections to users in circumstances where GDPR compliance is not legally mandated.
I've been looking at GDPR compliance for reasons unrelated to MC and the general situation seems to be a bit of a mess with competing interpretations of various terms and requirements and (as yet, AFAIK) no firm guidelines. (eg. UUIDs are [probably] PII within the GDPR definition, but collection/retention in log files may well fall under "strictly necessary for the purposes of preventing fraud")
All of which moves away from the TL;DR base point that the launcher change may be a neutral or positive event…
[It would, however, have been preferable if MS/Mj had announced the change and explain why it was being made, rather than leaving us to speculate.]
Rollback Post to RevisionRollBack
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
Before panicking, however, I suspect this may be in response to GDPR [EU net privacy rules (qv https://techcrunch.com/2018/01/20/wtf-is-gdpr/ ) ] which is "set to apply across the 28-Member State bloc as of May 25, 2018"
From my understanding, this law increases, rather than decreases, the right to privacy. Therefore, it would be more logical for them to make it easier (not harder) for users to opt out of data collection, such as putting the switch on the first tab of the launcher so it would be easier to find. Yet it seems he's doubled down on collecting data, completely REMOVING the switch, so as to make it impossible to disable data collecting. That is, unless I'm understanding this wrong, and he has actually completely removed the data collection feature so that there's no more need for the switch. Yet if that were the case, it would seem something he would want to advertise to the public, as a way of bolstering consumer confidence that his app isn't stealing their personal info. But that's not what's happened. Instead, Mojang hasn't mentioned anything at all about the removal of that switch, as if they are carrying out a cover-up and trying to hide the fact that they removed it. This leaves me to believe that indeed he may be continuing to (now without the ability to disable it) collect our personal info, in direct defiance of these new stricter EU privacy laws. Almost as if he's mad at the new laws so he's blatantly defying them in an act of protest, at the expense of us, the users of the software.
quote=Videogamer555
From my understanding, this law increases, rather than decreases, the right to privacy. Therefore, it would be more logical for them to make it easier (not harder) for users to opt out of data collection, such as putting the switch on the first tab of the launcher so it would be easier to find. Yet it seems he's doubled down on collecting data, completely REMOVING the switch, so as to make it impossible to disable data collecting. That is, unless I'm understanding this wrong, and he has actually completely removed the data collection feature so that there's no more need for the switch [emphasis added]. Yet if that were the case, it would seem something he would want to advertise to the public, as a way of bolstering consumer confidence that his app isn't stealing their personal info. But that's not what's happened. Instead, Mojang hasn't mentioned anything at all about the removal of that switch, as if they are carrying out a cover-up and trying to hide the fact that they removed it. This leaves me to believe that indeed he may be continuing to (now without the ability to disable it) collect our personal info, in direct defiance of these new stricter EU privacy laws. Almost as if he's mad at the new laws so he's blatantly defying them in an act of protest, at the expense of us, the users of the software.
My guess is that the emphasised alternative is correct and data collection has been removed (at least temporarily while the particulars of the GDPR are still evolving).
I agree that an announcement explaining the change would have been appreciated, but MS/Mj may have a different read on the public relations climate.
As to secretly continuing data collection: if this was two kids publishing out of Mom's garage, I might believe it; for a company with the size and profile of MS/Mj to attempt such a stunt would be passing idiocy. [Granting the VW emmissions cheating scandal indicates that even large companies are capable of acts of unfathomable stupidity, I don't think that would be the way to bet.]
Rollback Post to RevisionRollBack
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
Just saw this thread; yes I can confirm that Mojang no longer sends any kind of telemetry data from the launcher. However, Snooper (PC stats) and Hopper (crash reports) remains as they do not contain personal information.
It seems that they now require you to give privacy permission when you sign up at minecraft.net as shown in this screenshot I took.
I tested out the current account creation on system on their site (though I already have a paid account), by just getting myself a new free email account on mail.com and using that on minecraft.net for my Minecraft account email. And to my shock, they now require you to give permission to collect data (refusing to let you create an account without giving them permission). While they claim that you can change your data collection setting in the launcher, as I showed in this thread's opening post, you actually CANNOT switch it off in the launcher.
So this leaves me with 2 possibilities:
1) The text for the account creation webpage is simply outdated, and all data collection is actually disabled now that the launcher doesn't have that switch.
2) The text for the account creation webpage is simply outdated, and all data collection is now permanently enabled, with no way to turn it off.
It seems that they now require you to give privacy permission when you sign up at minecraft.net as shown in this screenshot I took.
I tested out the current account creation on system on their site (though I already have a paid account), by just getting myself a new free email account on mail.com and using that on minecraft.net for my Minecraft account email. And to my shock, they now require you to give permission to collect data (refusing to let you create an account without giving them permission). While they claim that you can change your data collection setting in the launcher, as I showed in this thread's opening post, you actually CANNOT switch it off in the launcher.
So this leaves me with 2 possibilities:
1) The text for the account creation webpage is simply outdated, and all data collection is actually disabled now that the launcher doesn't have that switch.
2) The text for the account creation webpage is simply outdated, and all data collection is now permanently enabled, with no way to turn it off.
Good job keeping on this…
Clearly, there is at least need for clarification as the response you got is entirely opaque....
While no personal data should be given, it would be useful to know if you where accessing the MS/Mj site from a GDPR country. [Yea or Nay only sufficient.]
(By my understanding of the GDPR requirements, this would not be permissible if the way "You can turn this data collection off from the settings within the game" is not clearly and easily available.. . and perhaps hot then…. )
Rollback Post to RevisionRollBack
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
please remember this forum is not run by Mojang and while some people here do help with Mojang they are not staff, if you want full clarity on the changes and how the GDPR affects you and Mojang then please read the info posted above on minecraft.net, or contact Mojang yourself as they will give you the answers you require
Clearly, there is at least need for clarification as the response you got is entirely opaque....
While no personal data should be given, it would be useful to know if you where accessing the MS/Mj site from a GDPR country. [Yea or Nay only sufficient.]
(By my understanding of the GDPR requirements, this would not be permissible if the way "You can turn this data collection off from the settings within the game" is not clearly and easily available.. . and perhaps hot then…. )
I live in the US. So I don't live where GDPR is the law. However, it is often easier for a company to simply create one GDPR compliant product, and distribute it to all countries, than to create several versions of a product (some versions with more privacy violations outside of GDPR countries, and other versions with less privacy violations that are sold in GDPR countries). So I assume that the launcher's settings, and the website that appears in your browser when you go to minecraft.net, are all the same, no matter what country you are accessing the site from, and no matter what country you are running the launcher from.
I live in the US. So I don't live where GDPR is the law. However, it is often easier for a company to simply create one GDPR compliant product, and distribute it to all countries, than to create several versions of a product (some versions with more privacy violations outside of GDPR countries, and other versions with less privacy violations that are sold in GDPR countries). So I assume that the launcher's settings, and the website that appears in your browser when you go to minecraft.net, are all the same, no matter what country you are accessing the site from, and no matter what country you are running the launcher from.
Mojang are in Sweden which is part of the EU, so they HAVE to comply with GDPR, like EVERY other company in the EU, its not just a case of where they are selling, but where they are located.
If a company is in the EU or has customers in the EU they have to comply with the GDPR, which is why if you follow tech news you will have seem some US sites have temporarily blocked access to EU members while they update to comply
I live in the US. So I don't live where GDPR is the law. However, it is often easier for a company to simply create one GDPR compliant product, and distribute it to all countries, than to create several versions of a product (some versions with more privacy violations outside of GDPR countries, and other versions with less privacy violations that are sold in GDPR countries). So I assume that the launcher's settings, and the website that appears in your browser when you go to minecraft.net, are all the same, no matter what country you are accessing the site from, and no matter what country you are running the launcher from.
I'm quite hoping that this will be the case…
Or, as webrosc thinks, that all MC everywhere will need to comply…
In view of the compliance history of various large corporations (among which MS must be numbered), however, I am not holding my breath….
[There are also caveats in the GDPR that allow collection and retention of some data (eg credit card info to process a purchase, possibly ip & in-game name to prevent vandalism/griefing), but to say the currently reported interface is struggling to meet the GDPR requirements seems very much an understatement.]
Please excuse the ugly formating and lack of multi-quoting; I seem to be unable to access either [BB] or other advances features at this time.
Rollback Post to RevisionRollBack
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
To post a comment, please login or register a new account.
The previous version of the launcher had this settings screen.
However, the current version has this settings screen.
With the removal of the "Allow Mojang to collect user data" switch, does this mean it is PERMANENTLY collecting user data? I sincerely hope not. I hope it means it is disabled forever, rather than enabled forever.
This is especially important, because this upgrade was FORCED. I just started up my launcher today, and without asking me it started updating the launcher. And I can't find ANY settings to disable forced updates either. It seems that with this new launcher all updates are forced, whether you want them or not.
Unfortunately that is both worrisome and apparently too recent for any data on what this is about to be available…
Before panicking, however, I suspect this may be in response to GDPR [EU net privacy rules (qv https://techcrunch.com/2018/01/20/wtf-is-gdpr/ ) ] which is "set to apply across the 28-Member State bloc as of May 25, 2018"
Given some of the requirements in GDPR, the previous data collection switch ('buried' in the settings tab) may have been non-compliant with the new laws. [Each EU country (& Britain) is implementing the EU rules under their own laws. ]
There has already been discussion in various fora about IP & UUID collection in relation to MC & GDPR.
IP addresses seem to be clearly defined as personal data under GDPR; the status of UUIDs is less clear.
Due to the newness of the regulations (and the resulting lack of jurisprudence & precedent) this area is murky at best.
With that in mind Mojang may be making changes to ensure they are in compliance with the GDPR. [Or have at least made a good-faith attempt.]
How GDPR will affect data colection vis-a-vis users outside the EU/Britain is very much in question. [MS (which owns Mojang) is a US based corporation.]
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
-
View User Profile
-
View Posts
-
Send Message
ModeratorMojang is a Swedish company so they will have to comply with the new rules as they are part of the EU. Doesn't matter who the parent company is.
Something of a legal 'niceity', but the point I was trying to convey [without adding too much discussion of legal technicalities] is that there is some question over whether MS (which, as a US corporation, must comply with GDPR only with respect to its EU/British operations [and what exactly that covers is the point of another discussion]) has available a mechanism by which it can collect information from non-EU/British users to whom GDPR restrictions do not [arguably] apply.
What such a mechanism might be is currently unknown.
A larger question is to what degree the complexity/expense of maintaining seperate data collection regiems for GDPR-affected- and non-GDPR affected-users may incline companies to extend GDPR protections to users in circumstances where GDPR compliance is not legally mandated.
I've been looking at GDPR compliance for reasons unrelated to MC and the general situation seems to be a bit of a mess with competing interpretations of various terms and requirements and (as yet, AFAIK) no firm guidelines. (eg. UUIDs are [probably] PII within the GDPR definition, but collection/retention in log files may well fall under "strictly necessary for the purposes of preventing fraud")
All of which moves away from the TL;DR base point that the launcher change may be a neutral or positive event…
[It would, however, have been preferable if MS/Mj had announced the change and explain why it was being made, rather than leaving us to speculate.]
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
From my understanding, this law increases, rather than decreases, the right to privacy. Therefore, it would be more logical for them to make it easier (not harder) for users to opt out of data collection, such as putting the switch on the first tab of the launcher so it would be easier to find. Yet it seems he's doubled down on collecting data, completely REMOVING the switch, so as to make it impossible to disable data collecting. That is, unless I'm understanding this wrong, and he has actually completely removed the data collection feature so that there's no more need for the switch. Yet if that were the case, it would seem something he would want to advertise to the public, as a way of bolstering consumer confidence that his app isn't stealing their personal info. But that's not what's happened. Instead, Mojang hasn't mentioned anything at all about the removal of that switch, as if they are carrying out a cover-up and trying to hide the fact that they removed it. This leaves me to believe that indeed he may be continuing to (now without the ability to disable it) collect our personal info, in direct defiance of these new stricter EU privacy laws. Almost as if he's mad at the new laws so he's blatantly defying them in an act of protest, at the expense of us, the users of the software.
quote=Videogamer555
From my understanding, this law increases, rather than decreases, the right to privacy. Therefore, it would be more logical for them to make it easier (not harder) for users to opt out of data collection, such as putting the switch on the first tab of the launcher so it would be easier to find. Yet it seems he's doubled down on collecting data, completely REMOVING the switch, so as to make it impossible to disable data collecting. That is, unless I'm understanding this wrong, and he has actually completely removed the data collection feature so that there's no more need for the switch [emphasis added]. Yet if that were the case, it would seem something he would want to advertise to the public, as a way of bolstering consumer confidence that his app isn't stealing their personal info. But that's not what's happened. Instead, Mojang hasn't mentioned anything at all about the removal of that switch, as if they are carrying out a cover-up and trying to hide the fact that they removed it. This leaves me to believe that indeed he may be continuing to (now without the ability to disable it) collect our personal info, in direct defiance of these new stricter EU privacy laws. Almost as if he's mad at the new laws so he's blatantly defying them in an act of protest, at the expense of us, the users of the software.
My guess is that the emphasised alternative is correct and data collection has been removed (at least temporarily while the particulars of the GDPR are still evolving).
I agree that an announcement explaining the change would have been appreciated, but MS/Mj may have a different read on the public relations climate.
As to secretly continuing data collection: if this was two kids publishing out of Mom's garage, I might believe it; for a company with the size and profile of MS/Mj to attempt such a stunt would be passing idiocy. [Granting the VW emmissions cheating scandal indicates that even large companies are capable of acts of unfathomable stupidity, I don't think that would be the way to bet.]
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
-
View User Profile
-
View Posts
-
Send Message
Retired StaffJust saw this thread; yes I can confirm that Mojang no longer sends any kind of telemetry data from the launcher. However, Snooper (PC stats) and Hopper (crash reports) remains as they do not contain personal information.
See this FAQ for more information.
#minecrafthelp Channel Manager
<@Notch> whoa, rude language, behave
<@LG_Legacy> Oh relax notch, I'm never serious >_>
<@Notch> I DON'T CARE!!
@Notch runs away, crying
<@LG_Legacy> I made god cry? o_O"
It seems that they now require you to give privacy permission when you sign up at minecraft.net as shown in this screenshot I took.
I tested out the current account creation on system on their site (though I already have a paid account), by just getting myself a new free email account on mail.com and using that on minecraft.net for my Minecraft account email. And to my shock, they now require you to give permission to collect data (refusing to let you create an account without giving them permission). While they claim that you can change your data collection setting in the launcher, as I showed in this thread's opening post, you actually CANNOT switch it off in the launcher.
So this leaves me with 2 possibilities:
1) The text for the account creation webpage is simply outdated, and all data collection is actually disabled now that the launcher doesn't have that switch.
2) The text for the account creation webpage is simply outdated, and all data collection is now permanently enabled, with no way to turn it off.
Good job keeping on this…
Clearly, there is at least need for clarification as the response you got is entirely opaque....
While no personal data should be given, it would be useful to know if you where accessing the MS/Mj site from a GDPR country. [Yea or Nay only sufficient.]
(By my understanding of the GDPR requirements, this would not be permissible if the way "You can turn this data collection off from the settings within the game" is not clearly and easily available.. . and perhaps hot then…. )
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.
-
View User Profile
-
View Posts
-
Send Message
Moderatorplease remember this forum is not run by Mojang and while some people here do help with Mojang they are not staff, if you want full clarity on the changes and how the GDPR affects you and Mojang then please read the info posted above on minecraft.net, or contact Mojang yourself as they will give you the answers you require
I live in the US. So I don't live where GDPR is the law. However, it is often easier for a company to simply create one GDPR compliant product, and distribute it to all countries, than to create several versions of a product (some versions with more privacy violations outside of GDPR countries, and other versions with less privacy violations that are sold in GDPR countries). So I assume that the launcher's settings, and the website that appears in your browser when you go to minecraft.net, are all the same, no matter what country you are accessing the site from, and no matter what country you are running the launcher from.
-
View User Profile
-
View Posts
-
Send Message
ModeratorMojang are in Sweden which is part of the EU, so they HAVE to comply with GDPR, like EVERY other company in the EU, its not just a case of where they are selling, but where they are located.
If a company is in the EU or has customers in the EU they have to comply with the GDPR, which is why if you follow tech news you will have seem some US sites have temporarily blocked access to EU members while they update to comply
O O F, we just got "we've updated our privacy policy'd" yet again.
Discord: Ryzen_1600#7458
I'm quite hoping that this will be the case…
Or, as webrosc thinks, that all MC everywhere will need to comply…
In view of the compliance history of various large corporations (among which MS must be numbered), however, I am not holding my breath….
[There are also caveats in the GDPR that allow collection and retention of some data (eg credit card info to process a purchase, possibly ip & in-game name to prevent vandalism/griefing), but to say the currently reported interface is struggling to meet the GDPR requirements seems very much an understatement.]
Please excuse the ugly formating and lack of multi-quoting; I seem to be unable to access either [BB] or other advances features at this time.
WARNING: I have an extemely "grindy" playstyle; YMMV — if this doesn't seem fun to you, mine what you can from it & bin the rest.