[WBL] MOSS Anti-cheat
- Thread starter ๖Kern
- Start date
Users who are viewing this thread
- Personally reach out to the captains, as you're changing a rule after sign-ups.
- Make clear what information exactly is recorded (their site has features, but no explicit mention of which data is recorded)
- Establish rules on the use of this data. This includes how long the data is stored, what will be done with the data, who can access it and so on.
Privacy is a perfectly valid complaint and the use of data is hairy. I'm quite worried about data abuse in this context. Irresponsible use of data stems from a lack of knowledge, not a lack of trustworthiness. I'd personally say that data abuse is quite likely considering the responses from the admins on this topic. Overall, I'd advise against using this measure.
EDIT: Read Fozzy's post below instead, it's way better
Rolling this out the week of the tournament is dumb.
This is the sort of thing as a community we should all want to be getting right. It sounds like as a programme it can achieve the goal of identifying cheaters in the scene. But at the same point there is genuine privacy concerns, which can probably be solved by just having it take screenshots in game, not of your entire desktop.
Eitherway, when the potential that individuals can unwittingly disclose personal information we should be more cautious than implementing it a day or so before matches begin.
I know I will certaintly forget i've got it running and will go on facebook, or watch a stream or something whilst i'm benched.
Let's say that happens. Currently you've provided no information on the process for notifying the admin team as to the data breach, how quickly that will be responded to, how the information will be deleted and what methods you have in place to ensure that no one else can access that personal information between it being noticed and you taking it down.
It seems from what others have said that everyone in the warband community has access to view those files? What is the process if someone takes down my personal information before the admin team have been able to remove the file? What even is the process for removing a file? Who is liable for the data breach in that instance? Is it MOSS? Is it the Tournament Admins? Is it Taleworlds?
Add into that you're straying into murky territory with the GDPR (which will be live from the end of May). Does this tournament count as an organisation? If so are they held accountable for how personal information is stored? If so and there is a breach which leads to damages (lets say for example my facebook gets leaked, someone then starts spamming me and my friends with abusive messages) who pays the Compensation under the GDPR if it is applicable? Again, is it MOSS? is it Taleworlds? Is it the tournament Admins?
Since i'm in the UK am I protected by the Data Protection Act? Lets say the Data protection act is applicable, who pays the fine for my personal data being published?
You get the picture.....the potential for a personal data breach is not something anyone should be taking lightly or just dismissing.
Also before anyone bothers to come in saying "just don't do anything that will give your personal information away"........doesn't matter. If these laws do apply then they need to have these measures in place regardless. It's the data controller/ holder's responsibility to a) only collect the information they have said they will collect, b) have measures in place to stop any data breach from occuring and mitigate any potential breaches.
I'm not saying the GDPR or Data Protection act would apply in this instance..........it all hinges on the definition of an organisation I guess, you'd probably need a lawyer to advise you on that. Personally, if I was organising this tournament/ the implementation of this then I would assume the laws did apply unless a lawyer told me otherwise.....the fines are a bit too large to be taking risks. Therefore you'd need to have measures in place to ensure you adhere to it.
Welcome to the fun filled world of potentially dealing with personal information
.
This is the sort of thing as a community we should all want to be getting right. It sounds like as a programme it can achieve the goal of identifying cheaters in the scene. But at the same point there is genuine privacy concerns, which can probably be solved by just having it take screenshots in game, not of your entire desktop.
Eitherway, when the potential that individuals can unwittingly disclose personal information we should be more cautious than implementing it a day or so before matches begin.
I know I will certaintly forget i've got it running and will go on facebook, or watch a stream or something whilst i'm benched.
Let's say that happens. Currently you've provided no information on the process for notifying the admin team as to the data breach, how quickly that will be responded to, how the information will be deleted and what methods you have in place to ensure that no one else can access that personal information between it being noticed and you taking it down.
It seems from what others have said that everyone in the warband community has access to view those files? What is the process if someone takes down my personal information before the admin team have been able to remove the file? What even is the process for removing a file? Who is liable for the data breach in that instance? Is it MOSS? Is it the Tournament Admins? Is it Taleworlds?
Add into that you're straying into murky territory with the GDPR (which will be live from the end of May). Does this tournament count as an organisation? If so are they held accountable for how personal information is stored? If so and there is a breach which leads to damages (lets say for example my facebook gets leaked, someone then starts spamming me and my friends with abusive messages) who pays the Compensation under the GDPR if it is applicable? Again, is it MOSS? is it Taleworlds? Is it the tournament Admins?
Since i'm in the UK am I protected by the Data Protection Act? Lets say the Data protection act is applicable, who pays the fine for my personal data being published?
You get the picture.....the potential for a personal data breach is not something anyone should be taking lightly or just dismissing.
Also before anyone bothers to come in saying "just don't do anything that will give your personal information away"........doesn't matter. If these laws do apply then they need to have these measures in place regardless. It's the data controller/ holder's responsibility to a) only collect the information they have said they will collect, b) have measures in place to stop any data breach from occuring and mitigate any potential breaches.
I'm not saying the GDPR or Data Protection act would apply in this instance..........it all hinges on the definition of an organisation I guess, you'd probably need a lawyer to advise you on that. Personally, if I was organising this tournament/ the implementation of this then I would assume the laws did apply unless a lawyer told me otherwise.....the fines are a bit too large to be taking risks. Therefore you'd need to have measures in place to ensure you adhere to it.
Welcome to the fun filled world of potentially dealing with personal information
.
Honestly hilarious that people bring up GDPR and data protection. GDPR does not apply as we're not a company/organisation. Data protection is covered in that it is gathered with consent (you send it to us), the goal is not identifying information (any names or addresses given will be your mistake, not MOSS - you may as well send me a picture of your passport unasked and then claim I need to be responsible with the data), etc. Beyond any "fines" for an informal community tournament or other ludicrous ideas.
Suggestions for how long data will be held, if personal information is identified how will we respond etc is all good ideas however. Please keep this within the realms of possibility (or prepare to sue us in European court, up to you I guess).
Suggestions for how long data will be held, if personal information is identified how will we respond etc is all good ideas however. Please keep this within the realms of possibility (or prepare to sue us in European court, up to you I guess).
The point is not so much that you fall under GDPR or data protection laws, but that it's murky legally and should definitely not be implemented in a rushed manner (as it seems currently).
- Have a central data point and establish guidelines on how long admins should retain their local copies. Prevent admins from having local copies sit in their downloads folder for years for example.
- Have a central data point and establish guidelines on how long admins should retain their local copies. Prevent admins from having local copies sit in their downloads folder for years for example.
It doesn't matter if it was my mistake. There needs to be clearly defined and published measures in place to remove the personal data from public access. That is my main point in that instance. All of those process etc should be clearly outlined, not figured out the night before people are supposed to start using this programme.
As for the Data protection = consent stuff. You've misunderstood the law. Just because i've sent it over does not actually mean that is the data I consented you to see, you're opening yourself up to unnecessary legal challenges, that's not even touching on the whole sharing to the entire internet part of it all. Before you collect any information you need to be specifying exactly what information you'd be gathering, who you're sharing it with (and why), then get each person's consent.
I clearly didn't stress enough.........I'm not saying GDPR and the Data Protection Act WILL apply. Just that depending on who is holding the data (which we still have not been told), it COULD apply.
I wanted to make the point that you should not be cavalier about personal data.....which a fair few people were doing. There are risks and resposibilities involved.
As for the Data protection = consent stuff. You've misunderstood the law. Just because i've sent it over does not actually mean that is the data I consented you to see, you're opening yourself up to unnecessary legal challenges, that's not even touching on the whole sharing to the entire internet part of it all. Before you collect any information you need to be specifying exactly what information you'd be gathering, who you're sharing it with (and why), then get each person's consent.
I clearly didn't stress enough.........I'm not saying GDPR and the Data Protection Act WILL apply. Just that depending on who is holding the data (which we still have not been told), it COULD apply.
I wanted to make the point that you should not be cavalier about personal data.....which a fair few people were doing. There are risks and resposibilities involved.
Nobody is forcing anyone to join a tournament that requires its players to use anti-cheat.
enjoy all the ducked up **** ur gonna see when i'm tabbed out.
enjoy all the ducked up **** ur gonna see when i'm tabbed out.
No, you're muddying the waters with unnecessary legal matters that don't apply, or at the very least would only apply in the case of a legal challenge (from? against?), then waving your hands and saying they "might" apply. They don't. The system is clear enough regarding who is looking through the data (admin team), the data you're sending over is the data you're consenting us to see and it's by now been made very clear what the limitations of the collection are, there's no legal contract being formulated, and the data will be deleted most likely within a week. Not only does the data protection act not apply here since how a legal challenge or responsibility could be laid is unclear, if it did apply the proposed plan would be fully in line with the Act beyond any one taking info and causing harm with it, in the unlikely event of which you're welcome to press charges against them.
If you want to discuss how the admin team will actually work feel free, despite my replies to Fietta I've no interest in pretending it's a non-serious issue that we might end up with some unwanted personal info and anyone on the team should be committed to handling it responsibly, but we need to stop pretending legal issues are a serious barrier here.
If you want to discuss how the admin team will actually work feel free, despite my replies to Fietta I've no interest in pretending it's a non-serious issue that we might end up with some unwanted personal info and anyone on the team should be committed to handling it responsibly, but we need to stop pretending legal issues are a serious barrier here.
ye u were really rood to me
OurGloriousLeader said:
Yes.....exactly.....I'm telling you that there are legal matters which MIGHT apply. I'm not saying someone's going to take you to court, I'm just saying they could if things go wrong and you have not covered all of the correct bases. Getting all pissy because someone is not likely to actually do so, doesn't negate any of what I said. I don't have the time and energy and, quite frankly, I don't like you enough to bother going through all that is wrong with your assumptions on the law relating to this. Although I will say you have grossly misunderstood who is responsible in the event of a data breach.
I've pointed out there are issues here, you may or may not have considered them before I did that, you have now accepted them and choosen to gamble on it not applying or if it does, that no-one has the funds, knowledge or energy to take you to court if something does go wrong, which are perfectly fine odds I'm sure.
I've done my bit it as far as I'm concerned.
Are you outie then? You had the time and energy to ineffectually bring the topic up at least.
@Watly In the hands of Kern and Deacon I assume but I'll speak to them.
@Watly In the hands of Kern and Deacon I assume but I'll speak to them.
Just played a pickup match with MOSS, got 1 pic of discord cuz I tabbed out a few times, but overall about 60 screenshots from ingame at very random times. After doing this, It's easy to run and doesn't cause lag, I'd be willing to use it on one condition.
The condition being: the person looking through the screenshots is a trusted person (e.g. Deacon, Charlini, OGL, Scar, and a few other names.) I would like the names of the reviewers to be published before I will use it.
The condition being: the person looking through the screenshots is a trusted person (e.g. Deacon, Charlini, OGL, Scar, and a few other names.) I would like the names of the reviewers to be published before I will use it.
Surkan said:
You probably didn't even ask your members.
he did fietta stop talking already please
EastEndElite
Regular
Fietta how about you just admit to using hacks and we can end this discussion here
Because id gladly use the software with better security.
