If you have not already, we suggest setting your Plex username to something else rather than email which is displayed on your posts in forum. You can change the username at https://app.plex.tv/desktop#!/account
Welcome to our forums! Please take a few moments to read through our Community Guidelines (also conveniently linked in the header at the top of each page). There, you'll find guidelines on conduct, tips on getting the help you may be searching for, and more!

Plex ignoring GDPR which comes into force on 25th May 2018

245678

Answers

  • Elijah_BaleyElijah_Baley Posts: 4,977Members, Plex Pass Plex Pass

    @NewPlaza said:

    @Elijah_Baley said:

    @NewPlaza said:
    I mean, it goes right back to this little question. How do you keep a secret among 3 friends?

    The best way to keep a secret is to tell no one.
    The second best way is to tell one other person.
    There is no third best way.

    I "think" I first heard that on NCIS said by Abby Sciuto (Pauley Perrette)

    My thoughts were to kill the other two.

    Of course there is another way:
    Tell so many lies so that when the truth emerges it is not believed or recognized.
    Where is that practiced (or even perfected) the most?

    But all this is pretty far off the original topic. But MUCH more fun. ;)

    “The basic tool for the manipulation of reality is the manipulation of words. If you can control the meaning of words, you can control the people who must use them.” Philip K. Dic*k (This STUPID forum software does not allow a perfectly valid last name, hence the unusual looking formating)

    From a High School paper on Greek Philosophers:
    "Socrates was a famous Greek teacher who went around giving people advice. They killed him. Socrates died from an overdose of wedlock."

  • JamminRJamminR Posts: 3,482Members, Plex Pass Plex Pass
    edited April 17

    @Elijah_Baley - The fact many of us just lay back and take it is what I find most disturbing.
    I refuse to give up my tin foil hat, but, yes, I'm not idiotic enough to believe I'm not being sold to the highest bidder.
    Plex keeps saying they don't want to know what we watch but, there are tons of forum questions/complaints about our managed accounts not being cached/able to log in when an internet outage occurs.

    I'm in hopes laws like GDPR will help restrict globally, not just for Plex EU customers.
    High hopes, sure, but legitimate hopes just the same.
    Worst case, Plex gets fined big money some time after due date, fights, loses, goes out of business.

    Due to the always on requirement, we'd all be screwed.

    Server - HW: I7-4790K(Haswell), 16GB - SW: Win10 Pro + PMS v1.13.0.5003
    Misc. HW: HDHR Extend + 2TB RAID1(Intel Z87) + 4x4TB RAID5(QNAP TS-653Pro)
    Shares - From: 2  - To: 18(5) - Potential lifetime PlexPass data generating product customer!
    ISP: ~20mbps up/1TB monthly "cap" - (Monthly avg. xfer ~450gb)
    Search the Plex WIKI before asking silly questions.
    Plex stuff I favor - Tautulli - UASv3 - PlexEmail - FMoviesPlus
  • NewPlazaNewPlaza Posts: 1,754Members, Plex Pass Plex Pass

    @Elijah_Baley said:
    But all this is pretty far off the original topic. But MUCH more fun. ;)

    Maybe somewhat. I was just stating nothing is private/secret if more than one person knows.
    And our privacy is in the hands of a company. 87 million people just found out the reality of this.

  • abssorbabssorb Posts: 20Members ✭✭
    Accepted Answer

    GDPR is already in force and has been since Mar 2016. What's happening on May 25th is enforcement actions will start.

    These are not just words and GDPR has real teeth. The EU has had enough of the lawyers weaving small-print magic to try and extract people's private data from them with double meanings and automatic opt-in buried in 10 pages of T&C that no-one reads. That all ends on 25th May. And any past data harvested in this way becomes unusable 25th May.

    Not singling out the poster, but this is an often held perspective:

    They own you nothing, no explanation, no time table, no ETA, squat. When they are ready to give that information, they will. YOU can't do sht about it nor can you do sht to them(aside from discontinuing the use of their products and services) until that day, so why harass them.

    That's how it used to be. The company had all the power and the user could either swallow unfair T&C or leave.

    But now the governments have stepped in and flipped it. Now the user has the power. Companies must treat the user fairly, recognise that you cannot overule statutes and comply. The companies can't do sh*t about it, apart from stop trading in the EU.

    One thing that all businesses need to be ready for, is that a psuedo-DDOS type activity could hit them. Any member of the public can make a Subject Access Request. If a company has a particularly bad reputation, it's an easy thing for a group to arrange to swamp them with SARs on 26th May, which they cannot ignore.

  • Trotter999Trotter999 Posts: 101Members, Plex Pass Plex Pass
    edited April 17

    @abssorb said:
    GDPR is already in force and has been since Mar 2016. What's happening on May 25th is enforcement actions will start.

    These are not just words and GDPR has real teeth. The EU has had enough of the lawyers weaving small-print magic to try and extract people's private data from them with double meanings and automatic opt-in buried in 10 pages of T&C that no-one reads. That all ends on 25th May. And any past data harvested in this way becomes unusable 25th May.

    Not singling out the poster, but this is an often held perspective:

    They own you nothing, no explanation, no time table, no ETA, squat. When they are ready to give that information, they will. YOU can't do sht about it nor can you do sht to them(aside from discontinuing the use of their products and services) until that day, so why harass them.

    That's how it used to be. The company had all the power and the user could either swallow unfair T&C or leave.

    But now the governments have stepped in and flipped it. Now the user has the power. Companies must treat the user fairly, recognise that you cannot overule statutes and comply. The companies can't do sh*t about it, apart from stop trading in the EU.

    One thing that all businesses need to be ready for, is that a psuedo-DDOS type activity could hit them. Any member of the public can make a Subject Access Request. If a company has a particularly bad reputation, it's an easy thing for a group to arrange to swamp them with SARs on 26th May, which they cannot ignore.

    I am also concerned that Plex Employee's do not appear to be taking GDPR seriously, no response at all from any Plex Employee's about when they will be in compliance with GDPR, but time is running out, and I am not sure they are fully compliant with GDPR at the moment.

    @BigWheel said:
    We are working towards being in compliance when it goes into effect. Nothing else to share at this time.

  • Trotter999Trotter999 Posts: 101Members, Plex Pass Plex Pass

    @BigWheel said:

    @Trotter999 said:
    I am also concerned that Plex Employee's do not appear to be taking GDPR seriously, no response at all from any Plex Employee's about when they will be in compliance with GDPR, but time is running out, and I am not sure they are fully compliant with GDPR at the moment.

    We be in compliance when it is required of us to be as I stated.

    What date will that be, that Plex is in compliance?

  • BigWheelBigWheel Posts: 10,245Members, Plex Employee, Plex Pass, Plex Ninja Plex Employee

    @Trotter999 said:

    @BigWheel said:

    @Trotter999 said:
    I am also concerned that Plex Employee's do not appear to be taking GDPR seriously, no response at all from any Plex Employee's about when they will be in compliance with GDPR, but time is running out, and I am not sure they are fully compliant with GDPR at the moment.

    We be in compliance when it is required of us to be as I stated.

    What date will that be, that Plex is in compliance?

    may 25. maybe before.

    Logs > https://support.plex.tv/articles/201869908-log-files/
  • Trotter999Trotter999 Posts: 101Members, Plex Pass Plex Pass
    edited April 17

    @BigWheel said:

    @Trotter999 said:

    @BigWheel said:

    @Trotter999 said:
    I am also concerned that Plex Employee's do not appear to be taking GDPR seriously, no response at all from any Plex Employee's about when they will be in compliance with GDPR, but time is running out, and I am not sure they are fully compliant with GDPR at the moment.

    We be in compliance when it is required of us to be as I stated.

    What date will that be, that Plex is in compliance?

    may 25. maybe before.

    I think it should be before the 25th May, as that is the date that GDPR kicks in.

    So based on your response, Plex have no interest in complying with GDPR?

    Would like a response before I refer your comments to Social Media?

  • abssorbabssorb Posts: 20Members ✭✭
    edited April 18

    Actually there's no requirement for organisations to publish their progress. Plex's obligations under GDPR become enforceable on 25th May, whether it meets their plans or not. If you want to know if they made your data safe, you just need to ask them on 26th May for a copy of your data. You can also ask if it's held in a way that's compliant with GDPR. A Yes/no answer is probably fine.

    Pro Tip: When someone asks for a copy of their personal data - don't sent it to them as plain text in an email.... ;)

    Sorry if this is TL;DR, it's stuff I work with. I've had a quick look through https://www.plex.tv/about/privacy-legal/ and it seems fine to me. It doesn't have to use the words GDPR, and I can't see any big issues myself.

    The section on children is v. good and already GDPR compliant. Opt out options need review. But in general it looks in pretty good shape..

    It wouldn't take much effort by Plex GMBH to make it compliant. Being reasonable, although the deadline is a hard deadline, the various governing bodies are not going to start kicking doors down on 25th May. They'll act on complaints. Also if a company can demonstrate that they have made a good start to be compliant, if not going to matter if it's a few days late, as long as they start replying to SARs.

    Worst case is if something very unfortunate happens, for instance, if there was a data breach on 1st June, then it would be indefensible to have not been ready.

    Plex has a Switzerland presence but might be useful for others reading this from USA and other non-EU countries.....
    https://www.forbes.com/sites/forbestechcouncil/2017/12/04/yes-the-gdpr-will-affect-your-u-s-based-business/#71aee51e6ff2

  • Trotter999Trotter999 Posts: 101Members, Plex Pass Plex Pass

    @abssorb said:
    Actually there's no requirement for organizations to publish their progress. Plex's obligations under GDPR become enforceable on 25th May, whether it meets their plans or not. If you want to know if they made your data safe, you just need to ask them on 26th May for a copy of your data. You can also ask if it's held in a way that's compliant with GDPR. A Yes/no answer is probably fine.

    Yes, but currently, if you ask for data that Plex hold on you, would you get it in the timeframes that GDPR would enforce?

  • abssorbabssorb Posts: 20Members ✭✭

    My interest in this is I would like Plex to continue providing services in Europe, for which compliance is a good thing.

    If you have a specific personal agenda, I can't help you with it.

  • NewPlazaNewPlaza Posts: 1,754Members, Plex Pass Plex Pass

    @BigWheel said:

    @Trotter999 said:

    @BigWheel said:

    @Trotter999 said:
    I am also concerned that Plex Employee's do not appear to be taking GDPR seriously, no response at all from any Plex Employee's about when they will be in compliance with GDPR, but time is running out, and I am not sure they are fully compliant with GDPR at the moment.

    We be in compliance when it is required of us to be as I stated.

    What date will that be, that Plex is in compliance?

    may 25. maybe before.

    That's Classic.. I love this answer, lol! Thanks for the laugh.
    There you go folks, the mystery is no more.

  • marcelhehlemarcelhehle Posts: 444Members, Plex Pass Plex Pass

    Currently Plex is NOT GDPR compliant.

    I was in contact with Scott Olechowski some months ago about deleting unnecessary and/or wrong personal data. His response was completely ignoring my request and mostly just plain arrogant.

    We'll be having a 2nd try on May 26th. >:)

    And yes, GDPR has teeth. The EU is sick of dodgy lawyers trying to get away with all sort of tricks. They want to drain that swamp once and for all. So they deliberately accept that some companies will go bankrupt. But then again that will happen for a reason and for the greater good of the European people. Enough is enough ... how many more Cambridge Analytica scandals do we want to have?!?!

  • marcelhehlemarcelhehle Posts: 444Members, Plex Pass Plex Pass

    @abssorb said:
    My interest in this is I would like Plex to continue providing services in Europe, for which compliance is a good thing.

    If you have a specific personal agenda, I can't help you with it.

    It's not about providing services in Europe. It's about handling data of European customers. As long as they have a single European in their database and don't respect his right of privacy they can be held responsible for it. Furthermore as a Swiss based company Plex will be headquartered awfully close to the EU. Switzerland is landlocked and surrounded by EU countries and about 70% of it's foreign trade is with the EU. They won't harbor criminal companies.

  • Elijah_BaleyElijah_Baley Posts: 4,977Members, Plex Pass Plex Pass

    @marcelhehle said:
    ...
    And yes, GDPR has teeth. The EU is sick of dodgy lawyers trying to get away with all sort of tricks. They want to drain that swamp once and for all. So they deliberately accept that some companies will go bankrupt. But then again that will happen for a reason and for the greater good of the European people. Enough is enough ... how many more Cambridge Analytica scandals do we want to have?!?!

    So they want only their lawyers to directly benefit! Of course, like virtually all laws in the business world it is mainly a case of "Their lawyers will get rich and our lawyers will get rich and the consumer will get screwed." Laws acting at the corporate level almost never have the desired effect and even more rarely actually help the consumer. What happens most of the time is the consumer ends up paying for another effectively impotent layer of bureaucracy.

    I am sure Plex will try as much as possible to be in compliance when the time comes but I am also sure that the law, which was written by people whose main drive is to maintain the cash cow that the law (About any law) is for lawyers, is sufficiently ambiguous so that no one can be exactly sure what it means in any given part.

    Legal language is a lot like poetry: "The art of obscuring meaning with language."

    “The basic tool for the manipulation of reality is the manipulation of words. If you can control the meaning of words, you can control the people who must use them.” Philip K. Dic*k (This STUPID forum software does not allow a perfectly valid last name, hence the unusual looking formating)

    From a High School paper on Greek Philosophers:
    "Socrates was a famous Greek teacher who went around giving people advice. They killed him. Socrates died from an overdose of wedlock."

  • NewPlazaNewPlaza Posts: 1,754Members, Plex Pass Plex Pass

    You know, the more I read about the GDPR the more I see you folks being screwed. This is going to be just another TOS and if you don't agree then you can't continue to use PLEX and services.
    PLEX Inc, has no obligations to you other that the new GDPR so you could face a dilemma come May 25. I mean, the Wiki article reads like any TOS agreement but what I gather is, this is more of a "right to know" and "right to delete".
    Cause the way I'm understanding it is, you(EU citizens), can still "opt-in" and allow companies to do as they please with your information w/ accordance to the new GDPR regulation of course.

    My question is for all my distant EU neighbors friends. What will you get out of this new GDPR regulation?
    How is this going to affect your daily life, or more importantly, the use of PLEX and any of it's services.

  • abssorbabssorb Posts: 20Members ✭✭
    edited April 18

    I have a confession. I was completely ignorant of any controversial TOS changes in 2017. Completely passed me by as I'm not a regular forum user. But thinking I was missing something I searched and found https://forums.plex.tv/discussion/283745/new-privacy-policy-is-bullshit

    So now I realise why there is such tension. It's still the case that there is nothing anyone can reasonably do until 26th May.

    Re the statistics, removing opt out will be illegal under GDPR unless the data is heavily anonymised. And users have the right to check this is the case. If the checks are not satisfactory, then - well in the UK, the ICO can step in, as they did recently with Cambridge Analytica. They would act on complaints.

    @NewPlaza said:

    My question is for all my distant EU neighbors friends. What will you get out of this new GDPR regulation?
    How is this going to affect your daily life, or more importantly, the use of PLEX and any of it's services.

    My view - Ownership of your own data has just become a human right.

  • marcelhehlemarcelhehle Posts: 444Members, Plex Pass Plex Pass

    @NewPlaza said:
    My question is for all my distant EU neighbors friends. What will you get out of this new GDPR regulation?
    How is this going to affect your daily life, or more importantly, the use of PLEX and any of it's services.

    The company offering me the service needs to offer me a Opt-In. Plex currently offers Opt-Out. This means out of the box the company is not allowed to gather any data that is not necessary for providing the service. E.g. Plex told us: "We gather general data about your media consumption like length of the movie and file-type". Filetype would be necessary for Pex to know, length not.
    Also the Opt-In needs to be given for each and every different use of the data. Like if I opt-in to send analytics data, I need to opt-in a second time if Plex wants to sell that data to another company.

    Then there's the "right to be forgotten": at any given time I can request deletion of all my personal data that is not necessary to provide the service. My login would be necessary for Plex to know. And my credit card number. But not the file-type of the movie I watched yesterday. In theory I could demand deletion of my data on a daily basis.

    Right to know: at any time I can demand that any data is presented to me

    Privacy by design: Plex would have to take any industry-typical precautions to protect my data. A breach on the forum like a few years ago ... non bueno! Unencrypted data out in the open ... non bueno! And so on, and so on

    And how this is really going to affect my personal life: if the next scandal on facebook happens, I won't have to call a lawyer, the European Union's authorities will take care and resolve the case. 4% of annual turnover ... that's about 1.5 billion USD in fines for Facebook.
    For Plex? Don't know ... the EU won't bother much because Plex is too small. They will investigate if a complaint is raised which might eventually lead to a 20 million fine. Frankly, I don't care how Plex will handle that. I just don't like their attitude of spying on us users. So if it happens, I won't mind.

    In a nutshell GDPR is the EUs regulation around exactly this questions:
    https://youtube.com/watch?v=ahhAdMOP48Y

  • marcelhehlemarcelhehle Posts: 444Members, Plex Pass Plex Pass

    @NewPlaza said:
    You know, the more I read about the GDPR the more I see you folks being screwed. This is going to be just another TOS and if you don't agree then you can't continue to use PLEX and services.

    The GDPR is federal law. There is no "not agree". The only solution to avoid it would be that Plex deletes every European' client's account. But that would bring another problem: I have a lifetime pass

  • NewPlazaNewPlaza Posts: 1,754Members, Plex Pass Plex Pass

    That's very interesting. It's going to get to a point where there are "two" PLEXs, or "two" facebooks, or two whatever etc....
    People are gonna wonder why their PLEX isn't as good as the neighbor across the street.
    Turns out the neighbors PLEX is better because he chose to "opt-in" on all the services PLEX has.
    An example of this could be (BUT NOT LIMITED TO), watched status gone, OnDeck gone, ContinueWatching gone...

Sign In or Register to comment.