The topic of this discussion has nothing to do with GDPR.
1 Like
Sorry, OttoKerner but your position as Moderator, makes your opinion on the subject, subjective / It simply makes your opinion disqualified.
You are to closely assosiated with Plex.
Do you have any education or audit experiance into ISO 27001/27002 or GDPR?
Do you?
Or are you only wielding the GDPR as a big stick to drive your point home?
I actually do have audit experiance and I do know a bit about both GDPR and ISO 27001/2.
Now that I answerd your question, please answer mine!?
What was our question?
This topic is about the automatic assignment of usernames to accounts, which didnât have usernames before.
Nothing else.
3 Likes
@OttoKerner Sorry, but you are only partly correct, this topic is about why we were forced to use âpublic (internet-based)â usernames on our account for an internal networked server.
Due to me asking this, some other (concerning) information has come to light by the fact that the names must be unique due them being discoverable by anyone with a plex.tv account and we cannot opt-out of being publicly searchable in the plex.tv database.
So this thread has highlighted the fact that plex has not been completely transparent about what our plex.tv accounts are used for and any potential impact of that use on our expected security and privacy is.
I also want to remind everyone that this is all related to an on-premise media server, albeit with a few online components being introduced over time, so expecting to not have anyone search our usernames and find them for our on-premise installation admin accounts, sounds perfectly reasonable to me.
1 Like
Sorry, I disagree. You are now trying to make it about that.
A Plex account is just that. An account for Plex.
As such, it lives on plex.tv
You may not like it, but there were reasons, why the architecture was designed that way.
Without the centralized login to plex.tv, it would be much more complicated to have e.g. one account, but several servers.
It makes it possible to keep your account if you set up a new server instance. (Instead of having to try and salvage the user database from a possibly damaged hard drive from the old server.)
Keep also in mind that each user you might be sharing your server with, isnât necessarily your exlusive sharee. The user might have also shares from other Plex server admins. And he can access them all at once in his Plex client(s).
And so can you, if you do mutual sharing with other Plex server owners.
If you wanted to build the same functionality without a centralized user account repository, itâd be much more complicated (and probably impossible if you want to use a rather restricted client hardware).
And of course the central instance plex.tv not only holds the user accounts, but serves also as a one-stop shop for external clients to actually find their server(s). Without the need for the server admin go out and buy a domain name, set up a DynDNS etc.pp.
So. This is why there are âPlex accountsâ and not just accounts for each local server instance.
@OttoKerner I donât want to argue semantics and lose sight of what has been a really enlightening and constructive engagement with Plex, but it is literally the second line on the first post.
I further encourage you to read through all my responses as I have never said I have an issue with the plex.tv account (I have had a Plex account for over 10 years) and the advantages of having it cloud-hosted, I have an issue with MY plex.tv account being discoverable by EVERY other plex.tv account, this is not a social network (and even social networks have an opt-out of other registered users discovering them)
2 Likes
Personally, I agree with you on that detail.
I am quite sure it will be addressed.
For those who have a PLEX pass, and share their content with friends, there is a list of users and what is shared.
Now that list of users/friends is displaying the newly fabricated/generated PLEX Username.
This is not about us, it is about others, our âfriendsâ, who, in a lot of cases, created a free Plex account just so we could share our library with them.
I had to know their email already to invite them!
Now with this change I can no longer see the email OR easily identify which friend is which.
The real issue here is, that to resolve the display name, each user has to modify their account.
BUT-
I can no longer see their email address so I am unable to email them to ask them to make the necessary changes!
I received a couple of dozen messages from friends about this. They used throw-away email address to create their plex accounts so had no idea why plex thrust this unwanted changed upon them.
Plex just seems to keep on trying really hard to push some users to Jellyfin. So i guess itâs time to have my users switch to Jellyfin and Iâll say buh-bye to plex.
Thanks plex, itâs been a slice!
The forum breach of our old forum software happened in July of 2015 before afaik GDPR was enforced, but I am not a lawyer and am not going to get into a legal debate about it.
We did announce it when it happened https://www.plex.tv/blog/security-notice-forum-user-password-resets/ then changed forum software 10 days later
You can read the privacy policy in the following link and which contains info on how to delete your account, request your account info, and such. https://www.plex.tv/about/privacy-legal/
4 Likes
To be honest, I donât care one bit about you assigning names to the PLEX accounts themselves.
What I DO care about is you hiding from me the email addresses I used to invite my âFriendsâ.
I already know the emails. I used them to invite.
But now you are hiding them from me.
How do you justify doing that bit?
1 Like
Yeah this change is kind of brutal from a management perspective, I know the users emails because they gave them to me. Now they have random usernames and I have to try to guess who they are? If someone is added via. email we should be able to still see their email if we opt to remove their account in the future.
I know who my âusersâ are becuase they are friends and family.
1 Like
This is very concerning - how you decided to change the usernames to my personal server.
Whatâs next, you will start deleting my files if you deem it not appropriate or it doesnât jive with todayâs way of thinking.
This is going too far and now I going to start looking at other options.
I name the account so I know whoâs using it, now you decided to change the names that access my personal server and you think this is OK?
I thought my server was hacked when I asked my users if they changed their name and they said no, then I do a google search and come across this.
This is way too much control.
What else can you do on my server. 
Folks time to look elsewhere.
2 Likes
Thatâs not true. Plex did not change any usernames that were already set. All they did was set a username to accounts that only have an e-mail address.
Yeah, I know who they are, too. I just cannot tell which is which now!
If users were worried about their email address being visible, they would have made their own changes!
