Weekly review emails data leak

“Private” is NOT the default, the default is “Friends”.

If the default should have been “Private” instead, that’s another ■■■■■■ by Plex obviously.

It was opt in for months during BETA, and as far as I gathered, they also got feedback back then about this feature beeing total garbage.

They rolled it out nonetheless and even forced it upon us all.

Yeah exactly. I’d don’t need or want to see that - almost like seeing your parents kiss.

What silly person would like to receive emails with ‘watched by friendX’ email in the first place. Do Plex people think we would print these emails or make a pyjama out of it if ‘you had a good sharing week’ ?

Stop gathering/sharing information you shouldn’t do and stop making this a data ‘money maker’. I though paying would be enough to ‘not be the product’.

I’m not sure that “Private” is the default: I have never knowingly opted into this type of sharing, ever, in my life, on any platform – and I never would! Despite this, I just got a message from a friend about my watch history. Many thanks to that friend!

I don’t know who in the world thought “we’re going to share your watch history with your friends” was a good idea. I agree with others: This “feature” needs to be removed immediately. Nobody asked for this, nobody wants this.

What the hell are people at Plex thinking? Automatically opting everyone in for sharing their watch history with friends? Who in their right mind would do such a thing? Been a happy Plex Pass user for over ten years, but now you’ve got me looking for a more private solution. Because you know… PRIVATE server? Well done. Another grand example of enshittification of an otherwise good product.

It is private. Until you are shown this string of overlays in your Plex client:

grafik1920×281 44.2 KB

Do you remember seeing this dialog? (or at least a very similarly looking one. the exact look depends a bit on the Plex client type where it appears).

Another relevant setting is this one:

grafik720×392 44.2 KB

Without having “Sync your Watch State and Ratings” enabled, the only activity you are generating for others, are from the titles that you manually mark as watched or which you rate.
Syncing Watch State is an opt-in feature and can be controlled in your account settings: https://app.plex.tv/desktop/#!/settings/account

Of course if you disable this, it won’t help you save your own “watched” data when you move your Plex server to new hardware.

This is a non starter. It does not matter that we could “turn it off” it should never have existed as a “thing” in the first place for it is a “silly” (wanted to say something else) thing to have.

My friends should never see what I watched (and vice versa), whether I opted in or not. Stop this nonsense, remove it and delete all the data gathered. That would be the only sane response to this.

That just proved you wrong. Thats exactly what “Default” means! so the default is “Friends” NOT “private”.
Thats by the way also a violation of the GDPR Art. 25 Abs. 2 (privacy by default).

No, I have never seen anything like that on any platform.

This is a dialog the user actively has to click through.
I am not a lawyer.
However, to my understanding this doesn’t violate the cited article of the GDPR.

What about those of us who never saw this dialog? I never saw this dialog, and my setting was set to “Friends.”

I did not forget you. I have forwarded your question to the team to investigate. It might take a while due to the upcoming holiday in the U.S.

[edit]: I just got word from the team. Details in PM.

When the user doesn’t touch anything, but the OK button, the setting is set to “Friends” unless he ACTIVELY changes that setting.

Thats what is called a Default and is a clear violation of the GDPR. You don’t need to be a lawyer to see that.

I’m sure that you wish that this is what the GDPR means.
Heck, even I personally wish that this is what it means.

But it might just be that this is not applicable in this particular case.

It violates being a decent company and respecting your users though… Come on! You had to go through like 5 screenshots to “prove” it wasn’t default and it very clearly still is. Stop defending this! It’s a bad feature rolled out in a horrible way. And there needs to be a server setting to not allowing share of any kind.

Another example of the enshittification of Plex.

Yes it might very well follow the letter of the law, but not the intent.

Did no one at Plex ever think about the “should we” and only about the “can we”?

I don’t know who thought this was a good idea to send weekly emails out to my Plex users detailing what content other users have watched. IMO this is a huge privacy violation. Most of my users don’t even know each other but someone at Plex thought it would be a good idea to share what they watch. Unbelievable.

Even when Google introduces new privacy features the first option is “Disable everything”. One box one click.

Even advanced users are having a hard time understanding what it is they’re getting involved in when they make these choices. I can’t imagine the number of novice users that have things enabled they want no part in and have no idea how to turn it off.

People who don’t know what they’re doing are afraid to change the default selection in these boxes because they don’t know if it will disable something they actually need for things to work correctly

People already feel like every tech company on the planet is doing their best to spy on them and someone decided it was a good idea to do this for content that for many is still in a grey area of the law?

This should be an opt in feature you need to make an effort to do, and it should be easy to opt out.

Easy to opt in and hard to opt out is not ok

How do you think most people would feel if their mom was accidently emailed a copy of their browser search history because they didn’t realize they enabled that feature?

I mean, I’m sure there’s a certain percentage of people who want to know what kind of porn their grandma likes, but I’m hoping it’s not the majority

Here’s the part I don’t get. Plex’s privacy policy states:

M. What information does Plex collect from my Plex Media Server?

Plex understands that you have personal content that you store using the Plex Media Server software (“Personal Content”).

Plex collects the following Personal Data from your Plex Media Server: email, IP address and username.

Plex does not share information about your Personal Content with third parties.

Plex does not collect:

• Content titles of your Personal Content.
• Filenames EXCEPT those that may be collected under Debugging Information below.
• Metadata for Personal Content (e.g., information about the specific file, cover art, subtitles, running length, etc.) EXCEPT to customize viewed content syncing to enhance your account or if you have enabled metadata matching capabilities in which case such data will be anonymously sent to us or you have integrated with a third-party control or playback mechanism that requires us to access your metadata to play the relevant content (e.g., if you use Amazon Alexa to play a particular song or movie from your Personal Content, then our Services may search your Personal Content metadata in order to find and play the song or movie requested.)

That sounds pretty explicit. Plex doesn’t collect your content titles. That means they don’t know what stuff is actually in your media library. And yet they are able to send out emails to your friends telling them the titles of what you watched.

How is this not a violation of Plex’s privacy policy?