Redzone, Privacy And Maturing Virtual Worlds

As Second Life evolves, new issues will arise and the recent rumpus about Redzone is one of those issues. The point with Redzone is that it scans you,without consent, without informing you that you are going to be scanned, there is no mention of what Redzone does with your data, there is no privacy policy with this device and that’s where we get into a bit of a sticky wicket.

Linden Lab so far have taken no action and to be fair to Linden Lab, how do they incorporate a policy to ban Redzone without making legitimate uses of IP addresses illegal too? Linden Lab move slowly on issues, very slowly, they could of course decide to just ban Redzone as they have in the past banned traffic gaming devices, but without a clear policy, enforcement becomes tricky when the next Redzone arrives. The starting point for Linden Lab’s policy of course lies with the terms of service.

Section 8.3 appears to suggest that Redzone breaches the terms of service:

8.3 You agree that you will not post or transmit Content or code that may be harmful, impede other users’ functionality, invade other users’ privacy, or surreptitiously or negatively impact any system or network.

You agree to respect both the integrity of the Service and the privacy of other users. You will not:

(i) Post or transmit viruses, Trojan horses, worms, spyware, time bombs, cancelbots, or other computer programming routines that may harm the Service or interests or rights of other users, or that may harvest or collect any data or personal information about other users without their consent

Redzone does not seek consent to harvest information, so it seems in clear violation, where they seem to think they have an out is with regards to Linden Lab’s Privacy Policy:

Information Displayed to or Collected By Other Users

Certain account information is displayed to other users in your Second Life profile, and may be available through automated script calls and application program interfaces. This information includes your account name, account type, the date your account was established, whether or not you are currently online, user rating information, group and partner information, and whether or not you have established a payment account or transaction history with Linden Lab. Further, you agree and understand that Linden Lab does not control and is not responsible for information, privacy or security practices concerning data that you provide to, or that may otherwise be collected by, Second Life users other than Linden Lab. For instance, some services operated by Second Life users may provide content that is accessed through and located on third party (non-Linden Lab) servers that may log IP addresses.

The reason for this is that websites collect IP addresses, they are required for certain features such as media streaming, this policy is explained to try and help people understand that third parties may have access to your data, but it should not trump the terms of service.

However, one issue that stands out here, Linden Lab have a privacy policy, should we have privacy policies inworld? The answer is …oh please don’t, could you imagine that everytime you land at a commercial sim or commercial parcel you have to read and agree to a privacy policy explaining what the parcel owner does with your data? This would be a nightmare and yet, as many commercial sites on the web do, it is probably something that people who are collecting data, should be doing, I’m sure legally there’s some dodgy ground here for not having a privacy policy when you’re collecting data on people, I guess I should have one on my website …damn now see what I’ve started!

The question really is why Linden Lab haven’t banned this product and the answer seems to be that they can’t determine whether it breaches their terms of service or not, or they haven’t yet figured out how to introduce a policy that makes it clear why these products shouldn’t be allowed.

Redzone could of course get around the terms of service issue by seeking consent, on the soon to be nerfed Blogrum, Innula Zenovka makes some fine points:

Second option, zFire continues to allow his customers to ban alts, but doesn’t show the owner who people’s alts are.   If I am shopping in your store, then whose alt I may or may not be is of no legitimate interest to you that I can see.   If you ban me, and want to ban my alts, too, then fine.. you don’t need to know the names of the alts who you’re banning, do you?

Now why would Redzone users have a problem with this solution? If, as they claim, Redzone is used to stop griefers and copybotters, then banning one account and all alts without seeing the names of the alts would indeed do what they’re asking for, well it would if the device was always accurate but that’s a different issue. The basic premise of any data collection policy is that information should be fit for purpose, names of alts are not fit for purpose here.

In the same thread, Inara Pey gets all rawrrr and commanding whilst pointing out that Redzone does not seek consent, as exemplified here:

When I use the media tools in Second Life, I am giving my implied consent to do just that receive media streams. *Nothing else*. End of story.

I am most certainly not giving consent  – implied or formal – for you or anyone else to exploit those media tools in any way you happen to see fit and for purposes you deem to be both “acceptable” and “above the Terms of Service”. Period.

I’d spank her for using period instead of full stop but she told me off for pointing that out before and you seriously don’t want a telling off from Inara……well sometimes it works!

My personal view is that Redzone should be banned until the device seeks consent to do what it feels it needs to do and yes as I pointed out earlier, having a privacy policy and needing to agree to it before entering sims and parcels would be problematic, but the current state of affairs isn’t acceptable, people are turning off their media settings, missing out on some of the good features of Second Life because of this and the overall world of Second Life is suffering.

As Second Life has evolved we’ve seen issues that Linden Lab have needed to address, Sexual Ageplay, Banks, Gambling, Adult content and now we have privacy and Linden Lab need to address this, I haven’t looked into the technical aspects of what’s happening but some people have suggested that there’s an exploit in the media settings that allows information to be gathered, if this is true then these data gathering services are taking advantage of an exploit and not using the service as intended.

The world evolves, the world changes, but for the sake of doing the right thing, Linden Lab do need to step up to the plate here, I have every sympathy with content creators trying to protect their stores, but evidence suggests that Redzone isn’t that effective, I also have every sympathy with sim owners trying to prevent griefing but when the tools they use to do it operate such questionable practices as Redzone does, then they are not the right tools and are not helping the Second Life experience.

15 Replies to “Redzone, Privacy And Maturing Virtual Worlds”

    1. 4.3 is certainly relevant to the discussion and I’m glad you brought that up, it’s unrealistic for us to expect Linden Lab to have power to influence third party sites, 4.3 has been under discussed and maybe goes some way to explaining the difficulties Linden Lab have with policies on products like this, but the product is used within Second Life and LL do have power to do something there.

      1. They may not be able to influence third party sites but even before redzone people have been begging LL for a better solution to the privacy loophole in streaming media, which LL has been ignoring.

        1. Interestingly, the Phoenix viewer devs seem to be on the ball here by at least starting the ball rolling with a white and blacklist solution.

          You’re right, the media issue isn’t new and has largely gone ignored.

      2. 4.3 protects the Lab from liability. Let’s break this down, gang. It’s protecting the Lab from being sued for the actions of a third party. It *does not* prevent them from disabling the product from use in SL if it violates another portion of the TOS (and it does.)

        What people need to understand though is that’s*all* the Lab can do- they cannot compel zFire to turn over the database- that can only be done by *outside* legal action- the Lab has no power over that.

        1. Right, 4.3 is similar to the lab’s rule on chatlogs, you can’t share them inworld without consent but they have no power to enforce that rule on third party servers, 4.3 remains relevant to the overall situation, but is not the only section that matters.

          People are calling for the database to be destroyed, Linden Lab can’t enforce that, they can however do something about the product and its use inworld.

  1. “Period” is the term most Americans will understand; otherwise I’d go for “full stop”. 🙂

    The individual I was replying was skating – and continues to skate – on thin ice with his assertions on the subject of media; although I note he’s now implying threats in his replies as well. Sign of losing the argument, perhaps?

    I’m actually in some ways guilty of a little duality here, as I have myself questioned the ToS violation for the reason you’ve stated, given the lack of action from LL to date, despite almost a month of complete furore.

    However, that’s really just me momentarily playing Devil’s Advocate. In matters such as this, Section 8.3. of the ToS *must* take precedence; otherwise users are guaranteed absolutely zero protection when it comes to harvesting account information by just about anyone willing to script a HUD and wander the Grid.

    In some ways, its a pity that more vociferous action wasn’t taken back when Gemini CDS reared its head (and that is still out there, together with a host of other such devices); perhaps had that been the case, things might be different by now.

    My main concern about even engaging in this kind of debate where a specific device / tool is mentioned is that that focus becomes so narrow that limited action is taken – against the one device itself, rather than targeting the issues that make it possible for the system to be exploited. And in fairness, when Viewer 2 first appeared, many did raise concerns at the way it exacerbates the situation by leaving the door wide open for the unwary user.

    Sling Trebuchet has gone some way towards trying to broaden the discussion to cover the specific problems inherent in the Viewer via her JIRAs, and others have raised the means by which matter could be addressed through better land management tools. And I think we should all follow her lead in pressing for change.

    Having said all that – and to return to RedZone in particular: leaving aside the fact it provides “protection” through a false assumption (content rippers use identifiable “illegal” viewers (as one reputable creator of SL Viewers once stated to me, it takes a single change ot a line of code to get one Viewer to appear to be another – and the XML is not that hard to understand); the real issue here is:

    *Why, if RedZone is a “security device”, has the creator made a HUD-based version that can be carried from sim to sim for the purposes of gathering data on the avatars located at those sims?*

    This goes far beyond the reach of protecting people from copybotters or griefers (in much the same way that the Gemini CDS-related “Oynx” project did). It’s hard to determine any legitimate reason for this. Full Stop.

  2. The reason they’re fighting consent so hard is obvious-

    with consent, the product dies.

    First of all, with consent the HUD is USELESS. It it completely, utterly and fundamentally a paperweight. When one requires consent it simply has no function. But beyond that, (and good riddance to the HUD), the entire product will fail. People already know that given a choice, a fair percentage of people would *leave* rather than consent to being scanned and their information stored and recorded. And once they leave, there goes the customer- they will choose to go someplace that does not invade their privacy (and as well they should.) Once you introduce *required* consent, those locations that use RZ would suffer losses, while favoring locations that don’t. The irony is that the RZ locations would then become *further* targets for harassment, griefing and copybot, since not only does the device not protect against those things worth a tin damn, but it would be extra bonus points to target places with the device in use, making it completely counterproductive.

    Once you *require* consent *BEFORE* the scan, the product is dead in the water. And they know it.

    1. If Redzone users are so ethical and everyone against it are the bad guys, then seeking consent would prove their point surely, I mean if lots of people agreed to be scanned and added to the database, Zfire would be vindicated……no I don’t see that happening either!

  3. Used redzone a long time and will continue to do so. Copybot viewers still get onto sl and still visit my sims, it’s unfortunate but whilst LL offers no protection at all I’ll go with what I can…And so will many many other creators, that’s why there’s over 20,000 redzones in use (most of them being sim owners, you can’t copy a redzone to more than one sim)

    Sure people probably can work around it but I have to say when I see that ‘banned’ listed on my redzone when yet another portuguese speaking newbie avi jumps on my sim trying to steal the work I feel relieved that my work is safe just that little bit longer…

    As for alts…theyve been able to be tracked for years DJs can see all sorts with their streaming media, what pc you’re using, where you live etc….Nobody complains about those…

    Redzone users cannot see anything except viewer, detected alts and how many times theyve visited your property….It’s all there in his free demo, Zfire keeps it pretty open and is very hot on the customer support too…

    The greenzone thing was created by a copybotter, sure it’s raised awareness of being detected without consent….but folk should really be more careful who they’re rallying behind….Yikes….

    1. What’s the big problem with telling people they’re going to be scanned before they enter a redzone enabled area, because that’s the right thing to do, that seeks consent, that deals with a lot of the questionable TOS issues, that explains to people what will happen and that also acts as a deterrent, if Redzone users would seek consent, then they’d be well on the way to using the device ethically, as it stands they’re knee deep in two wrongs don’t make a right.

      One thing the Redzone rumpus has done is raised awareness of these issues and people have raised the DJ issue, people didn’t realise it was happening, now some people are refusing to go to entertainment venues.

      You’re correct to point out that placing your trust in others is a risky business, some people have been asking for greenzone to be open sourced so they can see what it’s doing. I have no idea if the Greenzone creator is a copybotter but that’s a damn serious accusation to make.

      The Phoenix viewer devs have developed a patch to limit some of the issues of media streaming, it’s far from perfect but if they’re doing it you can bet your bottom dollar that Linden Lab will feel compelled to do something along those lines too, it’s long overdue.

  4. oh and about the HUD….it DOES NOT detect….Hud wearers can do 3 main things with the hud….

    1 – check the database for alts with people 96m around them. They have to do the scans one by one….If you and your alts have been picked up by a redzone somewhere in SL it will list it. It doesn’t detect itself (detection needs media and cookies)

    2 – does a viewer scan to see who is on the official sl viewer, who is not

    3 – allow administration of your redzones from wherever you are, so if you run into someone who’s an ass whilst in a club, you can ban them from your space immediately.

    It’s NOT a portable detection unit….More a info purposes and security device admin HUD

    1. The HUD still reveals people’s alts, there’s absolutely no need for that to happen, Redzone doesn’t need to share alts with anyone on the database for it to work in the manner the sales pitch suggests, they can be hidden from Redzone users but still try and ban associated alts from parcels, there’s no reason whatsoever for Redzone to be revealing alts to people.

      There’s too many black holes with this product, it’s not the only product of this sort, but the useful looking features, which to me would be the bigger ban list and remote administration are dwarfed by the unethical aspects.

      I have every sympathy with content creators trying to protect their wares and sim owners trying to avoid griefers, but this product is too unethical for it to be a palatable solution.

      Linden Lab should be playing a bigger role here by addressing the security concerns of residents, but really, Redzone’s unnecessary features make it a poor solution.

    2. “1 – check the database for alts with people 96m around them. They have to do the scans one by one….If you and your alts have been picked up by a redzone somewhere in SL it will list it. It doesn’t detect itself (detection needs media and cookies)”

      Under what circumstances is this a legitimate use, particularly on land not under your control?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Follow

Get the latest posts delivered to your mailbox: