I work for a firm which issues credit cards, (along with handling a multitide of financial transactions) which spent over two years preparing for the GDPR.
Yet today there is an ongoing review to understand what financial records we are permitted to retain under the GDPR vs all of the other regulatory agency requirements around the world.
Questions still being answered include how long are we permitted to retain certain data, how long we must retain certain data, where can we retain said data, who can access the data and under what circumstances can they request we remove such data.
None of this is clearly spelled out in the GDPR, and can involve criminal and terrorist investigations.
While all of this is being worked through, if someone is a client of ours, (and the data owners) they are not absolved of the responsibility to make sure we, data processors, are handling their clients data per GDPR regulations.
We have the power to back our clients, one of our firm's big strengths and why people are coming to us, because we are spending a ton of money trying to get everything correct, and protect all parties.
It is anything but easy I assure you.
But it does help keep me employed and out of bars, so there is that.
Exactly! You are talking about Financial transaction data!
KThose rules are a lot more complicated, but not exactly new unless you live in an European country that didn't had any proper legislation in place before, like a lot of Eastern and Southern European countries.
Here in Norway for example, we already had very strict legislation in place regarding sensitive personal information and financial transaction processing. So in our case, the GDPR didn't had that huge of an impact other then that Data encryption is now really being enforced through the GDPR and the right to forget where data really needs to be deleted.
Agreed, the marketing data rules are long since covered.
Financial transactions have long since been governed though GDPR seems to really have prodded the company to take hard look at retention requirements.
7, 15 30 years, all depends on the jurisdiction which "owns" it.
Guess what gaming monthly sub fees and store sales are?
Transactions.
Have to make sure Raul (Castro) and his boyz aren't playing Ashes next year.
Just trying to live long enough to play a new, released MMORPG, playing New Worlds atm
Fools find no pleasure in understanding but delight in airing their own opinions. Pvbs 18:2, NIV
Don't just play games, inhabit virtual worlds™
"This is the most intelligent, well qualified and articulate response to a post I have ever seen on these forums. It's a shame most people here won't have the attention span to read past the second line." - Anon
Steven has no experience as a game designer but made a fortune in multi-level marketing. I say this not to disparage but to point out where his expertise is.
So why would somone who’s is an expert in marketing make such an announcement? That is the riddle to solve.
Perhaps as an "expert" in marketing he believes these two firms are well able to help Ashes succeed and "make money."
There's that $30M "investment" to pay off after all.
Just trying to live long enough to play a new, released MMORPG, playing New Worlds atm
Fools find no pleasure in understanding but delight in airing their own opinions. Pvbs 18:2, NIV
Don't just play games, inhabit virtual worlds™
"This is the most intelligent, well qualified and articulate response to a post I have ever seen on these forums. It's a shame most people here won't have the attention span to read past the second line." - Anon
Yeah well I have been (freelancer) on a project where the there was a signed deal with a (major) publisher. Not long before release they (the publisher) started making demands going against the signed deal (choice of technology, gameplay and features).. The problem is with so much money invested in the project, they couldn't just switch publisher, if one could be found even. The publishers know this and it is not uncommon to get pressure from the publisher near the end of a project where the stakes are high and the developer stand to loose everything. Their demands were so severe that the developer had serious thoughts about dropping the publisher (which they could for misconduct of the contract), but that would be an unknown expense and unknown delay added to the project. In the end, they bend over and accepted the publisher demands.
So I really don't trust publishers very much, and I especially don't trust when someone says "the publisher has no say over gameplay and features"
PS. And yes there are also some more complicated rules in the GDPR, but that is mostly Financial institutions like Banks, credit processors like Paypal, etc who are affected by it. Most of these complicated rules are actually not new, as most governments had these already in place as local legislation. Just that it's now made a more general legislation under the GDPR for the entire EU.
I have no argument about the good parts of GDPR. I understand why people feel there is a need for it. As someone who has worked to understand GDPR, it is a nightmare right now for US companies. That's where I live so my major concern. GDPR contains a lot of nice prose about what needs to happen but little in the way of hard and fast rules about how to meet those requirements. Is doing this enough? What about this? No one really knows and if you are determined to have failed in your GDPR duties, it is extremely painful. Before you declare that something isn't complicated, read the rules and understand their impact on ANY business. Because the US has been relatively unregulated, it is an even larger hurdle for American companies.
Just for clarity, a blog that doesn't require any subscription will likely need all the following GDPR components: cookies, tracking cookies, opt-out instructions, mailing list rules, commenting rules, personal information privacy policy, Google Analytics Policy, Amazon Affiliate Policy, Right to Be Forgotten Policy, and more than I can't remember. And that is for a relatively non-monetized blog. A MMO is multiple orders of magnitude more complicated.
TLDR: Blanket assertions like, "GDPR isn't that complicated" are typically made by people who don't have to deal with it.
When it comes to those high monetary penalties. Those are when a data breach takes place and said company doesn't inform the authorities in time, when sensitive personal data has been stolen. The GDPR requires companies to notify authorities within 72 hours when a data breach happens.
This is a good thing, since we have seen with several massive hacking scandals, that they had taken place a year (and in one instance even two years ( Yahoo? ))
72 hours is a good thing? While 2 years is not acceptable (example given), 72 hours is ridiculous when considering that any company would still be trying to protect themselves (their user data) as well as figure out WTF happened.
PS. And yes there are also some more complicated rules in the GDPR, but that is mostly Financial institutions like Banks, credit processors like Paypal, etc who are affected by it. Most of these complicated rules are actually not new, as most governments had these already in place as local legislation. Just that it's now made a more general legislation under the GDPR for the entire EU.
I have no argument about the good parts of GDPR. I understand why people feel there is a need for it. As someone who has worked to understand GDPR, it is a nightmare right now for US companies. That's where I live so my major concern. GDPR contains a lot of nice prose about what needs to happen but little in the way of hard and fast rules about how to meet those requirements. Is doing this enough? What about this?
TLDR: Blanket assertions like, "GDPR isn't that complicated" are typically made by people who don't have to deal with it.
Comments
Joined 2004 - I can't believe I've been a MMORPG.com member for 20 years! Get off my lawn!
Financial transactions have long since been governed though GDPR seems to really have prodded the company to take hard look at retention requirements.
7, 15 30 years, all depends on the jurisdiction which "owns" it.
Guess what gaming monthly sub fees and store sales are?
Transactions.
Have to make sure Raul (Castro) and his boyz aren't playing Ashes next year.
"True friends stab you in the front." | Oscar Wilde
"I need to finish" - Christian Wolff: The Accountant
Just trying to live long enough to play a new, released MMORPG, playing New Worlds atm
Fools find no pleasure in understanding but delight in airing their own opinions. Pvbs 18:2, NIV
Don't just play games, inhabit virtual worlds™
"This is the most intelligent, well qualified and articulate response to a post I have ever seen on these forums. It's a shame most people here won't have the attention span to read past the second line." - Anon
There's that $30M "investment" to pay off after all.
"True friends stab you in the front." | Oscar Wilde
"I need to finish" - Christian Wolff: The Accountant
Just trying to live long enough to play a new, released MMORPG, playing New Worlds atm
Fools find no pleasure in understanding but delight in airing their own opinions. Pvbs 18:2, NIV
Don't just play games, inhabit virtual worlds™
"This is the most intelligent, well qualified and articulate response to a post I have ever seen on these forums. It's a shame most people here won't have the attention span to read past the second line." - Anon
notice they say creative control,
my.com will handle the business model and monetary model
it will be not better that any of the others game published by my.com after 3 month.
in revelation online and skyforge, first, they sell founder pack.
dont reveal their cash shop, then the cash shop fair the first 1-2 month...
then peoples are invested in their game, they add various stuft to their cash shop,
they keep doing it....
my.com being the publisher mean this game dead on arival
The problem is with so much money invested in the project, they couldn't just switch publisher, if one could be found even. The publishers know this and it is not uncommon to get pressure from the publisher near the end of a project where the stakes are high and the developer stand to loose everything.
Their demands were so severe that the developer had serious thoughts about dropping the publisher (which they could for misconduct of the contract), but that would be an unknown expense and unknown delay added to the project. In the end, they bend over and accepted the publisher demands.
So I really don't trust publishers very much, and I especially don't trust when someone says "the publisher has no say over gameplay and features"
"I am my connectome" https://m.youtube.com/watch?v=HA7GwKXfJB0
and friends asking me why i'm still on EVE and GW2....
Just for clarity, a blog that doesn't require any subscription will likely need all the following GDPR components: cookies, tracking cookies, opt-out instructions, mailing list rules, commenting rules, personal information privacy policy, Google Analytics Policy, Amazon Affiliate Policy, Right to Be Forgotten Policy, and more than I can't remember. And that is for a relatively non-monetized blog. A MMO is multiple orders of magnitude more complicated.
TLDR: Blanket assertions like, "GDPR isn't that complicated" are typically made by people who don't have to deal with it.
"responsibly"
A nice subjective nebulous term that can be used to mean almost anything. Thus far, the GDPR does more harm than good IMHO.
Proud MMORPG.com member since March 2004! Make PvE GREAT Again!
72 hours is a good thing? While 2 years is not acceptable (example given), 72 hours is ridiculous when considering that any company would still be trying to protect themselves (their user data) as well as figure out WTF happened.
That ^^^^^^^^^