Improve GDPR Messages


#21

It’s going to be incredibly annoying having to do this for each individual user that requests this. Imagine if hundreds of people started asking for their data to be cleared?

Roblox should give us a way to associate data with a player so they can just delete it automatically.


#22

A possible solution here is to use a static site (like one you can get from github), and just host a file that contains IDs to be deleted. Have all your game servers sync with that on launch and check for appropriate data deletion.

I’m not sure whether there are potential complications surrounding publicly hosting a list of dead user IDs. They shouldn’t be available via the site anymore. Just in case I’d probably host it privately and with a key so people can’t just access the list.


#23

Strongly agree, guessing which games a userId has played and then deleting data is very time consuming. They should be making a system to make this scalable.


#24

Oh fun, after seeing this post I came to find out I have several to process as well.

Yeah, if this becomes a routine thing Roblox should provide a way for developers to easily automate this.


#25

Thank you so much, this makes it so much more manageable.

I have 6 open games so I thought i would have needed to open each one individually - but this script saves me a lot of time thanks


#26

I have passed along this feedback internally.


#27

What if there was a button/setting in your game that allowed the users to delete their own data? Would the developer still be responsible for deleting the data for them?


#28

Is there a way to get a list of IDs we need to delete? I get too many messages from trade requests and stuff that it blends in so I can’t actually act on these messages.


#29

My upcoming game will be GDPR complient. They would be able to view all the information and then also have a button to delete it.

It would send the userid to the database and then add it to a table. If the person does not choose to undo this within 48 hours, we will erase their data.

I know there’s more factors than just viewing and erasing data but I’m not going to put in every detail.

This I feel is on the right path of having it right.


#30

The last thing you want to do is accidentally delete someone elses data when pasting potentially massive lists of userId’s you get in your email from Roblox. There should be some way to associate a key with a player’s userId when using SetAsync.


#31

Even if a player joins your game 1 time, if they request to have it removed you need to remove it. Adding a button to delete their data only makes it easier for yourself in most cases with handling their data.


#32

The codes would handle the data. I wouldn’t even look through it.

It would be fully automated.


#33

You still would need to click wipe.


#34

The part I’m not fully understanding though, is why data linked to a Roblox user ID is not (or can’t become) anonymous data. In the actual GDPR it mentions that when data can not be linked to a real person, data is anonymous. In order to comply to GDPR all Roblox has to do is making sure a user ID isn’t linked to anything identifiable. If a person is requesting Roblox to delete their identifiable data, all that has to happen is their IP to be dropped from the records to render their user ID essentially anonymous, so why (if such a request is aimed at Roblox as a whole and not at one game) isn’t it on Roblox to erase their IP (and other things like social media links) instead?


#35

Eh no? It’s called CRON jobs.


#36

I believe it is on Roblox to delete the majority of the data (all the website data), however, suppose someone is called “JohnDoe1999” (somehow got past community sift, or somehow the user name contains other identifiable data on the person), and this ends up in a datastore key, you will have to wipe that name out of there, because Roblox cannot find that out easily that you stored this. If not strictly obligatory, at least it is a courtesy to your player to do so for their privacy.

Other examples could include:

  • Players naming their pets/houses/cars/whatever in games after themselves/real-life people they know.
  • People putting in their first name / age / gender (which all could be their actual information) into a roleplaying game’s details sheet which is saved to datastores.
  • Chat history that you may have saved for moderation purposes temporarily.
  • Any other situation where you stored their username or user-submitted text/options involving potential actual information.

It should be relatively simple and risk-free to write a small bit of code that loops through said player’s data and replaces these references with empty strings or whatever you want to do. You don’t need to clear any data that has no chance of being personal, such as game currency, inventory, achievements, etc.


#37

Even then though, naming a virtual pet after something in real life is different from storing explicitly personal information as such.

Regardless of what information they enter, even if it’s personal, no roblox developer is asking for personal information or intentionally storing personal information, only storing arbitrary strings to use as virtual pet names that have no identifiable link to the real world looking at the data alone.


#38

Yeah of course, but I don’t think the GPDR even makes this distinction between intention and contents, it’s all about the contents. So even though you intended not to collect personal data from the user, if the user submits personal data to you via i.e. pet name or so, that is probably still considered personal data.

I don’t know the GPDR or the terms from Roblox’s side on this from top to bottom though, so it’s hard to say whether you actually have to clear it


#39

According to the UK Information Commissioners Office,

“By itself the name John Smith may not always be personal data because there are many individuals with that name. However, where the name is combined with other information (such as an address, a place of work, or a telephone number) this will usually be sufficient to clearly identify one individual.”

As far as roblox is concerned, we should never be getting to this theoretical point in the first place because no developer should be asking for personal information to begin with, and roblox doesn’t provide us with any. As long as we are following Roblox’s ToS to begin with, and filtering users strings before saving them(remember, Roblox requires this and the filter takes care of things like phone numbers and other personal info), there is no legal obligation on our end because it would be impossible to identify any of our users based on data alone.


#40

I’m a little confused, there any plugin of easy script of opening all my games datastores and viewing everything, sort of like how visual studio allows you to view entire tables of a database.

They really NEED(cannot emphasise this enough) to tell us what game they visited because I have quite a few games that I had to look over the data stores to make sure that the user id is deleted. Also this is 3 months later, and comparing the message I got and the one at the top they look exactly the same.

I also think Roblox should allow us to get all the different Datastore that were made for a particular games Datastore as some games do sometimes reset their data as developers can lose track of the GetDataStore Names.
This is what I’m talking about if your a little lost. Ex, DataStoreService:GetDataStore(“DATASTORENAME”)