Charonx2003

If necessary hit them with the GDPR hammer. Sooner or later the wrong person will either get liquided off (e.g. a privacy-aware fan with a law degree) or someone will figure out how to make money off it (a while ago some lawyers in Germany specialized in finding corporate websites that lacked legally required information, and sent them the equivalent of a cease-and-desist letters alongside with a demand for payment of a fee... for sending them said cease-and-desist letter.) Also, the other (main) reason why companies got so antsy and suddendly decided that they need to be compliant RIGHT NOW about the GDPR is that the fines can become rather... sizeable... The "Lower Level" fines for not-so-serious breaches can be More serious infringements - e.g. involving "The basic principles for processing, including conditions for consent" (hint hint hint) - can be So please, Squad, get your Rectum into gear - and if you do not want to do it for us, then do it to get the hell out from under that €20 million+ sword of damokles.

As many of us might have noticed the GDPR has come into effect come end of May (and we got lots and lots of e-mails and whatnot about it). That said, KSP now has (aside from that rather unpleasant business with the generic "Take 2" EULA - aka "we may slurp all your data") the issue with the data gathered by Unity Analytics and Red Shell. According to the GDPR the data collected must be kept at the very minimum necessary to provide whatever service AND the user must explicitly & actively give permission (i.e. check a checkbox) before PII may be collected & processed (BTW: And yeah the companies that only sent you a "please yell if you don't want us to gather your data" e-mail might very well be walking in legal minefield right now). Also you are not permitted to force the user to allow you to gather data that is not necessary for the "service", in order to use the service (i.e. signing up for this forum won't really work without you providing your e-mail address, since they need a way to communicate with you. But while they may ask you for permission to collect & process your SteamID or Facebook URL or whatnot, they are NOT allowed to block you from signing up if you do not give them permission.) So is KSP already GDPR compliant? If it still has Unity Analytics and Red Shell running by default I fear the answer might be no, which sooner or later may lead into legal trouble (depending on local laws, there may be good money to be made if you are a nitpicky lawyer), so when can we expect an update to adress this issues?