New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Privacy: Windows id is shared on every startup #481
Comments
It's not a product key, It's a unique key generated during Windows installation. Basically it would be similar if we generated our own, but this survives Playnite reinstall/uininstall without leaving additional footprint by Playnite. But I agree that it will be safer to use our own data rather then Windows ones. |
Does this mean there's a sync function in Playnite? Or is it one of those diagnostic things? Either way, it's sketchy that's in there. |
It's there to track how many users Playnite has on what Windows versions. I use this to focus testing on most versions people use. For example I rarely test things on Windows 8 since almost nobody with Playnite uses it and also there's a big difference in Windows 10 versions used. |
Released in 4.1 |
The user's Windows product key is sent to IP 185.28.100.135 (i.e. the default PlayniteServices endpoint) on every startup as part of PostUserUsage() in ServicesClient.cs
The transmission of this unique personal identifier without explicit user consent might be in breach of data protection provisions, e.g. https://en.wikipedia.org/wiki/Data_Protection_Directive#Principles
If a unique identifier for the client machine should be needed for PlayniteServices, please at least use a salted hash of this key (i.e. anonymize it), or better use a random identifier generated at first launch.
Also user consent should be required before using telemetry (as seen in most software nowadays "Share telemetry data with XX to help improve XY"-checkbox) and personal data should only be transmitted over a secure connection (see issue #480).
The text was updated successfully, but these errors were encountered: