Put a trigger warning on that dance gif
So Epic is saying the intent is to import your Steam friends.
From what I have read, they could be using the Steam API which conforms to privacy standards but they are not seemingly. Epic is also accessing game time played, saved game data, and games list (which shouldn’t be needed to transfer a friends list) and perhaps other data points. The Epic Games client scans the Steam folders even before the user has logged into the Epic client.
Also the Epic client is still scraping data even if your Steam account is set to Private.
Scrape/Data collection frequency is about once per week.
Guys, I think steam is tracking who is on my steam friends list.
The also know whats on your wishlist!
Friends are on my wishlist. 😥
Here is the incomplete list they provide. (@jsnell posted the link above).
General Account DetailsPurchase HistoryShopping Cart HistoryLicensesAccount Phone NumberSubscriptionsPreferencesLanguage SettingsMobile Push Notification SettingsVideo DevicesVideo BookmarksVideo Encrypted Content LicensesExternal Funds UsedFamily SharingWorkshop Payment InfoFamily ViewRecent Help RequestsRecent Third Party Site LoginsRecent Login HistoryDeveloper SettingsSteam Hardware RegistrationsTournament RegistrationsSteam Box Beta RegistrationsComputer Names
Community & Profile
Your ProfileEdit Your ProfilePrivacy SettingsFriendsSteam GroupsComments & Discussion PostsComment NotificationsDiscussions Subscription & Usage DataProfiles You’ve ReportedCommunity, Chat, and Discussion BansCommunity Moderator MessagesMy Group AnnouncementsMy Group EventsMy Activity FeedFriends Activity FeedYour Game Server Accounts
Inventory & Items
Steamworks Game Data
WishlistReviewed GamesYour Vote and Tags on ReviewsYour Reports on Game ReviewsCurators you FollowCurators you IgnoreMy Curator ReviewsCurator Connect Game OffersMy Curator Recommendation List and ItemsDiscovery QueueDiscovery Queue HistorySocial media linked accountsOther linked accountsLoot Drops and Giveaway ParticipationsGame User Tag VotesMy App ReportsEmail PreferencesOutgoing Email
Store & Community Events
Your call as to whether its cool that Steam tracks and can view your private messages to your friends for example.
They track a lot and this is just the out of game stuff for the Steam platform. Many games (including Valve’s) have far more telemetry about what you do in your games, even single player.
Again Steam is simply following the games industries now standard practice. I think that practice needs to change.
Even of you are cool with it all, its worth at least a look and see what they are recording about you.
This doesnt mean Steam is out to get you, or Epic or anyone. In the same way Facebook isnt out to get you. Just that once that data is stored, well, its only a matter of time before something bad happens isnt it? Even if they are great people that data will get stolen or hacked one day, that seems inevitable.
You dont have to subscribe to my “stop telemetry” position. But you should be aware of whats going on.
Ok, fair enough.
They’re a messaging platform. They need to store the messages in order to allow you to read them. Note that the retention period on messages appears to be fairly short. Probably a month or two weeks. I don’t understand what you find objectionable here.
Would it be possible for them to not store the messages for a couple of weeks? Sure, they could require both users to be on-line when the message is sent and have them be totally transient. Or they could do end-to-end encryption, but that ends up being either security theater or totally unusable for a normal user (has anyone reading this ever actually verified the e2e encryption status of a WhatsApp chat?). Both of these would make for a garbage user experience in a multi-device environment.
I think this is where our fundamental disagreement is. You appear to be opposed to absolutely all kinds of user data being stored. Doesn’t matter how beneficial it’s to the user, or how fundamental it’s to the service that the user is actually wanting to use. That seems counter-productive. “Our vision is for Gmail to delete all your emails before you read them, for Netflix to never remember where you left off watching Star Trek Discovery, and for Amazon to always challenge you with extra verifications when logging in since they can no longer do sign-in risk analysis.”. That sounds like a horrible deal!
There’s a sharp contrast to things like Facebook promising they were collecting phone numbers only for second factor authentication purposes, but then covertly using those numbers for building their social graph. Or silently hoovering up your SMS message history from the phone if you install the Facebook Android app, and keeping that history forever. It’s not somebody collecting data necessary for providing a service, and keeping that data around as long as is reasonably needed. It’s fooling people into giving away data they didn’t expect, and then using it for absolutely any purpose that the company feels like.
Equating these two categories just means that people will become fatigued and stop caring about the second one.
Just because they hold it, doesn’t mean the messages should be visible to steam. End to end encryption should be standard.
Apart from the fact that is bad that Epic Store or any other software shouldn’t collect information from your HDD that isn’t directly tied to that software, we also should ask the software developers to be more proactive in securing the data in the first place.
You cannot trust any other third party utility, hoping they all will be good guys. You never know if this text editor or that music program or this innocuous strategy game is going to do the same. And because you can never know, the data should be encrypted, unreadable to any third parties.
I addressed that in the previous post.
Valve responds to the recent issue:
We are looking into what information the Epic launcher collects from Steam.
The Steam Client locally saves data such as the list of games you own, your friends list and saved login tokens (similar to information stored in web browser cookies). This is private user data, stored on the user’s home machine and is not intended to be used by other programs or uploaded to any 3rd party service.
Interested users can find localconfig.vdf and other Steam configuration files in their Steam Client’s installation directory and open them in a text editor to see what data is contained in these files. They can also view all data related to their Steam account at: https://help.steampowered.com/en/accountdata.
We aren’t using the approved method of data collection - causing security and privacy concerns - because we are concerned with security and privacy.
I dunno. That sounded weird. So is EPIC games tracking my purchases and stuff? Yeah I saw what they said. I am beginning to worry just a small bit. Seems creepy.
I am seeing a lot of youtube playing of Epic store upcoming games, so I assume they are investing heavily in the influencer marketing side of things.
Epic is also investing heavily in advertising on gaming sites.
For instance PC Gamer has a whole series of sponsored articles strictly about Epic exclusives.
I suppose that is also why RPS wrote the laziest article about Epic data collection opining that the detractors were racists.
RPS is always chomping at the bit to write that article. I’m not at all surprised.
Uh, people here said that too, and I’m reasonably confident it wasn’t a sponsored post.
Yes but it is a sloppy argument. I would’ve expected more from RPS than a red herring found in some random Reddit comment.
A few years ago, maybe. Today, this is what RPS has become, a shell of its former self.
Sure. I was merely disagreeing that money was a more likely motivator than worldview. As Fishbreath said, I think some are just anxious to draw those conclusions.