Official Unity Analytics Data Privacy Plug-in Available Now in the Asset Store

From http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=623051

Have we interpeted this wrong or is the Plugin in fact NOT compliant?

 

Thanks for posting. I have some specific questions...

So opt out status vars looks like this:

Code (CSharp):

1. struct OptOutStatus
2.  
3.         {
4.             public bool optOut;
5.             public bool analyticsEnabled;
6.             public bool deviceStatsEnabled;
7.             public bool limitUserTracking;
8.             public bool performanceReportingEnabled;
9.         }

Fairly obvious, analytics.Enabled = https://docs.unity3d.com/ScriptReference/Analytics.Analytics-enabled.html

deviceStatsEnabled = can only be turned off if analytics AND performance reporting is off
https://docs.unity3d.com/ScriptReference/Analytics.Analytics-deviceStatsEnabled.html

so it is possible to use deviceStats and performanceReporting without analytics? I'm guessing no.

Analytics.limitUserTracking = "Setting this property to true causes the Analytics service to further anonymize data by not sending SystemInfo.deviceUniqueIdentifier for game users. By default limitUserTracking is false."
https://docs.unity3d.com/ScriptReference/Analytics.Analytics-limitUserTracking.html

From your GDPR Faq:
"If a game developer or publisher enables Unity Ads or Unity Analytics for their game, we collect data such as device type, country, device language, in-game behavior and purchases, IP address, Apple’s Advertising Identifier (IDFA), and Google Play advertising ID."

So using limitUserTracking will stop sending Apple IDFA and Google Play ad ID?

In your COPPA page, it says:
"In order to provide analytics for your games, Unity Analytics generates an anonymized user ID for each user in your game. We do not use any of these IDs generated from Child Apps to track users across apps built by other developers or to map users between different services, devices, or browsers on the same computer."

So that suggests if you don't have a child directed app, IDs are tracked across different apps and services right?

also COPPA page "In addition to these IDs, Unity Analytics also collects the following personal information from Child App users: IP address, identifiers for advertisers (IDFA is only collected if Unity Ads is also enabled) and device identifiers (IDFV, Android device ID or IMEI if Android device ID is unavailable)."

So in a child direct app, with no ads, you still collect IP Address, and device identifiers (IDFV, Android device ID or IMEI if Android device ID is unavailable) ?

Google Analytics allows you to anonymise the IP address, why doesn't Unity Analytics provide this option? For those that still want to use analytics but provide better privacy for their users?
https://developers.google.com/analytics/devguides/collection/android/v4/advanced

In the gdpr FAQ it says: "Will players be able to opt-in or opt-out of data collection at any time? Each time a Unity ad appears in a game, players will be able to access and change their privacy setting via the Info “ℹ” icon on the Unity ad."

With the above plugin, when you open the URL, it says when you opt-out the tracking "I understand that this action cannot be undone", so which is it? Contradicting statements there.

It would be really useful for Unity to provide clarity to the information above, as I'm very close to removing all cloud services from my apps at the moment.

Many thanks

 

My company is also concerned about the same issue brought up by HT-OAludden above.

Any word on this?

 

My company is also concerned about the same issue brought up by earlier posters.

All I want is piece of code that we can add to our apps to disable data collecting.

 

Cool, many thanks. Could you please answer the technical questions in my post above. The policy stuff I will email questions in.

Thanks

 

Thanks for the detailed answers @ap-unity. On our end, we can't easily ask our players to opt-out (our game is for children under 13). Are you aware of a way to keep using some services like IAP and Performance Reporting, and to disable analytics in code without asking users?

 

@Swah

I do hope that below is actually the answer for your question:

Or is SystemInfo.deviceUniqueIdentifier a prerequisite for IAP to operate?

 

Is there a way to deactivate any and all data collection completely?

 

Thanks for the responsiveness @ap-unity.

To reiterate and be more precise about my previous question: Are you aware of a way to keep using some services like IAP and Performance Reporting, without collecting personal data such as IP addresses? A good way to do this would be to disable analytics in code without having to ask users.

Maybe another way to do this: can we just turn off analytics on Unity's project webpage? I assume this is not a solution and that it would also prevent services like IAP and Performance Reporting from working?

 

I want to know this too. If the user opt-out, will Unity IAP work?

This is important, maybe we need to update our game and disable or hide all in-apps if the user chose to opt-out.

 

It’s stated at top and in the plugin readme that the plugin is unnecessary if you’re using Unity Ads. However, as I understand it, Unity Ads provides an opt-out only when a Unity Ad is shown, which means the opt-out is never shown if an ad is not shown, whether because Unity Ads fails to serve up an ad or if the game is designed so that ads are only optionally shown (run an ad to get some kind of reward) or shown very late (I have games where the ad is only shown at the end of the game) so if you quit the game you never see the ad, or if you see the ad it’s after analytics has been collecting for a long time.

So it seems to me if you need the plugin if you’re not using Unity Ads, maybe you should still use it even with Unity Ads.

 

I just do not understand. all we need consent parameter that can be access via code.

1. User click "Give Consent" button in Unity App / Game
2. Unity.consentGiven = true ( send pers. data ) else ( not send any data )

Everything is this simple. Any other type of implementation will raise questions and not %100 compliant with GDPR

 

For ads, you can do it with code:
https://unityads.unity3d.com/help/legal/gdpr

But not sure if doing that will affect analytics (it says that if you use ads you don't need this plugin) or we will need that anyway.

 

But I am using Unity IAP only.

 

Hello! Please comment 2 question regarding to this plug-in.
1) If user opt-out using URL provided with this plug-in, will it disable HW statistics collection as well?
2) For now, as far as i concern, the only way to disable it locally is a checkbox "Disable HW statistics" in Player settings - Others settings, but its ONLY available for Pro licence users, is that correct?
Thank you!

 

Unity approach seems weird to me.

GDPR says, "Get consent first, then initiate systems". However with Unity Model for only using Unity IAP there is no such system, user need to click and external button, and choose some setting.

 

I'm of the same mind here; As i understand it, we can't send any data anywhere (including simple things like a Device ID) before having explicit opt-in consent accompanied by a full and simply worded explanation of all data that will be collected.

Unity is not doing this - they're claiming a sort of loophole and saying information they're collecting is required for their platform to be used, and therefore justified in opt-out. But by the time the user sees the opt-out button or reads what information is being collected - all sorts of data has already been stored somewhere with identifiers -How can you have Ads/IAP continue to function after opt-out without being able to identify the user or device?

Regardless, their position as an SDK/intermediary/service being used by us puts them in a different legal situation than a company making a game. It seems important to be aware that what Unity chooses to do only protects them legally and not you.

There are still lots of questions, for example we have to be able to supply a copy of any data stored about a user, but how should you verify that a person requesting the data is actually authorized to receive it? and you end up providing personal information to the wrong customer.

What i'm hearing is some games intending to put up a consent UI at the start of the game, and basically if they say no, then the game doesn't run, sorry, uninstall it. Which works for free-to-play but how that goes on a title paid for upfront is interesting.

 

I've been testing out the privacy sdk. Once they click the button, the url opens and has the privacy web page with the opt out option. You can also request the data that you mention above. A message tells you to come back in 24 hours, then you see a scrollable field that shows that information is stored. I believe this is done on a per app per device basis. So your same game on iPhone and iPad they would need to request the information on both devices, as the information isn't shared as a single user. Does that make sense?

 

Weird and not compliant.

We need a mechanism to disable Analytics from collecting data from the start. My game only needs IAP and Ads. I already had a different analytics solution integrated and Unity Analytics was forced onto me to be able to use the others.

I'm very upset with the way this has been handled. We were assured that it would be compliant and that's clearly not the case, and now we're exposed to legal actions. Also releasing things the day of the deadline is not helpful.

 

Agreed with you. It does not seem compliant with GDPR. Mechanism should ask user consent before taking any action, not directing a page to asking if user want to opt out or not.

Opt Out should be external preference that user wants to use later.

 

Unity's Statement on GDPR Readiness appears to explain this in the "What’s with the “opt-out”? Is this opt-out consent?" section.

From the statement:

 

My understanding is that having legitimate reasons to process the data doesn't change the fact that you need to ask for consent before collecting. But I'm happy to be proved wrong with some pointers to the regulation text.

 

I would rather make my own bets if I'm the one paying the fine.

I think UT needs to provide a way to disable the Analytics beforehand or clarify their position on why consent isn't required.

@ap-unity Can you help us with this?

 

My understanding, based on the website linked below, is that you do not have to ask for consent before you collect it.

https://ec.europa.eu/info/law/law-t...-be-given-individuals-whose-data-collected_en

Additionally the following sections pertaining to a citizen's rights make mention of having the right to have personal data removed from their systems but there is no mention of having the right to stop the initial collection.

https://ec.europa.eu/info/law/law-t...ghts-citizens/my-rights/what-are-my-rights_en
https://ec.europa.eu/info/law/law-t...anisation-stop-processing-my-personal-data_en

Same. I'm not that great at reading legal documents so this website has been my sole source since this whole mess became known to me.

 

Looking at the first link, it starts with "At the time of collecting their data...".

 

"The plugin provides a button you can add to your game that opens a Unity web page where players can manage their privacy settings."

Sounds terrible. Pulling users out to a seemingly unaffiliated site (which will probably suck based on Unity's past attempts at Web). Seriously, provide an API which lets us control the settings and interactions from within our own application.

 

Yes, but it follows up with "people must be informed clea rly about at least" and their "right to withdraw consent at any time". I've quoted the relevant section of the actual legal document and bolded the parts related to this.

Additionally, after searching the document a bit further, there is a section that mentions processing of data and what makes it lawful. I'm not going to quote the entire thing. You can find it by searching for "lawfulness of processing".

At the moment this is the only section I have seen in the document where it mentions you have to give consent but even then you'll notice that only one of those entries has to apply for it to be legal to process their data.

Some searching on the web for "legitimate interests" left me with the impression that the last bullet point is the one that will inevitably apply to games. I saw mention on another government website that there are three key elements and you could use them as a way to test if it's appropriate.

https://ico.org.uk/for-organisation...e-legitimate-interests-basis/#three_part_test

Working off of these, a video game with a leader board would pass the "purpose test" and "necessity test" because it needs at least some personal data to tie leadership positions to actual players.

 

I figure they'll give everyone a month or so grace period before the fine hammers start dropping. If they're serious about it then they'll come out with some big fines right at the start to make a statement.

 

I agree with this. But even if the processing is lawful you still need to inform the user before it happens which in practice is almost the same as asking for consent.

And then there are a lot of games that don't have/need a server and it gets harder and harder to justify that the only legal basis is (f). In those cases I would prefer to prevent any collection unless you can get consent from the player.

All of this is very problematic even before you start talking about children and the process required to get consent from the parents.

 

I have the same concern. I use Unity Ads and Analytics. The instructions suggest that I should not use the Privacy Plug-in, because Unity Ads will provide the player with an option to opt-out. The problem is that I use ads in a very optional manner: I use rewarded ads, which only show up if the player chooses to view them. And if the player purchases a certain item (via an in-app purchase), the rewarded ads will disappear from the game completely. In summary, I use Unity Ads, but some players might never see any ad, so probably they are never presented with any privacy options either. Can I use the Privacy Plug-in in this case?

 

I think this approach is similar to Apple’s, except Apple is handling the UI themselves and not asking developers to put a button somewhere.

 

There are 100,000s of active developers, it seems like just 10 of us concerned, I see no posts in forum, no discussions in groups. I see %99 of the apps not even updated with GDPR in Google Play and App Store, well what should we get from this?

 

I guess once they start giving fines there will be a lot more people interested.

 

Or we are wrong and everything is fine and compliant, but I'm not convinced yet.

 

I have a question about the hardware statistics that Unity is collecting from players. Afaik this is a feature you can not turn off on the free versions of Unity. Does this kind of collected data constitute the kind of data that GDPR applies to? Because if it does, the free version of Unity would be unviable for releasing games, unless you have a way to reliably make users accept a EULA and privacy policy before first launching the game, or am I misunderstanding something here? This legal stuff is a lot harder to understand for me than programming issues.

 

Here’s an article on gdpr and games. Not a lot of specifics but it shows some stuff has been going on. https://www.engadget.com/2018/05/26/how-gdpr-is-affecting-the-games-you-love/

and Facebook and Google have already been sued (by a third party)

https://www.theverge.com/2018/5/25/17393766/facebook-google-gdpr-lawsuit-max-schrems-europe

 

Perhaps technically, but practically I don't think this is the case. I'm no lawyer, but unless there's something specific to stop it, I suspect that much of this can be handled by one of those fairly standard small-print statements to the effect of "By downloading and running this app you are agreeing to our Terms of Service."

A clause will be added to everyone's Terms of Services which which gives permisssion to collect data until that permission is revoked. Everyone adds an opt-out button at the earliest opportunity to satisfy the ability to revoke permission and clean up any already collected data. (It has to be able to do that anyway, because what if they click the button only after using the thing for ages?)

In principle I think that's a fine enough system, but I do think that it's incomplete as an overall solution without also having some user education. Complete online privacy is not a realistic goal, and it would suck for non-technical users to think that they're fully protected just because governments are now paying attention to this one aspect of data privacy.

 

Yes, but we've been doing that for years now with privacy policies. On the topic of privacy policies you may have noticed a large influx of emails concerning updated policies. That's because the GDPR requires them to now be written in "clear and plain language" (link to the section below).

https://gdpr-info.eu/art-7-gdpr/

 

I was under the impression the GDPR was aimed a the big companies who process a lot of data, not some indie developer who takes some data for leaderboards etc?

What a debacle.

 

A heck of a lot of indies manage their online data using tools and services from "big companies who process a lot of data". And, as I described in one of the other threads about this, there are solid reasons for small companies to be treated the same as larger ones in this regard.

 

True, I use Playfab myself along with Unity IAP and Analytics.