What exactly is a "Unity Success Advisor"? + complaint thread

No, no... don't zip your lips

If someone is working on a project and they're pissed off, or it's not going to plan, or there's something missing... or maybe it just sucks how it works... That's stuff that can really help everyone. So you should just criticise them how you like. I'm not actually a fanboy at all, and happily criticise them if it's something that affects me.

Constructive of course, with the goal of improvement.

 

I also want to say that I respect your opinion, and I didn't really find anything too disagreeable with your post. But I think people keep slightly misunderstanding my intentions.
Here is what happens with the Editor Analytics:

That's the definition of pseudonymous.

Unity is completely in their right to do it, even under GDPR. I find their disclosure a bit iffy, but I am not a lawyer, so whatever.

My whole problem is:

I open the preferences and I see a "Disable Editor Analytics" checkbox.

I say "ooh! I wonder what this does"! I google it. Find the Docs page. Read the docs page and make a decision.

• If the docs page say it's anonymous : I might let them collect data. Because, why not?
• If the docs page says it's pseudonymous : I might not. Because, I'd feel a little weird (reasons can be silly, but they're my reasons).
• If the docs page says it collects all kinds of personal data : I will definitely not.
• If they completely remove the checkbox, and on their privacy and GDPR page, they inform me that they collect everything they can and then some and will spam me for whatever I do and I can do nothing to stop them : It might be a factor for me completely stopping using Unity (a small factor, but still a factor)
• Or they could have no checkbox and but have a very detailed page telling me what kind of data they gather and why : And that could be fine. (well, I guess it will depend)

So I get a little pissed off when I find out the manual is misinforming me. I get a bit extra pissed off if I feel like there could be hints of ill-intent (in this case, it's not as simple as changing a word in the manual, under GDPR, they would have to do a bit of extra disclosure).

That is all.

(I find the situation very analogous with the Legacy Animation situation, where the manual is (still...) discouraging people from using it but Unity is communicating that we should use it... But let's not go through that again (at least right now )).

Oh and:

Well, I want that as well.

But I read the Docs page and I feel like it's telling me, "It's anonymous dude don't worry about it, yo! here are some random examples that may or may not be accurate, it's all cool n stuff, just chill!", and it makes me feel iffy. And with the recent examples of sloppiness from Unity it makes me feel even iffier.

 

Yeah, I agree with hippo, don't zip your lips.

After all they seem to be able to tolerate me around here

 

Lets be fair here. Currently the only data that Unity needed to collect to send this email is user log ins. How on earth do you propose to do a anonymous login system? All the personal data Unity has collected is login name, email address, and a timestamp. This is personal data that is essential to operating their business.

There is no evidence to suggest that editor analytics is non anonymous or pseudoanonymous. Until someone provides any evidence to the contrary, lets leave the pitch forks at home.

 

Check the post with the email again. We already know it's tracking editor usage but because it's able to email the user about it it's clear that at least some of the editor analytics are being tied to their account.

https://forum.unity.com/threads/wha...advisor-complaint-thread.542060/#post-3576875

 

Says a lot that we live in a society that questions motives and feels vulnerable even though the intention of Unity is just everyday business for themselves.

...The air is palpably thick with cloying paranoia drenched with masked despair as people cling to each other's beliefs because the abyss is now called the internet, and it stares back at you.

 

How is it paranoia when there's been absolutely massive data breaches over the last few years?

 

Like @Kiwasi pointed out, that could simply be login activity, in fact, they stated in the tweet that it was login related and not related to the idle editor. Tracking account logins doesn’t have to be obtained from analytics, it may be nothing more than a last login date.

 

The editor also requires a login to use plus or pro features. There is an option that most of us use to keep us logged in by default. But the login process still happens. I don't consider that analytics. Tracking last login date isn't an invasion of privacy.

The only reason we are associating this with analytics in the first place is because the guy that made the tweet made a mistaken association between the editor being idle and the email. In reality it was just a bot misfiring.

 

Ah. I must have missed the part about it being a bot misfiring.

 

Yeah, the explanation from Unity runs like this:

- We were trying to set up a system to send out emails to users that haven't logged in.
- We messed up and sent the email to a bunch of randoms.
- We also realise the email was poorly worded.

 

Yeah, I think some people forget this login stuff even happens. I might have forgotten about it myself, except that sometimes if I launch a unity editor directly, rather than via the Hub app like I normally do, it sometimes requires a fresh manual login.

 

I don't propose they make it anonymous, I propose they call it what it is.

https://twitter.com/GurgDev/status/1022594608528642048

(I quoted this earlier and was avoiding to post a direct link as to not put the dev that replied to me on the spot, but here you go)

 

I still think there is some confusion in what you are saying, in that user login info and editor analytics are 2 different things. I dont think the login bit itself is anonymous, or pseudoanonymous, I've never thought it was, and I wouldnt expect it to be in future. Editor analytics, and any link between login info and editor analytics, is a different matter that I quite understand the queries and concern about.

But maybe I am misunderstanding what you are saying.

 

I am exclusively talking about the editor analytics.

People keep replying to me bringing up other systems, or potential other systems, that I've never talked about.

So Editor Analytics. The checkbox in the preferences:

Manual says they're anonymous. https://docs.unity3d.com/Manual/EditorAnalytics.html

But they're pseudonymous.

The end.

 

Ah, I guess I was confused because of the original context of this discussion, ie the 'faulty' emails and the discussion we had about this likely being related to login info, not editor analytics.

 

EDIT:
Ah.. that dude apparently works at unity. Yea, they should probably update their docs if he does actually work at unity, and his statements are accurate.

 

You didn't read the tweet I linked, did you?

 

I did and already edited my post (2 minutes before your response.) . Out of context though, it wasn't clear he was staff.

 

(well, I do mention he is a dev in the parenthesis under the link As I said, I was trying to avoid posting this, since he was trying to help and was nice enough to reply, so I didn't want to put him (more?) on the spot)

Anyway, just for clarity's sake, I am not implying the editor analytics had anything to do with the e-mail being sent. Unity said it was unrelated and I believe them. That matter's settled for me.

I do believe the manual is inaccurate though. (and well... it wouldn't be the first time )

 

That still doesn't say editor analytics are linked to individual user IDs. All it indicates is that logins are stored in a pseudonymous system.

You keep trying to link more to this issue then the evidence suggests.

 

It’s a separate thing, he did say that. It probably should be a separate topic, but it would be hard to unthread it. But it came up as result of the original post... a unity developer replied to the email debacle saying (essentially) that editor analytics are
pseudonymous. Which does contradict the docs. My guess is that the docs were written prior to the specificity defined by GDPR. Like most companies, it’s taking a while to address all the details of it.

We’re all devs here.

 

Well...

Huh...

Good point!

 

Yes, it very much says that.
- We know that there is a system that contains information such as email addresses.
- We know that there is a different system that is used to store analytics data. Apparently this data is stored against "user IDs".
- Somewhere, there is another piece of data which "keeps the association between user ID and email but that's kept separated with access restrictions."

This means that we're being told that collected analytics is "anonymous", but it's really only anonymous if we trust the keepers of the data to not join dots that they're deliberately keeping.

Furthermore, there's mention of cleaning the data ("PII, like email, can get wiped"). You shouldn't have to clean data that we're being told is collected anonymously in the first place.

Yeah, I had started to write a response saying that this supposed link between accounts and analytics was purely speculative... until I realised there was a second page with a clarification that that info was from a Unity dev, not some random Twitter user.

 

This stuff should absolutely be an everyday concern to people who work and are trusted with other people's data. It's all well and good for us to think that Internet users should be informed and behave safely in the first place, but the reality is that they won't.

If you're running an online system with logins and a significant number of users it's almost certain that someone has willfully handed you their bank login details without even realising that's what they were doing.

 

That's the thing, it's altering how humans react to everything. The concern is yet another vector for mental illness, anxiety and so on. The reason I'm convinced of this is because most people live on their mobiles from now, a far too young age.

This isn't a small thing. You can't just say "ok everyone needs to question every single piece of data forever" because that's exactly what you just said. That's insane and non sustainable. Instead, the issues need to be designed out.

Make all your data open source but anonymous by default. Just don't bother controlling it or giving permission - just properly anon it.

Until then - no - I don't recommend people contribute to ongoing anxiety on a daily basis. If someone wants to know about my stuff - do it - I will be worrying about my pets, my family, and real life.

 

Personally I dont care much about my own data very often, it doesnt give me anxiety etc except in the most extreme circumstances, circumstances I dont recall ever having faced as it happens. However I certainly do care about how companies use data, their systems, what they tell everyone vs the reality. I find it perfectly possible to get annoyed and complain about that sort of thing, without harming my own mental health.

Also, if nobody expressed themselves loudly about this stuff, I doubt there would be much incentive for companies to sort their act out on this front.

 

How on Earth is that what I just said?

For what it's worth, as far as I'm concerned nost things done on the Internet are basically done in public. If I were questioning "every single piece of data" then, for starters, I wouldn't spend so much time on Internet forums.

That's a choice we don't necessarily get. For example, in my country right now we're rolling out electronic health records. In principle it's a great idea that I'm fully in support of - healthcare providers can get more accurate information more easily to help people stay healthy - but in reality it's being run by someone who, alledgedly, implemented a similar system elsewhere and was caught selling the data to insurance companies - ouch! - and I somehow doubt that civic wellbeing is why they wanted that data. A little bit of Game Theory and you can see where this might be headed.

Or, if our politicians were even moderately informed about this stuff, or involved someone who was, they could have avoided the whole thing to begin with. That's why I think people should think about this stuff. Not specifically because I care if Unity knows when I'm at my PC.

The concern is that 10+ years down the road this stuff could very well impact my pets, family and "real life", but the decisions are being made now and if it does go pear shaped it will be far, far to late to change it by then.

 

You can fight it all you like but you can't fight entirely different countries who do amass this data all the time. It's something that can't be stopped. It's illogical.

I don't know the solutions for that. You can get yet more GDPR style laws in place but it is utterly meaningless to be honest and does not prevent anyone gathering your data and using it. To do that you would need world peace and cooperation, and you probably want less privacy for that to occur. Rambling off topic so I'll sign out. But before I go, I think it's not worth getting super upset about what you can't control.

 

GDPR is certainly not meaningless, and its impact has been felt across a good number of countries that are not in the EU. For sure there are limits to this, and some countries play by their own rules with little regard for consensus in other regions. Companies are often different though, especially when they have a lot of customers in the EU. A balance is perfectly possible, there is no need to be either defeatist or excessively concerned. Just because we have no control over some things, does not mean we should simply shrug and surrender control of everything.

 

Which is the unfortunate truth. Unless you live in the US or EU, you don't get a vote in the rules. Regulation without representation just feels wrong.

 

Although I can agree with your sentiments about that in a whole raft of situations (including a bunch of political and economic ones), I dont in this case. These rules are about the privacy of citizens in EU countries, and people that want customers in the EU should respect that. And no, I dont believe that people that happen to want to profit from customers in that region should have a say about the rules there, I consider that to be a world away from what representative government should ideally be about - representation of citizens, not of external players who want to profit from them and not play by the rules of the countries involved. All the whinging about GDPR just made me more glad it happened and went some way to demonstrating the problematic attitudes that made it necessary. I know it isnt perfect etc but we've seen what companies small and large do when they think its a free for all without rules that apply to them.

 

While I appreciate that's what the law says, that's not how its panning out in practice. Most businesses that operate internationally are enforcing GDPR by treating everyone as if they were a citizen in EU. Nobody wants to maintain multiple systems for multiple parts of the world. And under GDPR asking someone if they are a EU citizen counts as collecting personal data, so its virtually impossible for a company to limit GDPR compliance to just EU citizens. So everyone is forced to comply to the rules of the big countries.

As a NZ citizen operating in Australia, I shouldn't be required to comply with GDPR.

It was the same thing with DMCA from the US. We are fortunate that COPPA didn't fall into the same boat, although it still comes up occasionally.

 

And honestly, while I'm not intimately familiar with it I don't think that the GDPR asks for or requires anything unreasonable? Sure, it's a pain in the context of "I just made a video game and now I have to do all this stuff to be compliant if I want to put it in shops". But that's not the important stuff. I'd love GDPR to be implemented locally with regards to this new health system alone!

I can, and I will, and I'm not the only one, and that's a good thing. For instance, the whole GDPR thing probably wouldn't be a thing if it weren't for people becoming more informed and educated about this stuff.

Is it perfect? No. Will it stop people ignoring, failing to meet or outright breaking the rules? No. But it's a step in the right direction, and I'd much rather have it than not.

 

The content of the GDPR is fine. And I don't mind complying to it. In general data privacy and control of ones own data is a good thing.

My issue is mainly with the GDPR isn't its content. Its the fact that laws are being made and applied to me by someone else's government. If I don't like my own government, I can always vote to change it. There is nothing I can do to influence policy in the EU and US.

 

I used to think that data privacy was something really important until I realized that it's exactly the sort of thing that is far worse when it's badly managed than when it's not managed at all. And it's almost impossible to manage it properly for the reasons that hippocoder mentioned amongst others.

One thing I noticed about the current state of affairs on the internet is that one way or the other, everything you do on the internet, as they say, 'can and will be used against you'. The worst of all possible worlds is when you have a situation where people feel the need to safeguard bits and pieces of almost impossible-to-protect information in the face of overwhelming consequences. Why are those consequences there? Partly because there is a facade of privacy over everything. But it doesn't actually really exist.

If this situation develops, you end up in the ridiculous situation of where everyone is trying to pretend that (metaphorically speaking) their toilet is always perfectly clean, and when they are caught with it dirty, they are made to polish it in front of everybody. I would prefer a situation where if someone was looking into my toilet, it would be more of an embarrassement for them than for me.

In that sense, I am more interested in preventing unwanted emails than whether or not Unity (or anyone else) is watching what I am doing. As long as I am not being bothered, I don't really care a great deal.

 

That's not to say that there should not be laws to prevent people from snooping, and things like that. But it's not so much to protect the information itself from someone else's knowledge as it is a way to prevent it from being used in a way that's harmful to the owner of it without there being consequences.

 

Stumbled over this on youtube, sorry if it has been posted already, I only skimmed the thread:

 

I was going to skip that video as I took its title to be a bit linkbaity hyperbole, but it seems that title its actually referring to a different 'Unity email cockup' incident where people who obviously do not earn over the $100,000 per year personal license limit were being threatened. This really sucks and is a clear own-goal on the part of Unity to say the very least.

I dont have time to look into the detail properly right now or post information about it for people that dont want to watch a tedious video, but this stuff dismays me massively and tends to stoke my fears that Unity now have an aggressive department at work that is doing way more harm than good, undermines all the good will built up during Unitys evolution, and makes me even keener to rant about some of the dodgy euphemisms like 'success advisor' even more. If I keep hearing about this sort of thing, I will seriously reconsider bothering with the plus subscription I am on, as my own low revenue certainly means I am not obliged to have it. Also makes it hard to sing the praises of Unity around other parts of the internet, what a tragedy.

 

Bah I am so depressed about this. Aggressiveness combined with incompetence is a terrible mix, especially if combined with weak procedures and dodgy target-driven culture.

 

Depressed is a strong word. Mild irritation seems more appropriate.

Save depression for when things actually get bad.

 

Dont police my choice of words thank you. The use of the word depressed is not the same as claiming actual depression/clinical depression for example.

I know how I feel. I am very depressed to read about these incidents. Far more so than the other spammy type stuff that was discussed earlier in the thread. To carelessly start accusing people of breaking the Unity EULA makes me depressed about the way Unity has been conducting this side of its business. My mood throughout today so far is not what it would have been had I not heard about these incidents.

 

You never know. He may be feeling vertically flattened.

Murphy's law continues to be quoted for a reason. You can only be careful to a point. Eventually a mistake will happen. It's only if the people involved don't correct the problem and it becomes a repeated mistake that it becomes an actual concern.

 

Sure, I can appreciate that sentiment, not least because I tend to share it. I usually try to judge people, companies etc by how they respond to mistakes, and whether they are repeated a lot again later, rather than whether they make a mistake in the first place.

So yeah, I will get over my restricted y-axis scaling fairly quickly over this one as long as I dont keep hearing about fresh instances in future. I havent really sharpened my pitchfork yet, and I dont bet that I will have to in future, fingers crossed. And even if that happened, it would put me in a dilemma rather than just turning into someone who is always negative about Unity, because I am so happy about a lot of what has been happening with the engine and various packages this year. I dont really remember another year like 2018 in terms of how happy I am with new stuff and their plans, although I should really wait for 2018.3 beta before getting way too overexcited about this I suppose, since it wont be their fault if I get too carried away and then feel let down.

 

Combined with the aggressive marketing lately and the atmosphere shift around Unity, I'm not comfortable myself working in it anymore. Same deal with Unreal when they went "free" and things went to hell. I'm pushing my effort and money into GoDot development. It's pretty damned good.

 

I am just curious, how did things change when Unreal went "free"?