ESA instead of E3 wouldn't necessarily tell E3 attendees their information was leaked since not everyone knows the ESA puts it on. Personally, I've been around games all my life and had no idea.
Headlines are always a compromise. I think the author found a good one.
Leaking the details of a couple thousand people isn't just a regret. Hopefully as more details come forward ESA actually makes an effort to clean up their mess.
There was recently an incident of a FFXIV streamer being doxed and his (and his children’s) lives threatened for their stance on the latest FFXIV raids. There are some real psychopaths out there.
> The team associations had become a focus for various social and political issues for which the general Byzantine population lacked other forms of outlet
> Some of the senators saw this as an opportunity to overthrow Justinian, as they were opposed to his new taxes and his lack of support for the nobility. The rioters, now armed and probably controlled by their allies in the Senate...
If you want to bring politics into sports, then i'll just say videogames are just as political as sports are, and the death count is still way way lower (hypothesis, but I'm pretty confident).
I'm not saying "Video game toxicity is not a problem." it is, it's a big problem. But lets dispense with easily disprovable hyperbole like "it's the MOST toxic enthusiast culture"
2001 Opatów, 2003 Walichnowy, 2007 Kielce(knifed), 2007 Łódź(coma), 2011 Poddębice, 2011 Kraków, 2018 Prokocim(arm cut off with machete, body massacred with baseball bats, axes and hammers). Thos eI could find with a quick google.
Example clip from one https://www.youtube.com/watch?v=jKXOsC3ms7k train was emergency stopped in the middle of nowhere, other team was already waiting after being transported by shuttle buses. You can search "Ustawka" on YT for more.
I refuse to use the term/label "gamer". It's horrible. "Hardcode gamer" has turned into no true scotsman.
>"Unfortunately, a vulnerability was exploited and that list became public." //
If it was just a link to a file on the website them claiming a vulnerability was exploited is like saying "my security system was overcome" if I dropped my wallet on the bus.
So why was it even there? It's not the database they're using on the site; from what I've read that's a standard WordPress install. And the spreadsheet was unlikely to be needed outside the organisation itself.
Hence the ideal thing to do would have to be to somehow tie the WordPress DB into whatever system they were using. If that'd been done, the leak could never have happened in this way.
Alas they didn't, and by going with the old 'intern takes database details, puts them in a spreadsheet and shares around a link' method, exposed thousands of people's details online. It's basically a perfect case study for the dangers of ad hoc spreadsheet solutions and sharing 'private' links around to distribute customer info.
Either way, I wouldn't be surprised if someone did sue them under GDPR or what not at this point.
>The list exists so that publishers and developers can invite analysts and media to events and private viewings that take place during the E3 show.
>We provide ESA members and exhibitors a media list on a password-protected exhibitor site so they can invite you to E3 press events, connect with you for interviews, and let you know what they are showcasing.
And even if it was, it feels like this system was implemented in the worst way possible. Could have been a CMS function that generated the list once credentials were provided or what not.
Not quite, merely having data on an EU citizen is not sufficient to invoke GDPR.
To clarify, article 3 of GDPR specifies that it applies to companies that market specifically to EU citizens or specifically monitor EU behavior of their customers. https://gdpr-info.eu/art-3-gdpr/
This is taken by many to broadly mean that when an EU citizen purchases something by (for example) a US company where the product is marketed only to US citizens, GDPR does not apply.
For example: https://www.gdpreu.org/the-regulation/who-must-comply/
“May be insufficient evidence [if] The firm’s website is accessible to EU residents”
Does that mean that if you market to the world (i.e. anyone who might hit the site, making no mention of world nationalities) but not specifically to the EU (i.e. You make no mention of anything specific to the EU in any part of a site and you don't differentiate them in any way from non-EU users) then the GDPR doesn't apply?
My understanding from reading the GDPR text and multiple law firm and FAQ summaries is that GDPR applies to marketing specifically to the EU. The text of Article 3 is clearly stating that GDPR doesn't apply to everyone in the world, and doesn't apply for the sole reason that EU residents purchase something globally. But, the wording is also vague, GDPR has been widely criticized for it's lack of lack of specifics.
Personally, I currently believe that if you do not mention EU, do not market to the EU specifically in any way, and do not track or separate EU related data from global data, then GDPR may not apply. Marketing globally may not be sufficient to require GDPR compliance. But, it might also be easy to cross that line by doing something as simple as using Google Analytics, where it shows you behavior per region, so might be considered tracking EU activities. I don't know where the line is, so hire a GDPR lawyer.
Broadly speaking, the verb "to market" does mean "to advertise or promote" (try Googling "define market", and see the verb definition).
> so yes, bringing products to market for the world is also bringing them to market for the EU.
While that's true in a sort of technical sense, the GDPR text explicitly contradicts the notion that failing to restrict EU citizens from buying something amounts to requiring GDPR compliance.
I also agree that general tracking might unintentionally cross the line and turn into EU specific marketing, it does seem like most web analytics these days is geared for identifying regional differences and that that would count as monitoring EU behavior.
GDPR is still in flux and being updated, but I don't know what's been tested in court. Best advice is to seek expert counsel.