/ discordapp

Discord's "new" Privacy Policy (& stuff)

There's a good chance that many companies have been sending you notices that their Privacy Policies will change/take effect on May 25, 2018. I'm not going to go over the General Data Protection Regulation since there's tons of resources about it, but, in short, is a data protection and privacy law in the European Union.

But, of course, no companies limit themselves to just one part/some parts of the world, so many US-based firms must change their privacy policies to reflect the changes and structure of the GDPR.

If anyone knows or follows me, you'll know I have a deep interest in privacy, cryptography, and much of the technical aspect of it. This was long before I joined or even knew about Discord, and our rules page has always been written in a "Terms of Service/Privacy Policy" sort of scheme.

Sidenote: I have to update the rules to reflect a few changes that Discord made in their privacy policy, but that takes some time since it's more 'formal' - the rules page is always dated and I notify everyone in our guild when those go out. But, as we state in our rules that we accept and are bound by Discord's accordingly, technically it's imported in 🙃.

I've also (over a year ago) written a blog post right here about what I called 'Illusions in Privacy' - at the time I was coming from IRC, and many people would make claims about IRC-based communities and Discord, but I digress....the point here is that we really like privacy here, or at least I do. Why do we have a 8092-bit encrypted PGP form for our contact page? I don't remember what I was thinking of in late 2016, but it works!

OK, so if you made it this far: impressive. I'm not going to bore you with the usual "let me read what the policy says"; instead I'll just point out what is different (the main gist of it), and my hopefully brief thoughts.

First, I should probably link you to them, if that wasn't obvious -- as one can see, they go into effect a week from now: May 25, 2018.

One thing I've always loved about Discord is that it's fairly open as a company, be it their vast developer API, their community interactions, and their day-to-day workflows. Of course there's a lot behind the scenes, but the success of Discord and its growth are certainly due to being as transparent as practicality holds, and having users feel like they are able to contribute or at least be a part of the growth directly. You don't get the same feeling with something like Slack - not looking down on them at all (I use it myself for some things) - but obviously there's a difference in interaction.

Discord's privacy policy changes are nothing drastic: as they state, they're mostly clarifications and explanations of what they do/don't do + your rights as a user - just like I have always stated our rules page was intended to be. It's knowledge that hopefully gives users an insight into the platform, and that's worth something to someone out there. So what did Discord change/discuss in their new policy?

Let's sum it up as: the same as before, but you - the user - can ask and receive much more than was at least published/known formally before.

  • There's going to be a lot of cool things under "Settings" when these changes go into effect; you'll be able to request a thirty-day history of data that Discord has on you and be given a link to download it, all through the system automatically -

  • You can request more by sending an e-mail to [email protected], with a request for data outlined, and Discord will do their best to show you that data.

  • They didn't have to expand this scope to everyone, but they decided that these should apply to everyone, so kudos to the Trust/Safety folks!

  • The "Settings" page under your account will have options to opt-out of certain e-mails, tracking, cookies, etc. Again, I'm summarizing: go read it here, plz!

  • And to finish, they basically reworded their prior Privacy Policy to be more verbose; they clarified exactly what they meant by certain things like "transfer of data" and also talks about the specific things they are allowed to do with your consent, and what they, as well as developers who use the API like myself can do with any information, and the limitations of it.

So what are my thoughts? I'm very pleased with the expansion and implementation of all the controls a user will have, and the fact that it'll be possible to request, automatically get data and request, in certain conditions, that they should delete your data - that's a plus in my books. And as I said on that post I wrote more than a year ago: it's unlikely that Discord's collection of raw userdata is as expansive as a pure data-harvesting company (that's a topic of its own, but for one thing there isn't as much just due to the nature of the standard user/platform), but also that there's very little reasoning for them to be doing some deep secret collection of deleted messages and storing them all for the staff to read on weekends...as they clarify a bit in their updated policy: the storage that they keep is as short as they need it to be, and mostly raw metadata.

So they certainly keep analytics (as any large company does (and should) to survive and grow). But, when it comes to the next insert conspiracy theory codename here - just like I thought a year ago: nothing has changed. The slight clarification about data retention as it relates to user storage directly that is mentioned in the revised Privacy Policy is just further evidence of such, as they state it in a clearer way - which I honestly presumed from day one on Discord.

So to finish on that, make sure to read their revised Privacy Policy as you're supposed to - but rly, who reads that stuff these days? Though, if you've made it this far on this blog post, then it's questionable why you wouldn't just read it, yeah? OK. <\endthat>

.....and, closing statements: congrats on 3 awesome years Discord (that milestone date was earlier this month), things seem to be going well and that's that. Look forward to more boring blog posts like these from the one and only .vlexar#0001 when I feel like it. I've been busy, but there's certainly cool Discord-related stuff in the works for sure, and more info will come soon!* (*google dictionary definition of soon).

And on the off-chance that any of this is interesting, and you find this post somehow and are not a member of our guild: we're a all things Bot/Dev related server, with a focus on Discord, and always keep things real -- at least I like to think so.

So, without further adieu, here's the shameless invite if you do want to join and be a part of our group of members, testers, and/or dev's. Various links are also on the right sidebar on this site (to everything that matters in the world and is important and all that good stuff).

Thanks to everyone who has made Discord the place it is today, the new Privacy Policy gets my personal stamp of approval, and a special thanks to everyone who have helped build my experience at Discord, and of course to all our members, developers, and testers.

Expect a standard vlexar-style 'weird/fancy/formal' change to the rules page reflecting the May 25, 2018 Discord Privacy Policy within the next week or so. Will announce.

With that, I say (for the 2^10th time): the end,