Brand MU Day
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    On the utility of Logs, Receipts, and Proof

    Scheduled Pinned Locked Moved Rough and Rowdy
    223 Posts 51 Posters 31.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • IstusI
      Istus @Roz
      last edited by

      Your system won’t catch this either, though. If you want it to be reactive, and people don’t report, you’re not going to know to check in on a certain player. Making a list of keywords your system will flag will not catch this. There isn’t a magic list of harassment keywords. You are, as @bear_necessities said well, building yourself an illusion and a false sense of security.

      Is the idea worse than doing nothing? What I am trying to wrap my head around is whether such a thing is intrinsically negative in terms of the behavior it would encourage me to engage in. If I understand its limitations, and do not rely on it to ‘do my job’ what negative consequences could arise from it?

      shit-piss-loveS RozR PavelP M 4 Replies Last reply Reply Quote 0
      • farfallaF
        farfalla
        last edited by

        I guess I’ll just say this: If your concern is purely about catching problem players, the place I’ve found to be the best at fielding and handling problem players is Arx. And they do it by being very open and direct about wanting players to report things even if it’s small or might be nothing, and by proving through their actions (bans but also thematic ways, and how they enforce that theme) that they will take my report seriously. I didn’t know any of them to decide if I could trust them, but it was written either explicitly or implicitly all over the place that they cared and would be safe to report to.

        as previously stated, good day.

        1 Reply Last reply Reply Quote 3
        • shit-piss-loveS
          shit-piss-love @Istus
          last edited by

          @Istus said in On the utility of Logs, Receipts, and Proof:

          Is the idea worse than doing nothing? What I am trying to wrap my head around is whether such a thing is intrinsically negative in terms of the behavior it would encourage me to engage in. If I understand its limitations, and do not rely on it to ‘do my job’ what negative consequences could arise from it?

          Do you consider reading the logs of people who have not asked you to read them a problematic act?

          JennkrystJ IstusI 2 Replies Last reply Reply Quote 3
          • RozR
            Roz @Istus
            last edited by

            @Istus said in On the utility of Logs, Receipts, and Proof:

            Your system won’t catch this either, though. If you want it to be reactive, and people don’t report, you’re not going to know to check in on a certain player. Making a list of keywords your system will flag will not catch this. There isn’t a magic list of harassment keywords. You are, as @bear_necessities said well, building yourself an illusion and a false sense of security.

            Is the idea worse than doing nothing? What I am trying to wrap my head around is whether such a thing is intrinsically negative in terms of the behavior it would encourage me to engage in. If I understand its limitations, and do not rely on it to ‘do my job’ what negative consequences could arise from it?

            In my opinion? Yes, it could be, if by “nothing” you mean not logging everything. I feel like the reasons why have been outlined a few times at this point. 1) There’s a lot of potential players who have strong feelings about privacy who may be put off. But games can absolutely live with this, as others have also said. 2) If you build tools that don’t actually get you closer to a solution, which what you’ve described doesn’t sound to me like it will, then bad tools will bring you to bad results. You will make bad calls based on a bad tool because that’s the nature of bad tools.

            she/her | playlist

            1 Reply Last reply Reply Quote 0
            • PavelP
              Pavel @Istus
              last edited by

              @Istus said in On the utility of Logs, Receipts, and Proof:

              Is the idea worse than doing nothing?

              Yes.

              If you want to establish trust, you have to trust too. Trust that your players will report bad behaviour, trust that you don’t need to spy on people to get the results you want.

              Trading privacy for security is always a tenuous and complicated idea.

              He/Him. Opinions and views are solely my own unless specifically stated otherwise.
              BE AN ADULT

              1 Reply Last reply Reply Quote 4
              • JennkrystJ
                Jennkryst @shit-piss-love
                last edited by

                @shit-piss-love said in On the utility of Logs, Receipts, and Proof:

                Do you consider reading the logs of people who have not asked you to read them a problematic act?

                This just makes all logs problematic forever, then. The creeper who is being reported did not ask staff to read the log, so now the very act of submitting and reviewing events is problematic.

                Mummy Pun? MUMMY PUN!
                She/her

                shit-piss-loveS 1 Reply Last reply Reply Quote 0
                • shit-piss-loveS
                  shit-piss-love @Jennkryst
                  last edited by

                  @Jennkryst said in On the utility of Logs, Receipts, and Proof:

                  This just makes all logs problematic forever, then. The creeper who is being reported did not ask staff to read the log, so now the very act of submitting and reviewing events is problematic.

                  Well yeah. Just scroll back in this thread and you’ll have plenty of people explaining the circumstances under which they would be hesitant to share a log even if they were the victim of abuse.

                  1 Reply Last reply Reply Quote 2
                  • M
                    mietze @Istus
                    last edited by mietze

                    @Istus why is it a choice between that idea or doing nothing?

                    I think honestly some of the discomfort that people are expressing may only be partially related to the logging or systems. I think some of it has to do with the perceived inflexibility and formulaic approach you seem to be taking. Have you personally experienced the kind of predatory harassment on a game that you seem to genuinely want to curtail?

                    A lot of the times (not always, but a lot) predators work in ways that circumvent formulaic approaches. In fact they /thrive/ in that environment because most of the time they operate on the gray area. Not breaking the letter of the law, but being extremely invasive and gross in the spirit of it. Many times those people use staffers who have a more…distant and formulaic approach to their advantage. And dealing with a staffer like that is often frankly just as demoralizing as having to deal with someone who has been invasive on a game.

                    Problematic people are rarely afraid of logging. That doesn’t prevent them from doing what they do.

                    AposA 1 Reply Last reply Reply Quote 6
                    • PavelP
                      Pavel
                      last edited by

                      I think, at least partially, this is an ‘every problem looks like a nail’ issue.

                      You’re a coder. So you’re going to approach solving the problem in a coderly way. That’s just not how the majority of us think.

                      He/Him. Opinions and views are solely my own unless specifically stated otherwise.
                      BE AN ADULT

                      TezT 1 Reply Last reply Reply Quote 3
                      • IstusI
                        Istus @shit-piss-love
                        last edited by

                        @shit-piss-love said in On the utility of Logs, Receipts, and Proof:

                        @Istus said in On the utility of Logs, Receipts, and Proof:

                        Is the idea worse than doing nothing? What I am trying to wrap my head around is whether such a thing is intrinsically negative in terms of the behavior it would encourage me to engage in. If I understand its limitations, and do not rely on it to ‘do my job’ what negative consequences could arise from it?

                        Do you consider reading the logs of people who have not asked you to read them a problematic act?

                        If permission to do so was not granted at the outset, absolutely. There is a reason I have been very clear that anything I end up doing will be clearly labelled on the tin - be it logging everything, logging nothing, or something in between.

                        For all discussion/debate purposes I hope that everyone is considering things from the position that nothing is being done without previous disclosure and acceptance prior to making a character. There may be some subtlety in specific cases such as noting that some words may automatically trigger an investigation but not publishing the specific words.

                        @mietze I think I should clarify that ‘doing nothing’ in this case is specific to triggering passive investigations based on keywords or not. It does not mean that everything is hands off outside of that one discussion item. Part of the reason why I am so passionate in finding some balance of tooling and culture management is because I have been the victim of this sort of behavior in the past, like many others, and anything I can do to prevent it or slice it off early I will try and do.

                        @Pavel You’re probably right. These debates are constructive and help to check my personal biases.

                        There are opinions and perspectives here that I may not have considered. The result will be better for it.

                        PavelP 1 Reply Last reply Reply Quote 3
                        • PavelP
                          Pavel @Istus
                          last edited by

                          @Istus said in On the utility of Logs, Receipts, and Proof:

                          There are opinions and perspectives here that I may not have considered. The result will be better for it.

                          Oi. Stop being reasonable so we can hate you, not just your ideas. Have some consideration!

                          He/Him. Opinions and views are solely my own unless specifically stated otherwise.
                          BE AN ADULT

                          1 Reply Last reply Reply Quote 0
                          • TezT
                            Tez Administrators @Pavel
                            last edited by

                            @Pavel said in On the utility of Logs, Receipts, and Proof:

                            I think, at least partially, this is an ‘every problem looks like a nail’ issue.

                            You’re a coder. So you’re going to approach solving the problem in a coderly way. That’s just not how the majority of us think.

                            I can’t lie, I absolutely said the same thing:

                            tyranny of tezzes ✔ — Today at 10:46 AM
                            big coder energy

                            I don’t think it’s a solution that code can solve for, myself, and one that it is in fact extremely minimally helpful for actually doing anything. But maybe if I had more coder energy!!

                            So much of the things that can create bad game energy can happen off-game – discord, etc. – or even be innocuous on a log. (Please stop standing outside of my house. Even if you aren’t codedly peering into all of my windows and breathing heavily, it’s really weird.)

                            I do think that the way Arx handles these kind of issues is worth examination, to bring back a point made in another thread that I am too lazy to find. They have been consistent about the kind of behavior they want to see and emphasize it in their banning posts. Some people believe in silent bannings. I SURE DON’T!!!

                            she/they

                            1 Reply Last reply Reply Quote 5
                            • PaxP
                              Pax
                              last edited by

                              @Istus said in Witcher MUSH Design:

                              @bear_necessities Off the top of my head, having a list of potentially problematic keywords that get flagged up is easy enough.

                              My experience with “bad word filters” resulted in 99% false flags. No exagerration, 99%. We eventually turned the gd thing off. People mistype, and what was originally “spicy” or “like” has turned into an embarrassing but certainly unintended slur. As I think others have pointed out much more eloquently: context matters, and logs don’t give you that, players do.

                              I wish you would.

                              PavelP IstusI 2 Replies Last reply Reply Quote 2
                              • R
                                Rathenhope
                                last edited by

                                One thing that anyone doing logging should consider is how it interacts with their obligations under the GDPR and associated data protection legislation.

                                No, you are not exempt from the GDPR if you are in the USA, If you have a server that European players use, you are required to meet its obligations.

                                Any collection of personal data (yes, including IP addresses, which are considered personal data) requires consideration of why you need to collect and store that data. You’re now a data collector. Proper operation of the service counts, so it is entirely correct and fine for Ares to store pages in the database, for example, as it’s part of the operation of being able to serve your pages via the web portal.

                                Auditing also can be a valid reason to store data, server access logs for example can come under this. So lets say you want to store all the logs so that you can audit people’s use of the service so that you can ban them if they turn out to be a creeper.

                                Ah, but you want to read the logs? Now you’re a data processor, that has obligations too.

                                What happens when someone pages a friend about an operation they’ve just had on their spleen? Now you’re storing medical data, with all the obligations that come with that. If you made your users consent to having all their messages stored, that’s fine, but that doesn’t lift your legal obligations to handle that data appropriately.

                                What happens when someone leaves the game? Do you keep all of those logs? Unfortunately under the right to erasure, once your need to store their personal data goes away - they’ve left the game, your stated purpose for keeping their data was to ban them if they turned out to be a creeper, it’s no longer valid - you no longer have the right to keep any of it and you must get rid of it without delay.

                                Now I think it’s incredibly unlikely that the ICO (or other authority) would go after a MU - unless a particularly egregious complaint was made - and with the right considerations, risk assessments, advice, and yes even technology, you can probably make things fit within the correct legal frameworks.

                                But it’s a consideration that I don’t think many people think about, so it’s probably worth spending some time looking over the relevant legislation.

                                NarsonN PolkP 2 Replies Last reply Reply Quote 9
                                • PavelP
                                  Pavel @Pax
                                  last edited by

                                  @Pax said in On the utility of Logs, Receipts, and Proof:

                                  @Istus said in Witcher MUSH Design:

                                  @bear_necessities Off the top of my head, having a list of potentially problematic keywords that get flagged up is easy enough.

                                  My experience with “bad word filters” resulted in 99% false flags. No exagerration, 99%. We eventually turned the gd thing off. People mistype, and what was originally “spicy” or “like” has turned into an embarrassing but certainly unintended slur. As I think others have pointed out much more eloquently: context matters, and logs don’t give you that, players do.

                                  You also get the Penistone/Scunthorpe problem.

                                  He/Him. Opinions and views are solely my own unless specifically stated otherwise.
                                  BE AN ADULT

                                  GashlycrumbG 1 Reply Last reply Reply Quote 1
                                  • IstusI
                                    Istus @Pax
                                    last edited by

                                    @Pax I am not surprised. Definitely a short-sighted thought on my part.

                                    1 Reply Last reply Reply Quote 0
                                    • R
                                      Roadspike @spiriferida
                                      last edited by

                                      @spiriferida said in On the utility of Logs, Receipts, and Proof:

                                      Talk openly about the atmosphere you want to create
                                      When people are acting shitty casually, don’t let it slide in the moment - call it out. “We don’t do that here” is a good phrase.
                                      Don’t wait for people to report things to remove someone> demonstrate your own patterns of behavior to your players.

                                      I cannot give better advice on creating an atmosphere of trust than these points. I also like “that’s not acceptable here” when calling out shitty behavior.

                                      Also, and perhaps most importantly, if someone does report something to you, follow up on it and get back to them afterwards. Even if it’s just to say, “I’ve heard you, I understand that you have concerns, I’m going to be watching this person extra closely, please use the report function if they contact you at all for any reasons, I’ve told them not to.” Letting people know that they’ve been heard and that you appreciate their report and have taken it seriously will be spread to their friends, and their friends will feel more comfortable coming forward too.

                                      Also also, if you remove someone from the game for bad behavior, be public about it. You don’t have to (and shouldn’t) include all of the gory details, but a general description of the unacceptable behavior and the fact that the person has been removed, posted to a public place, will make it clear what is not allowed.

                                      Formerly known as Seraphim73 (he/him)

                                      1 Reply Last reply Reply Quote 8
                                      • NarsonN
                                        Narson @Rathenhope
                                        last edited by

                                        @Rathenhope They /could/ keep that data for a reasonable time after departure of a player if they had a data policy with reasonable retention periods and justification…but I can’t say I’ve ever seen a data policy on any game really, or any attempt at gathering informed active consent, which is very much the GDPR standard (they really hated passive consent, and opt out)

                                        When someone shows you who they are, over and over again? Believe them.

                                        1 Reply Last reply Reply Quote 1
                                        • PavelP
                                          Pavel
                                          last edited by

                                          Now you’ve got me concerned whether this board is GDPR compliant…

                                          He/Him. Opinions and views are solely my own unless specifically stated otherwise.
                                          BE AN ADULT

                                          TezT 1 Reply Last reply Reply Quote 0
                                          • TezT
                                            Tez Administrators @Pavel
                                            last edited by Tez

                                            @Pavel Don’t worry about it.

                                            sweat

                                            ETA: https://nodebb.org/gdpr/

                                            EATA: I worried about it.

                                            she/they

                                            1 Reply Last reply Reply Quote 4
                                            • First post
                                              Last post