Text:
I consent to Plex to: (i) sell certain personal information (hashed emails, advertising identifiers) to third-parties for advertising and marketing purposes; and (ii) store and/or access certain personal information (advertising identifiers, IP address, content being watched) on my device(s) and share that information with Plex’s advertising partners. This data is used to deliver personalised ads and content, ad and content measurement, audience insights and product development. Your consent applies to all devices on which you have Plex installed. You can withdraw your consent at any time in Account Settings or using this page.
Soure: https://www.plex.tv/vendors/ (Might have to clear cache)
Can also read about the changes here: https://www.plex.tv/about/privacy-legal/
No you are not. This thread straight up opens on “why would anybody use Plex” and this whole branch is about how people don’t want anybody using Google for login.
You are presenting a lot of great hypotheticals and I’ll be happy to stop using Plex if and when they stop being hypotheticals. They are, though, so I don’t particularly mind.
Especially because we’ve moved from “oh, maybe get your family to not use Google to log in” to “actually, get them to move to F-droid or install from source and do so under proper DNS filtering to stop telemetry gathering”.
Friend, if people’s relatives were willing to install their Plex client from source they wouldn’t need anybody to host a Plex server for them. What the hell are you going on about and how detached are you from how people use software?
I swear, online… man, “posers” is so harsh, but I can’t find a better word. They always pretend they are running some top secret off-the-grid operation like big corpo is coming after them specifically. Your data is probably not that tightly kept (mostly because a bunch of it probably doesn’t depend on you) and it’s not that much of a priority.
Oh, and while I get that you get a kick of repeating what your understanding of US law is at me, over here backing up to additional media is explicitly supported by the right to private copy. As is, implicitly breaking DRM.
Not that it matters because nobody is enforcing these at individuals for private use anyway because the rules being sought are absurd and holders know it and they just want scary tools to wave in front of individual users and to actually deploy against major sharers. You are playing out this weird scenario where a company goes to Plex to get your name as if Plex doesn’t have a business built on helping you do the thing you think they’re chasing you for and has a ton more money they could be sued for. It’s nonsense. The reality of it is it makes you feel cool and savvy to secure your home computer as if it held state secrets.
And that’s fine, but don’t act like anything else is insanity. It’s kind of obnoxious.
it’s not hypothetical, Plex has already been banning users for various reasons, all of which stem from them having access to data about your account, connected users, and server data.
You’re the only one making this complicated bud.
I was simply telling you that the US has a similar carve out for breaking DRM, but that it didn’t include the use case you are describing. Just giving you a heads-up that it’s a common misconception here, and it could be misunderstood wherever you are too. Chill out. BUT, even if it IS legal where you are, Plex is bound to US law and can and will ban you for breaking it.
Except Plex is enforcing it because it is excplicitly against their terms of service, and have already done so.
I’m not saying it’s insanity you dipshit, i’m saying there are good and valid reasons to avoid a cloud-hosted service not within your control. You’re free to disagree but fuck off with this incredulousness
No, the bans stem from the EULA. I am not breaching the EULA. Whether Plex can verify that or not is not much of a concern for me.
But to be clear, I have zero to lose here. The outcome of Plex banning me for not breaking their EULA (for some reason, which is technically possible but unlikely) is the exact same as the outcome of me dropping Plex in case they ban me. In both cases the only thing that happens is I’m not using Plex anymore.
Also, in your hypothetical Plex already knows the stuff you are worried about. The SSO has nothing to do with it. Plex doesn’t need data from Google to know, they already have your personal information.
I guess adding to the list of reasons to use Plex “being berated by online randos wanting to be performatively tech savvy”. Which, again, changes nothing practical, but hey.
Take another look bud.
spoiler
But maybe you don’t care about any of that shit, either? Idk man the list of things you’re dismissing as unimportant is really adding up.
Jellyfin has zero idea who I am or what accounts/IPs access my server, nor do they know what’s a part of my media catalogue or if they are legally licensed to me. If I were to use google’s SSO, then google would know which accounts/IP’s are accessing my server, which isn’t a huge deal by itself, but if jellyfin were to have information about my entire account and library then it would suddenly be a very big issue.
But Plex does know what’s on your account, and they do limit the number of authenticated users of the account as a part of their TOS and through limitations surrounding their paid plex pass, and they have exercised their right to terminate accounts and pass personal information of infringers along to law enforcement and copyright holders. None of which is even a remote possibility with a completely self-hosted solution. But hey, if you’re happy then more power to ya.
You are correct, I don’t care about any of that either. And I know about the boilerplate. Bud.
You need to agree with yourself about what you’re arguing. Are you saying that the problem is the SSO or Plex?
Because if Plex will go tell on you it will do it based on the data they have internally, not based on any data captured by the login flow, so the SSO is not additional issue compared to using Plex without the Google login and using the email login instead.
And if you’re arguing that the SSO is the problem and not Plex which you indignantly reminded me is what the thread was about, then you’re arguing against yourself, because it sure seems we agree that if Plex is going to take any action against you illegally sharing files through their system (which, by the way, they are legally obligated to do) it won’t be due to the Google login at all, which is just a bit of convenience and doesn’t seem to provide anybody with any data they don’t already have.
Once again, you are super keen on playing up hypotheticals. Once again, the biggest issue with those hypotheticals is that Plex boots me out… of Plex. I am not doing anything illegal with it or even breaching their EULA, including the paragraphs you quote (not that something being written down in an EULA makes it applicalbe, but still). I will bite that bullet and live with Jellyfin’s implementation if and when that happens. Which it likely won’t.
There’s a problem with SSO’s and there’s a problem with Plex. Go back and read the conversation - that’s not the problem with plex, it’s a problem. Someone said they don’t trust google login, and you were indignant about why that might be, and I was exceedingly patient with explaining why it’s a problem. I like that jellyfin does not provide a google SSO, because I can choose a better, less invasive one as a server admin. I’ve not said anything contradictory here, you’ve just been willfully misreading shit.
just fucking read the words I so kindly found for you in the TOS (not that it fucking matters if it’s a tos or a eula anyway). It’s also not a fucking hypothetical, Plex has already been exercising this. But I don’t give a fuck if you’re concerned about it, i’m just telling you why so many people are taking issue with it. And given that they’ve already demonstrated that they collect detailed data about your personal library and watching habits, it is certainly not out of the question that they could now sell that data as a part of their new privacy policy.
Unless you live in a country without a copyright agreement with the US, you are absolutely liable under this. I have no idea if you do or not, but I’d venture a guess that most people here do. Good for you if it doesn’t apply.
I don’t give a shit what software you use.
I have absolutely not been willfully misreading. You can’t argue that the guy saying he has a problem with Google’s sign-in specifically has a point and also say that the data mining happening within Plex is WAY more intrusive. If the point is whether giving Google this data is a problem it must be worse than using any of the other sign-in options. But it isn’t. Your data is as widely available one way or the other. It is reasonable to think Plex’s visibility over your server is too much, I accept that, particularly if your use case runs afoul of their EULA…
…but then you can’t tell me “I don’t trust Google”, unless your argument is you trust Plex more for some reason. Which you shouldn’t. It just doesn’t follow.
Oh, and they do sell your data for advertising. There’s an opt-in for it, though. Since we’re talking about legality, it’d be a punishable offense for them to sell your data without your consent, which is why that’s there, and they do need to tell you what data they collect if you request it.
And no, I am not liable under US law. There is a treaty that requires both parties to meet those requirements, but US law isn’t directly applicable over here. What is applicable is our own legislation made to comply with those trade agreements. Which includes exemptions for private copy.
As far as I and every piece of legal advice I’ve seen about this knows, anyway. If you have a source for how apparently US law is directly applicable to any country they have a trade agreement with feel free to point me to this insane new paradigm of international law, though.
Those are not mutually exclusive statements. In fact, mostly it just makes you an idiot for not having a problem with either.
It is worse than an auth method that isn’t maintained by a known data whore like google. It’s substantially worse when you’re using it with another data whore service. For those of us who administrate remote services and care about not being beholden to google’s data addiction, it is absolutely not a good thing to provide it as the default auth method, which is what the OP was saying. Even if jellyfin included it, I would immediately disable it. Especially since, as a server administrator, I have a vested interest in keeping the activity of that server private. Even if the specific details of the media on it aren’t exposed, I don’t want any party with conflicting interests to my own to know what users are associated with my server. Just having a dozen or so users connected through jellyfin to my IP would be enough for a motivated legal entity to look at me, and I have more than just a private media server to worry about. Is it likely to happen? Probably not. But why would I even risk it?
I don’t have a source for you, but typically using a US-based platform can give US authorities a jurisdictional hook, especially if the rights holders are US-based or can show commercial harm. That is why US based web services are extraordinarily strict with all of their users, even those who live outside the US. I’m not even saying it’s common, just that it could happen. I seem to remember operators of p2p services getting nabbed at customs while traveling back in the day - it wasn’t illegal where they were, but it sure as fuck was in the US and they were extremely interested in putting the kabash on it.
No question that plex is a more convenient service, but if you have the tech literacy to manage something that’s completely private that is only marginally more complicated, why the fuck wouldn’t you? Then again, maybe if you think you’re more tech literate than you are, it doesn’t seem all that simple.
Man, you keep thinking that taking digs about how it’s all a skill issue is either an argument or an insult, and I keep reminding you that even if there was a skill issue at play (and there wasn’t), being hard or annoying to use is the actual problem. If your UX allows for skill issues in making a straightforward setup run then it’s a UX issue.
Also, me using Plex to host copies of my own media legally is not the same as operating a P2P service. But if it’s any consolation I have no intention to set foot on that hellhole anyway, given that US authorities seem to not need copyright overreach to throw you in a room with no windows indefinitely these days. Good luck with that.
Oh, and yes, those are mutually exclusive. Or mutually inclusive, to be more accurate. If your concern is the govenrment overreach implications of having a portion of your data leaked, worrying about a smaller leak along the way of actively generating a larger leak is entirely pointless. Conversely, I’d argue that if you have a dozen users and are terrified that the cops are going to come and raid the… I’m gonna say meth lab you’re running on the side, we’re back to the conversation about how cool you are with that dozen users having their Jellyfin clients running on a bunch of Android devices, Smart TVs, Windows boxes or whatever else.
Again, I keep struggling with the irony of this weird position having entirely bought into the narrative that self-hosting media is inherently illegal or dangerous. I came into this argument from the UX angle, you guys are increasingly convincing me that a significant disincentive for self-hosting to become mainstream is that its entire community is convinced that they are doing something wrong, apparently. It’s not that I hadn’t noticed how central to the whole thing a bunch of P2P-specific paraphernalia happens to be, but I wasn’t ready for the gatekeeping to come with a side of edgy 90s we’re-so-bad hack-the-world stuff.