Privacy

From Second Life Wiki
Jump to navigation Jump to search

The purpose of this article is to document privacy related issues in a simple (e. g. non legal) language and describe ways to protect yourself.



This article is a draft. Please help to expand and correct it.



Linden Lab

Identification of accounts used by the same person

In addition to the information you provide on account creation, the second life client transmits a unique identifier of your hardware (hash of mac address) on every login. This information is used by Linden Lab to link different accounts used by the same person together. It is a huge issue that accounts used for playing sexual games and accounts used for business with 1st life information are linked together this way.

Selling

Linden Lab's privacy statement contains a sentence allowing Linden Lab to sell personal information to other companies in case Linden Lab runs short on money.

Linden Lab Partners

Google

Google is one of the largest companies creating profiles of user with the objection to sell advertisement. In addition to the data forwarded by the Second Life website and related services like this wiki, Google gathers data which may be used to identify users by GMail, Google Docs and related services.

More information on Google Analytics.

Third Parties

From within Second Life

Unencrypted data transfer between client and server

With the exception of the login and money transfers, most dataflow between client and server is unencryped and unsigned.

Visiting Websites from within Second Life

If an objects asks you to visit a website and you follow it, the webserver will see your ip-address. The object which asked you to open the website can record your avatar name. If this is low traffic area the avatar name and the ip-address can be linked together. In high traffic areas or to increase reliability the object can craft unique web adresses.

Audio and Video streams

Audio and video streams are not proxied through the second life infrastructure but are accessed directly by the client. Therefore the ip-address is reveled to the streaming server. In world objects can manipulate the streaming url in order to link your ip-address and your avatar name. Scripts can set the streaming url on a per avatar basis. The only work around at the moment is to disable streaming of both audio and video in the preferences. Note: Disabling "Play automatically" is not sufficient because LSL scripts can start playing anyway.

From the Second Life website

Unencrypted data transfer even if https is used

Even if you access the second life website and related services (like this wiki) using https, most cookies are flag as encryption not needed.

Retrieved from "https://wiki.secondlife.com/w/index.php?title=Privacy&oldid=415212"