Release IP and Email

[Hentai]

This is a very apparent thing now, more and more scammers.

To combat this, firstly upgrade the antiVPN system as its easily bypassed by free software.
AND leak the email and IP of the banned users.

Why show mercy to scammers that have banned and will be banned?
If your not planning on scamming this should not be any worry to you at all.

But I can see how someone who could falsely be banned would be mad, so maybe give it a few days for any extra evidence to show up just in case.

 

[Ivain]

Weird. I'm always browsing with my OVH or DigitalOcean VPN.

As I've said before, I think only a few commonly used VPN's are actually blocked, and for some weird reason yours arent among them

 

[Xev]

This is absolutely stupid. This is incredibly illegal. Violates the Data Protection Act by far.

.. As stated many, many times in this thread it is NOT illegal, It might be civilly wrong but it is NOT illegal. If MCM updated their ToS with this they could do it and it'd be perfectly within their rights.

 

[Ivain]

.. As stated many, many times in this thread it is NOT illegal, It might be civilly wrong but it is NOT illegal. If MCM updated their ToS with this they could do it and it'd be perfectly within their rights.

European Data Protection law states that anyone collecting personal data is RESPONSIBLE FOR PROTECTING IT FROM MISUSE!
I know this sit is hosted in the US, but the EU laws still apply to some degree to data from EU citizens stored somewhere else.
Protecting it from misuse means they can't just give it out for anyone to do what they want with.
an Ip is technically public data as far as I know, but an email is definitely not.
If you could show me the part of US or EU law that says it's OK to hand out the data of people on your site to the general public because they violated your ToS, that'd be absolutely great.[DOUBLEPOST=1491821426][/DOUBLEPOST]

But what's the point? No need to breach someone's privacy when you could just ban them.

Apparently, people have it in their heads that they can use a scammer's email and IP to blacklist them. Any self-respecting scammer will switch IP and email regularly, so it's not really useful.
If they didn't, we wouldn't have so many ban evaders.

 

[Xev]

European Data Protection law states that anyone collecting personal data is RESPONSIBLE FOR PROTECTING IT FROM MISUSE!
I know this sit is hosted in the US, but the EU laws still apply to some degree to data from EU citizens stored somewhere else.
Protecting it from misuse means they can't just give it out for anyone to do what they want with.
an Ip is technically public data as far as I know, but an email is definitely not.
If you could show me the part of US or EU law that says it's OK to hand out the data of people on your site to the general public because they violated your ToS, that'd be absolutely great.

Look at other site's, LF for example. They do it upon banning a player. Their IP, email and (i believe location) is released for the public.

But what's the point? No need to breach someone's privacy when you could just ban them.

I think having the fear of your IP out there would reduce scams. Not by much but a bit.

 

[Xev]

But wouldn't scammers just switch their IP and Email every so often?

That is true but hey, I personally think this suggestion could go either way, It's not overly needed (however more punishment should be inflicted on scammers). And I think that this would also end up as just a way to get targeted.

 

[Macrolect]

To be fair, might sound like a douche but +1. Scammers deserve it and IP adresses are public information and not illegal to give out in the U.S. Doubt it'll be added, but it might make some scammers think twice.. Then again 99% of VyprVPN IPs bypass this, and I'm sure scammers aren't that stupid.

 

[Ivain]

To be fair, might sound like a douche but +1. Scammers deserve it and IP adresses are public information and not illegal to give out in the U.S. Doubt it'll be added, but it might make some scammers think twice.. Then again 99% of VyprVPN IPs bypass this, and I'm sure scammers aren't that stupid.

Ips are technically fine, as far as I know, so those can be handed out if it does any good, which it wont.
But email classifies as personal data, which means that MCM as an organisation that collects these data (to provide accounts) is required to protect them from misuse.
Individuals that deal with a person through, say, skype or that interact with the email (paypal_may be another case (im not a lawyer, I cannot look into that exactly), but McM as an organization cannot legally hand out emailss.

 

[Ivain]

Do any of you live in Germany, by chance? That would explain your concern for the legality of such a policy.

Unless something's been updated regarding this since I ran a medium-sized hacking forum in 2014, (very unlikely) German privacy law is the only national law which prohibits publication of IP(v4) addresses without express consent. Anywhere else, it's legally classifiable as public information (or similar, some countries are weird, but still everything here applies to those), and publication of such information is perfectly legal. In the event that a site's privacy policy claims that information as privileged which is not shared with third parties, this is not the case.

After reading the short-yet-sweet privacy policy on MCM, only "personal information" is protected. IP addresses do not legally qualify as this in any country other than Germany (again, assuming this has remained the case since 2014). While "personal information" could include e-mail addresses, publishing scammers' e-mails could also qualify as "operating and providing the Service" as quoted from the policy itself. If this policy was put into effect, it may be wise for the administrator to include an additional blurb about how that personal information can be used in the event of fraud on the user's part, but in my opinion it's very likely fine the way it is.

Engaging in fraud on the site is a breach of the terms, so the terms are no longer applied. This may vary by country, but the only country that matters is the country it's operated from, which I can assume is U.S. or Canada, both of which countries' laws regarding this are as aforementioned.

Sources:

- Lots of run-ins with cyber laws over the past 8 years. I spent days researching this issue before putting a similar policy into effect on my own forum in 2014.

- Called an attorney I know who's familiarized himself quite a bit with relevant US laws. All information I've gathered from the call is in agreement with the above statements.

You must have missed the later posts where I adjusted my statement that Ips are fine since they're public data.

 

[Yeti]

i think money is good

 

[Dannyj]

Do any of you live in Germany, by chance? That would explain your concern for the legality of such a policy.

Unless something's been updated regarding this since I ran a medium-sized hacking forum in 2014, (very unlikely) German privacy law is the only national law which prohibits publication of IP(v4) addresses without express consent. Anywhere else, it's legally classifiable as public information (or similar, some countries are weird, but still everything here applies to those), and publication of such information is perfectly legal. In the event that a site's privacy policy claims that information as privileged which is not shared with third parties, this is not the case.

After reading the short-yet-sweet privacy policy on MCM, only "personal information" is protected. IP addresses do not legally qualify as this in any country other than Germany (again, assuming this has remained the case since 2014). While "personal information" could include e-mail addresses, publishing scammers' e-mails could also qualify as "operating and providing the Service" as quoted from the policy itself. If this policy was put into effect, it may be wise for the administrator to include an additional blurb about how that personal information can be used in the event of fraud on the user's part, but in my opinion it's very likely fine the way it is.

Engaging in fraud on the site is a breach of the terms, so the terms are no longer applied. This may vary by country, but the only country that matters is the country it's operated from, which I can assume is U.S. or Canada, both of which countries' laws regarding this are as aforementioned.

Sources:

- Lots of run-ins with cyber laws over the past 8 years. I spent days researching this issue before putting a similar policy into effect on my own forum in 2014.

- Called an attorney I know who's familiarized himself quite a bit with relevant US laws. All information I've gathered from the call is in agreement with the above statements.

It's changed(in EU): http://prnt.sc/eveizw

 

[Mick]

This suggestion has been made at least 5 times in the past two or three months.

We have a privacy policy and aren't going to give out any personal details to users unless we are required to by law.

Denied.