Forum


Notice to all users

We are migrating towards a new forum system located at community.teamspeak.com, as such this forum will become read-only on January 29, 2020

Results 1 to 8 of 8
  1. #1
    Join Date
    February 2013
    Posts
    12

    TS server and GDPR compliance

    Hello all,
    i'd like to know if there is any non-compliance risk for GDPR laws that will come alive shortly. From database you can query things like last IP of client who didn't connect for, say, 4 months so arguably you may not be authorized to have/store such info any more.
    Or is this up to us admins to regularly delete user entries from database?

    Thanks for replies.

  2. #2
    Join Date
    June 2011
    Location
    Germany
    Posts
    4,368
    I thought about that IP thingy as well and hope TeamSpeak will tell us something about that.
    I adjusted the SQL files so IP adresses are no longer stored, as I don't need them anyway.

  3. #3
    Join Date
    June 2008
    Posts
    18,513
    We are not sure yet how private persons are affected when ts server save user's IP as an example in the database.
    That's something we have to ask our data protection officer (DPO).

    That question was forwarded to our DPO.
    When sending me private messages: Please make sure to include reference link to your forum thread or post.

    TeamSpeak FAQ || What should i report, when i open a client thread?

  4. #4
    Join Date
    February 2013
    Posts
    12
    Quote Originally Posted by numma_cway View Post
    I thought about that IP thingy as well and hope TeamSpeak will tell us something about that.
    I adjusted the SQL files so IP adresses are no longer stored, as I don't need them anyway.
    Can you share this workaround (what did you change and where)?

    Thanks @dante696 . Looking forward for answer. We know that IP addresses are clearly considered as personal data per GDPR. So only if some recommendation is given here to server admins, it would be great.

    EDIT : Now that i think of it. Users can see other peoples IP as well. Can this be disabled by some permission (altho this may not be enough)? This is for sure GDPR problem as well.
    I did remove b_client_remoteaddress_view everywhere (except 1 group which is super admin). But even that may not be enough (because then problem is if i am member of that group i can still see them which ofc for admin purposes fine, i don't look there anyway because why would i, but that will be hardly valid argument).
    Last edited by KouDy; May 23rd, 2018 at 10:23 AM.

  5. #5
    Join Date
    June 2011
    Location
    Germany
    Posts
    4,368
    Here's the patch (belongs into sql, no restart necessary):
    http://yat.qa/files/client_update_stats.sql
    No IP adresses will be stored in the database anymore.
    There is no supported way of wiping IPs that has already been stored, though. If it was, the command would be:
    UPDATE clients SET client_lastip = "" WHERE 1;

  6. #6
    Join Date
    August 2013
    Location
    Germany
    Posts
    541
    Any gameserver lets admins see the IPs of connected users and some also store them for an indefinite amount of time. Do you think all gameservers will be shutdown because of this?

  7. #7
    Join Date
    February 2013
    Posts
    12
    Quote Originally Posted by numma_cway View Post
    Here's the patch (belongs into sql, no restart necessary):
    http://yat.qa/files/client_update_stats.sql
    No IP adresses will be stored in the database anymore.
    There is no supported way of wiping IPs that has already been stored, though. If it was, the command would be:
    UPDATE clients SET client_lastip = "" WHERE 1;
    Thanks for the fix.
    Dropping already existing IPs is going to be a bit of hassle. There is manual way (just delete user and when he connects again then you set his groups) but for obvious reasons something more systematic would be better.


    Quote Originally Posted by Bluscream View Post
    Any gameserver lets admins see the IPs of connected users and some also store them for an indefinite amount of time. Do you think all gameservers will be shutdown because of this?
    Maybe they will not. I would say it's up to the admins choice whether they want to be GDPR compliant and not. Maybe TS support will give us answer that none of this is problem. We will see.

  8. #8
    Join Date
    September 2012
    Posts
    6,079
    Any and all data gathered through the usage of the TeamSpeak Server software (including, but not limited to, log files, IP addresses etc.), the storage and usage of said data is your responsibility, respectively those of the admins of the server, as these have the sole access to that data.
    Privately run servers, may not be suspect to GDPR laws (see Article 2, Section 2 c GDPR). This exemption is void if any commercial activity is conducted, regardless of whether money is involved. This includes advertisements, exchange of data for services, etc. The exemption is also not applicable if you make any private data accessible to the public. Public collections of data are always suspect to GDPR law.

    This answer does not constitute legal advice and does not replace it. If you have any further questions, a lawyer or data protection officer should be consulted.
    When sending PMs please make sure to include a reference link to the thread in question in the body of your message.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •