I think the issue is really an about the company that collects all the data, which provides them with an asset that can be bought and sold.
That same data, or at least much of it, might be publicly available, but the effort to obtain it in volumes adequate to make it an asset, would likely make the effort not worthwhile. If it runs counter to Zwift’s policies, then it’s also a risky investment to attempt it.
Meanwhile, that data is sitting in bulk on Zwift’s servers, or others if there’s another product involved, which could be used as an asset with virtually zero effort. So, the risk of that being abused is much, much higher. One example of motive was provided earlier in the thread when someone mentioned health insurance using the data to deny coverage, which is certainly within the realm of a rational concern.
Yes, I could see something like that possibly being a concern. It’s not data they couldn’t see anyway (or have someone report), but it could be made simpler by having a third party track and report.
I still don’t think it would necessarily be enough to associate the data with a specific individual, mind. Even with a fairly unique name like mine (I think I know everyone with my family name), that’s not proof an avatar riding under my name on Zwift is actually me.
Could be more of a problem for verified Zwifters. =)
I’m happy for Zwift to see and store my data. I’ve opted into that by signing up. I haven’t opted into sauce using, processing or storing my data and I want to know more about it.
As for the, “you can opt out by cancelling your subscription” comment… That is utterly ridiculous and deliberately misses the point.
There are multiple apps/websites that are scraping data from Zwift that you would probably deem as personal which I’m not sure we will ever get away from short of Zwift putting in a new feature to anonymise the data - maybe worth a feature request as suggested if you are concerned about such.
Im not sure following legal requirements for handling data correctly should be a feature request… Perhaps im old school, It should be something that software companies just do.
Not very becoming of a company full of IT professionals tbf.
Sauce’s source code is on Github for anyone to read. Without having gone through it myself, I would presume that it does not collect or store data for any longer than is necessary to display whatever it displays so probably we are talking about a few seconds’ (or maximally a whole session’s, don’t know since I’m not using Sauce myself) worth of rider data at a time stored locally on the user’s machine. Basically it is just reformatting data any user could see on their own screen if their fingers and eyes were fast enough…
Names are very rarely unique. I know several people called James Smith. I’d guess Tim White is quite common too.
IP addresses? Not generally specific to a person or property either. Most ISPs would be leasing IP addresses rather than customers having a static one. As it is, you’re “sharing” your IP address with every website you visit, whether you have any sort of data agreement with them or not. I don’t really see the concern there.