Linden Lab highlights GDPR – coming into force on May 25th 2018

On May 25th, 2018 the European Union’s General Data Protection Regulation (GDPR) comes into force. While an EU regulation, the GDPR not only applies to organisations located within the EU but it will also apply to organisations located outside of the EU if they offer goods or services to, or monitor the behaviour of, EU data subjects.

The GDPR applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location. As such, it not  only Linden Lab, who hold data on Second Life and Sansar users in the European Union, it can also impact those operating a business through Second Life and who collect data on customers which is stored outside of the servers operated by Linden Lab.

In preparation for the enforcement of the GDPR, on May 9th, 2018, Linden Lab issued a preliminary blog post on their compliance with the GDPR, which covers both Second Life or Sansar.

GDPR, in a nutshell.

Put simply, the GDPR puts in place new requirements for the collection, maintenance, and use of personal data for residents of the European Union (EU) and European Economic Area (EEA). It’s an important evolution in privacy practices, and one we’ve already started to account for: if you notice, our existing Privacy Policy already discloses the type of personal data we collect from you, how we use and limit any sharing of your data, and your rights to control our use of your personal data.

What you can expect.

In coming weeks, we’ll provide more information on how EU residents in Second Life can best exercise their rights under GDPR. In some cases, you may take actions through your account dashboard (to modify your personal data, for instance). In others, it may be necessary to file a support ticket and verify your identity (to better protect your privacy).

– Linden Lab May 9th blog post on the upcoming GDPR

The GDPR defines personal data as, “any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person.” This includes, but is not limited to: IP addresses, on-line identifiers (including avatar names), e-mail addresses, photographs, as well as the more usual name, address, bank details, medical data, etc.

In addition to defining requirements for how such data should be managed and protected by organisations gathering it, the GDPR also specifies a number of rights to Data Subjects who have their personal information stored by companies and other entities. These include, but are not limited to:

  • The right to be informed: Data Subjects have the right to know what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties.
  • The right to access: generally speaking, organisations are required, within one month of receipt of a formal request, to provide a copy of any personal data concerning the requesting Data Subject.
  • The right to rectification: a Data Subject can formally request that inaccurate or incomplete information relating to them is updated, and the update must be made within one month (exceptions can apply).
  • The right to be forgotten: a Data Subject can request the erasure of all personal data relating to them in certain circumstances (e.g. it is no longer necessary to hold it; if the data was unlawfully processed or it no longer meets the lawful ground for which it was collected). However, there are certain exceptions to this.

(In addition, the GDPR defines: The right to object (to data being gathered); The right to restrict processing; The right to data portability; and Rights related to automated decision making including profiling.)

For those running businesses through Second Life or Sansar which use services  – web sites, computers, etc.,  – outside of Second Life for the collection and storage of personal information on their EU Second Life  / Sansar customers, the GDPR might have significant import – and exposure to the risk of fines. For such businesses, the Lab’s advice is clear and straightforward:

If you collect or process personal data of EU residents on a website associated with Second Life or Sansar, or create or make use of programs that retain information about Second Life or Sansar users or their computers, you may also have obligations under the GDPR. You should consult with your legal counsel for advice regarding your site(s) or program(s).

– Linden Lab May 9th blog post on the upcoming GDPR

To help people get to grips with GDPR, if they haven’t been aware of its arrival, the Lab offer a series of links to articles and FAQs. To these I would add:

The following is a brief video outlining the GDPR in under a minute.

QuickTime for Windows: “uninstall today”

Apple has deprecated QuickTime for Windows, but critical vulnerabilities remain unpatched
Apple has deprecated QuickTime for Windows, but critical vulnerabilities remain unpatched

On April 14th news broke via Trend Micro security that Apple is deprecating support for QuickTime for Windows, despite the fact there are two critical vulnerabilities affecting the package, both of which were identified by Trend Micro under their Zero Day Initiative (ZDI), which will not be patched by Apple despite the fact information on both vulnerabilities, as specified in Trend Micro advisories ZDI-16-241 and  ZDI-16-242 being passed to Apple in November 2015.

As a result of these vulnerabilities, which could leave Windows systems vulnerable to hijacking – although Trend Micro stress that there is no evidence so far of either being actively exploited – is to uninstall QuickTime for Windows (QuickTime for OSX is not affected).

The advice on uninstalling has most notably come from Trend Mirco, with the call being repeated across other on-line tech media, such as eWeek and The Register.  Apple apparently opted to take the route of deprecating in March 2016 – but hasn’t really gone out of its way to really tell QuickTime for Windows users it is doing so, as ExtremeTech points out: the QuickTime for Windows landing page doesn’t reflect the status of the software, but simply references the “more secure” January update, while the Apple software update tool still pushed QuickTime at Windows users.

QuickTimeis still widely used in Second Life for the shared viewing of streamed media, notably in cinemas across the grid
QuickTime is still widely used in Second Life for the shared viewing of streamed media, notably in cinemas across the grid (credit: Crap Mariner)

Obviously, the advisory is something all Windows users should heed. With or without the current ZDI vulnerabilities, the application has reached the end of its supported life. However, as Crap Mariner has been pointing out, there are still media systems which utilise QuickTime for streaming into Second Life, many within public cinemas across the grid. While it might be argued has to how widely such facilities are used, the Trend Micro advisory does heighten the need for in-world systems reliant on QuickTime to be updated  / replaced.

Amazon Lumberyard

Image source: Amazon
Image source: Amazon

Lumberyard is the name of Amazon’s new game engine, released on Tuesday, February 9th. Based on Crytek’s CryEngine, which Amazon licensed in 2015, Lumberyard will apparently be developed in its own direction, independently of CryEngine and is being provided as a free-to-download tool (with optional asset packs) which can be used to develop games for PCs and consoles on a “no seat fees, subscription fees, or requirements to share revenue” basis.

Instead, Amazon will monetise Lumberyard through the use of AWS cloud computing. If you use the game engine for your own game and opt to run it on your own server, then that’s it: no fees. But if you want to distribute through a third-party provider, you can only use Amazon’s services, via either GameLift, a managed service for deploying, operating, and scaling server-based on-line games using AWS at a cost of $1.50 per 1,000 daily active users.Or, if you prefer you can use AWS directly, at normal AWS service rates.

Lumberyard (image: Amazon)
Lumberyard includes a customisable drag-and-drop UI (image: Amazon)

As well as AWS integration and the development of new low-latency networking code to support it, and native C++ access to its service, Lumberyard has deep, built-in support for Twitch (purchased by Amazon in 2014 for $970 million), including “Twitch play”-style chat commands and a function called JoinIn, which allows viewers to leap directly into on-line games alongside Twitch broadcasters as they stream. The aim here, according to Mike Frazzini, vice president of Amazon Games, when talking to Gamasutra, is “creating experiences that embrace the notion of a player, broadcaster, and viewer all joining together.”

Described as a triple-A games development engine, Lumberyard has already seen many of the CryEngine systems upgraded or replaced, including the implementation of an entirely new asset pipeline and processor and low-latency networking code – hence why Lumberyard will diverge from CryEngine’s core development.  And Amazon is promising more to come, including a new component system and particle editor and  CloudCanvas, which will allow developers to set up server-based in-game events in AWS using visual scripting.

"Alien Abode" a game scene rendered in Lumberjack (:image: Amazon)
“Alien Abode” a game scene rendered in Lumberyard (:image: Amazon)

All of which adds-up to a very powerful games development environment – although Amazon are clear that right now, it is only in beta. This means that things are liable to undergo tweaking, etc., and that some capabilities – such as Oculus Rift support – haven’t been enabled for the current version of the engine.However, VR support is there, with Amazon noting:

We have been actively working on VR within Lumberyard for some time now, and it looks great. We are currently upgrading our Oculus VR support to Rift SDK 1.0, which was released by Oculus in late December. We wanted to finish upgrading to Rift SDK 1.0 before releasing the first public version of VR support within Lumberyard, which will be included in a future release soon.

Further, Amazon has already signed official tools deals with Microsoft and Sony, which means game developers licensed to develop games for the Xbox One and PlayStation 4 can immediately start using Lumberyard to develop games for those platforms.

There are – for some – a few initial downsides to Lumberyard where independent game developers are concerned. At launch, the engine only supports models created in Maya and 3D Max, although this may change – Blender support is promised for the future, for example.  There is also no support for Mac or Linux, although Amazon have indicated that these will be come, along with iOS and Android support.

Use of the engine includes the right to redistribute it and pieces of the development environment within games, and allows game developers to any companion products developed for a game using Lumberyard with allow end users to modify and create derivative works of that game.

The CryEngine SDK is one of the Asset Packs available for download for use with Lumberyard (image: Amazon)
The CryEngine SDK is one of the Asset Packs available for download for use with Lumberyard (image: Amazon)

As noted above, the company has already started supplying asset packs developers can include in their games, Three packs are available at launch, including the CryEngine GameSDK,  which contains everything required for a first-person shooter game, including complex animated characters, vehicles and game AI, and which includes a sample level.

Amazon clearly have major plans for Lumberyard, and some in the gaming media are already wondering what it might do to the current development environment, which is largely dominated by the likes of  Unity, Unreal Engine, or even CryEngine itself, but which all require either a license fee or a royalty fee.

Is Lumberyard competition for the Lab’s Project Sansar? The engine certainly has the ability to create immersive environments, and Lumberyard will support VR HMDs as it moves forward, as noted.

However, everything about Lumberyard points to it being pitched as a professional games development environment with a dedicated distribution service through Amazon’s cloud services available for use with it. Hence, again, why Twitch is deeply integrated into Lumberyard – Amazon appear to be a lot more interested in building an entire gaming ecosystem. Amazon’s marketing is also geared towards gaming, as their promotional video (below) shows.

Which is not to say that it couldn’t be attractive to markets outside of gaming. As such, it will be interesting to see over time just who does take an interest in it – and how Amazon might support them.

With thanks to John for the pointer to Amazon.


Microsoft acquires Havok, the Second Life physics engine

Haovk: acquired by Microsoft
Haovk: acquired by Microsoft

News has been spreading about Microsoft’s acquisition of the Havok physics engine from Intel for an undisclosed sum.

Ciaran Laval was perhaps the first SL blogger to report the news, which has been featured on the likes of the IGN website, Engadget, Venture Beat’s Gamesbeat, and other on-line tech news outlets.

For those unfamiliar with Havok, it is it the physics engine that drives a vast number of computer and console games. It allows these games to simulate effects such as gravity, friction, collisions between objects and other natural forces, without the need for them to be individually coded and accounted for on a per-game basis.

Within Second Life, Havok is used for the purposes of physics simulation, and Havok sub-libraries licensed by the Lab are also used in such aspects of the platform as pathfinding (remember that?) and the official mesh uploader.

As well as being used for in-world physics, Havok libraires are also used within the official viewer (and TPVs which have signed a sub-licence agreement) to handle aspects of pathfinding and mesh uploads (shown here)
As well as being used for in-world physics, Havok libraries are also used within the official viewer (and TPVs which have signed a sub-licence agreement) to handle aspects of pathfinding and mesh uploads (shown here)

Microsoft has been a Havok partner for a number of years, and as a part of the acquisition has promised to allow developers elsewhere to continue to use it, stating:

Havok is an amazing technology supplier in the games industry and the leading real-time physics creator. We saw an opportunity to acquire Havok to deliver great experiences for our fans. Throughout the company’s history, they’ve partnered with Activision, EA, Ubisoft, Nintendo, Sony, Microsoft and many others to create more than 600 games including Halo, Assassin’s Creed, Call of Duty, Destiny, Dark Souls and The Elder Scrolls.

Microsoft’s acquisition of Havok continues our tradition of empowering developers by providing them with the tools to unleash their creativity to the world.   We will continue to innovate for the benefit of development partners.

But, if a long-term partner with Havok, why take the step of purchasing it outright? Jeff Grubb, over at Gamesbeat takes a lead from a part of Microsoft’s announcement of the acquisition, to suggest the company are looking a the potential for cloud-based physics capabilities within multi-player games, as recently demonstrated in the upcoming Crackdown 3 sandbox-style third-person shooter title:

For that open-world crime game’s multiplayer mode, Microsoft is enabling players to go in and destroy skyscrapers and everything else in the world. That mode is only possible through the power of Azure, which means Crackdown 3 developers Sumo Digital and Cloudgine are building a cloud-based destruction engine that probably runs on Havok. Once that’s built, and now that Microsoft owns Havok, it could potentially license that destruction engine out to other developers.

In August, IGN had a demonstration of these capabilities within Crackdown 3, and the results are impressive:

It’s unlikely the Microsoft’s acquisition of Havok will have any immediate or medium-term inpact on Second Life. As it is, the platform currently uses the Havok  2011.2, and so far as has been indicated at various in-world meetings, there are no public plans to update the engine at the moment. Longer-term, it will be interesting to see if / how any new / additional capabilities brought to the engine might come to be deployed in Second Life and / or “Project Sansar” (assuming Havok might be the physics engine used with that platform, something that the Lab has not as yet revealed).

Got a question about the VR metaverse? Put it to the experts!


The first Silicon Valley VR (SVVR) Conference and Expo will take place on Monday 19th May and Tuesday 20th May 2014, at the Computer History Museum, Mountain View, California.

The conference will bring together a host of experts in the VR and in virtual environments, including the likes of Palmer Luckey (Oculus VR), Philip Rosedale, Ebbe Altberg, David Holtz (Leap Motion), Ben Lang (Road to VR), Jan Goetgeluk (Virtuix) and many more – see the list of speakers and panelists on the conference website – as well as including exhibits and demos from some of the top names in the field.

Both the Drax Files Radio Hour and New World Notes have secured discounts of $100 per person on the two-day registration for those who are able to attend. Simply enter either code “drax2014″ or “nwn2014” when registering to claim your discount.

But even if you can’t attend, you can still be involved. Here’s how.

As a part of the conference events, Draxtor Despres of The Drax Files fame will be moderating a special panel, Creating the VR Metaverse. featuring Ebbe Altberg (Linden Lab), Philip Rosedale (High Fidelity), Stefano Corazza (Mixamo), Tony Parisi (Vizi).

Creating the VR metaverse
(l to r): Ebbe Altberg, Philip Rosedale, Stefano Corazza and Tony Parisi. Ready to answer questions on “Creating the VR Metaverse”.

Together, they’ll be considering topics such as:

  • One global metaverse or many?
  • Identity and privacy
  • Virtual World Governance: democracies, the greek god model, or benevolent dictators
  • Intellectual property and legal jurisdictions
  • Avatar portability and standards

If you have a question you’d like to put to this panel during the course of the proceedings, then please leave it in the comments following this article, and it may be selected by Drax to be asked during the course of the discussion.

Perhaps your question relates to one of the topics listed above, or perhaps you’re wondering if the idea of a just a “VR metaverse” is too narrow, and any future metaverse should also embrace augmented reality (AR) as well; or perhaps you’re wondering why and how any new metaverse might enjoy wider adoption in the world at large than we’ve seen with the likes of SL and OpenSim; or perhaps … Well, you get the idea.

Panel moderator: Draxtor Drepres
Panel moderator: Draxtor Despres

You can address your question to an individual member of the panel or to all of them or any combination in between. All that’s required is that your question is pertinent to the panel’s theme, creating the VR  metaverse, is polite, and is suitable for the forum in which it is to be asked.

Obviously, and depending upon the number received, not every question submitted will necessarily be asked (as questions will also be taken from the live audience) – but if your question is liable to get the panel thinking or generate some interesting / thought-provoking replies, then it may well get selected. Just make sure you have provided it in the comments below no later than 20:00 on Monday May 19th.

Related Links


Facebook acquire Oculus VR

Oculus VR: Facebook's latest acquisition
Oculus VR: Facebook’s latest acquisition

MENLO PARK, CALIF. – March 25, 2014 – Facebook today announced that it has reached a definitive agreement to acquire Oculus VR, Inc., the leader in immersive virtual reality technology, for a total of approximately $2 billion. This includes $400 million in cash and 23.1 million shares of Facebook common stock (valued at $1.6 billion based on the average closing price of the 20 trading days preceding March 21, 2014 of $69.35 per share).  The agreement also provides for an additional $300 million earn-out in cash and stock based on the achievement of certain milestones.

So opens a press release issued by Facebook on Tuesday March 25th, 2014.

This is a pretty stunning announcement, and shows that, as Mark Zuckerberg states in the release, “Mobile is the platform of today, and now we’re also getting ready for the platforms of tomorrow. Oculus has the chance to create the most social platform ever, and change the way we work, play and communicate.”

The news has sent shock waves rumbling across the social media sphere, with many reacting positively to the news, and other reacting negatively. Following the announcement, Cory Ondrejka at Facebook was unsurprisingly excited by the news.


While Markus Persson of Minecraft fame responded to the news with as less favourable response, which was quickly picked-up by the games media.


Others also didn’t appear to be initially impressed by the news, either, including those who funded the original kickerstarter. Meanwhile, Techcrunch reported a slide on Facebook’s share price which, while closing on the day overall, saw Facebook’s share value below its open price of $64.25, resulting in a loss of $1.5 – $1.8 billion market cap. However, as Techcrunch also notes, this isn’t the first time Facebook’s shares had dropped following the announcement  of an acquisition.

Theories as to why Facebook have made the move abound, with some pointing to the company tripping-up on the explosion of the mobile market and so are perhaps afraid they might miss-out on the growth of VR if it takes off suddenly. Others are suggesting Facebook is keen to jump on the possible marriage of the Oculus with mobile technology.

I’ve been somewhat skeptical that VR will explode in quite the immediate way many have been predicting – which is not to say I don’t think it will be big; I just think it’ll take longer to get there on all fronts (i.e. beyond gaming) than some pundits are perhaps allowing. It seems I’m not alone in thinking this. Speaking to The Verge, Oculus investor Chris Dixon believes Facebook are playing the long game – rather like Google did with their acquisition of Android in 2005.

It appears Zuckerberg agrees with him. Commenting in a teleconference held on the afternoon on March 25th to discuss the acquisition, Zuckerberg said, “There are not that many companies building technologies that could be the next computing platform, and Oculus is the clear leader.”

In this regard, Zuckerberg went on to say:

But this is just the start. After games, we’re going to make Oculus a platform for many other experiences. Imagine enjoying a court side seat at a game, studying in a classroom of students and teachers all over the world or consulting with a doctor face-to-face — just by putting on goggles in your home.

This is really a new communication platform. By feeling truly present, you can share unbounded spaces and experiences with the people in your life. Imagine sharing not just moments with your friends online, but entire experiences and adventures.

Oculus founder Palmer Luckey has a lot to smile about (image via Popular Mechanics)

Concerns have already been raised over the future of Oculus Rift as an open platform, something Oculus VR founder Palmer Luckey attempted to allay in a statement on the company’s Reddit page:

Facebook is run in an open way that’s aligned with Oculus’ culture. Over the last decade, Mark and Facebook have been champions of open software and hardware, pushing the envelope of innovation for the entire tech industry. As Facebook has grown, they’ve continued to invest in efforts like with the Open Compute Project, their initiative that aims to drive innovation and reduce the cost of computing infrastructure across the industry. This is a team that’s used to making bold bets on the future.

Whether such comments will quell concerns and upset, remains to be seen, although i’m not putting money on it doing so. Facebook undoubtedly have the financial and technical clout to boost Oculus Rift and VR into more mainstream consciousness. Whether this will come tied to a Facebook log-in requirements, again as some are already predicting, remains to be seen.

It’ll also be interesting to see how Facebook, after dabbing with virtual world environments through Cloud Party, consider virtual worlds, and the direction in which they might move. Could it be the “Facebookisation” of SL (or rather, perhaps, Linden Lab) may yet come to have a significantly new meaning? Or, less tongue-in-cheek, what about Philip Rosedale’s High Fidelity coming under the FB eye? Now there’s something to chew on (ETA: and in this regard, Palmer Luckey’s sign-off to his blog post announcing the acquisition is interesting: We’ll see you in the Metaverse!)

P.S. Techcrunch may score the biggest hit in this latter regard with their latest headline on the subject: Facebook Buys A Virtual World – that’s bound to get people rushing to their doors!

With thanks to Luke Plunkett at Kotaku.