Discord got Fined $800,000!

Apple will just become solely wireless charging so they don’t use USB-C.

@@JackFoxtrotEDM makes me think of a 5 year old lmao if they do

They said they'd comply not use USB-C.

If they force USB C its for pollution. Having multiple charger is causing more polution. Also Apple are scamming with those bad charger

@@Bready- well, they are a 5 year old in a lot of aspects

I'm a bit weirded out by this, Discord implemented an automated data dumping too for your own account years ago when GDPR passed.
It's in options > confidentiality > Ask for your data, and it's been that way for years. The issue here is that the package was slightly incomplete, it lacked a few timestamps... The confidentiality policy is also right here, and article 6 clearly states a 2 year data retention limit after account deletion (which you can do in the app). Some of it is new, the vast majority isn't.
Discord got fined on technicalities here.

You were already able to request your data, but I’m not sure about the deletion part

I thought Article 13 was also a thing related to copyright, but that might be in another thing.

discord lets you request your data, idk if they let you ask for deletion tho

I uh... I don't think that's what article 13 is.

I’m not either, I’ve never really trusted Discord with security

In terms of the application not quitting after pressing the x button, many other applications do this too, such as Spotify

Same

@@AmSleepyJay spotify has an option to turn it on or not dumbo

@@AmSleepyJay don't forget steam

@@Used exactly

@@Used shut up

@@Used bro why the uwu?

@@Used truly

@@Used fr

Exactly. There's one in one of my servers and everyone liked them. I don't wanna see the account deleted

oh well you have to move on

Sadly they have no obligation to hold up account that are inactive. As long as it's here you can look at their messages, take screenshots and keep it. It's not the same but it's not the end

@@Chronor Sure. Let me burn all the letters from my loved one, their clothing, and any pictures/videos I might have had. It's not like people want to be able to remember someone /s

@@billcipher8645 What the video is saying is that they have an obligation not to keep them now, not just no obligation to keep them.

And to add to this, messages and media posted by a user aren't deleted when the user deletes their account.

a lot of big servers already got bots which keep logs of everything
including every deleted and edited message there
with the id of the user in a channel only the mods can see
(I was just stating this as something that exists I would also prefer if deleting stuff on servers you aren't in was an option)
"people being able to share uploaded user media across server without the original poster being aware of it or able limit the publicity."
by this you mean the .cdn links well people can easily download the media and upload it again without using those links
but having those links helps discord by not keeping redundant data stored I suppose if someone is gonna download a media and upload it to another server leads to more data being stored on discord servers so other to save on data it would be beneficial for discord to have those users send those links instead.
also one more thing I noticed is if you delete a media and someone's got a link of it. the link stays active for like a week after the the media got deleted

@@James-un8io with the "media links work a week after deleted", turns out if you delete it quickly its immediately destroyed.

Kind of confused by what you mean by "people being able to share uploaded user media across server without the original poster being aware of it or able limit the publicity". So I post this meme on a server, several people find it funny and decide to download and repost it in other servers. Is Discord meant to track *everyone* who downloads the file and notify you when it gets uploaded to some random server, group chat or DM? Is Discord meant to pull all of these files down if the 'original uploader' wishes to 'limit publicity'? I'm fairly certain that most privacy-focussed social media aren't even able to do this.
Though I agree that there should be an option presented to users to delete all their messages when deactivating their account.

@@Hati_0x this TBH, most important comment right here.
"Most of these are just minor privacy issues IMO. The biggest two problems I know of when it comes to privacy on Discord are users being unable to delete messages from a server they're not in anymore, and people being able to share uploaded user media across server without the original poster being aware of it or able limit the publicity."
love this comment, with more privacy protections , discord could feel like you are conversating in real life, without character assasination , blackmailing and etc stuff being as a possibility or atleast limiting it to a very low degree

@@shinycompi We dont care its funny seeing companies like discord lose money, also they probably they make that much a week

@@shinycompi it is most definitely their pocket money.

@@shinycompi Well it's not their 2022 valuation

@@3kz why?

@@shinycompi I think you added a few zeros in your calculation, it's 800k, not 800 million

Tencent owns the world

Then please educate us all and tell us all the other sources of income discord has

What other sources does it get revenue from?

@@Mai.Calico I think their youtube channel could be one?

@@Mai.Calico Google does it with advertising and data selling, discord does it with nitro and data selling

but what about the privacy package?

discord does have an option if you want to review but you can't correct, or delete that information

its also stupid that they dont let you delete that data EVEN THO DELETED MESSAGES ARE STILL saved within the servers.

@@nolongergabe ?

@@erikkonstas discord keeps the deleted messages stored in the servers and not visible in the client, if that deleted message had personal info, people at the discord hq can still see it! thats how betterdiscord plugins allow you to see deleted messages! - the more you know.

Not karma

@Jashonn How is it not karma? They decided to not secure their platform correctly and karma got their ass with a 800k fine easy

@@viirless they could be bad at math

@@viirless $830k is nothing for a company as large as Discord... It's a slap on the wrist, if that. They will most certainly continue with disregarding user privacy.

@@Pengasaurus2 830k for Discord is not that much, but its the same as getting 90€ of fine for you, you're not gonna die from it, but it's gonna piss you off, so you're gonna avoid to make the same mistake again, because you know the next time you're not gonna take 90€ but 170€, wich is nearly twice as much
It's basically the same for Discord, 830k will piss them off, but they don't want to take a 2nd fine, and really don't want the second to be doubled

With all of these huge companies doing layoffs as much as they have been because of the economical issues this year. I wouldn't be surprised if Discord starts hemorrhaging millions like a slow poison. And if it does happen... Good riddance and farewell Felicia to their spyware.

Okay but what about the other shit Discord does?

@@ElIisL4D2 that stuff is just regular shit thats fine to be charged against

that doesn’t close it completely. to close it completely you have to stop it from running in the background

@@オジーはビッチだ okay but does it still give you notifications on your desktop and keep you in voice chats?

it needs to be by default. Just like young people who are popular and rich but are stupid and still can force things to change, same applies with old people (organizations or governments) that are rich,

Deleting inactive accounts is as old as time

@@billcipher8645 I’ve heard, though I still see some oooold inactive accounts in some servers I’m in.

@@Oretal Then why have them if you don't even use them?

@@modernmarrow1411 I never mentioned owning the account. I only have my own.

@@billcipher8645 i had an account that was inactive from september 2016-early 2021 that never got deleted lol

it seems to already do that for me now, got a notification a few times when closing discord

They'll just find another way to spy on their users and ban them for having different political views.

yup

Exactly

​@Kolonyaa Bare in mind the comment im making is for everyone. People who aren't the best with computers, and still make mistakes. Hell, theres even people who have used computers for years and still make mistakes.
However. Having a password cracked is still a major problem, especially if they know you have other accounts. They can try the password on a different account somewhere that doesn't have the restriction of needing email permission or anything else. From here they can know your email, and from there they can try it onto your email and possibly get in. Having a password cracked at all is a major security risk for some, and for others, it's not the end of the world.
Education on the matter of account security is the same as a TOS. Unless someone specifically wants to know, they won't care. At its absolute best they will scroll through it just so discord then allows you to make an account.
2FA a bunch don't use because it requires an authentication app. On Andriod, the google auth is a 3.6 rating on average. That's insanely low for a security-based app. And authy? got hacked like 2 months ago. If a security-based thing can get hacked? I'm not sure I really want to trust them with running my 2FA.
For the majority of people, they wont have someone targetting them specifically with any account cracker or else wise. They would probably use a scam instead, but even so an account security risk is an account security risk.
Now do I have any qualification in saying all this? kind of. I do not work in the security field, but I did take a class relating to computer and networking security. The principles of account confidentiality, integrity, and availability are all well there. So while I am just arguing things with online strangers, I do have reasoning to say what I'm saying.

@Kolonyaa Hey thanks for taking my comment seriously, I would like to speak further of my opinions and what I would imagine would occur.
For the first thing in roblox, I actually do play roblox myself, however I hadn't heard of that event before, seems interesting and i like the idea of it on discord. However im not sure what the reward could be for people to be interested. I still like the idea from it however.
For the point of don't have the same credentials on two different sites if one has more problems. That is true indeed. However a lot of sites even now don't require any verification from an email. And some people either require those websites, or have a sense of nostalgia and keep them around. Of course there is other variables, but as a general thing there is a alternative to finding and testing ways of breaking into a person's stuff. A lot of people nowadays just have one or two passwords, if you don't need email confirmation on one thing, it can cause problems. And for 90% of users that have the same password on most sites, that would be the most likely thing to occur for them to be completely breached with nothing more then just spamming passwords. Its not likely to happen overall, but thats the most likely assuming that it was just spamming passwords.
For 2fa. I referred to it as just for a discord thing. My original comment was mostly intended, outside of using other websites that are not as good for just general password security and direct log in. To be just discord. Yes other methods do exist in order to use 2fa, however for discord that is not the case. You just have the two apps. Your not necessarily wrong in that other methods exist, and that you could use multiple. However, my exact reasoning was.
Both options currently available arnt exactly good.
And. Thats all that exists on discord as of now.
While I do appreciate the story to providing a reasoning as to why someone would target you, and why you like to "preach" for lake of better wording, about computer security. However, my comment was purely based on passwords and the assumption that the person wasn't exactly the best to handle their accounts. As based on "even if one password is cracked, it could be a major problem"
As a final clarification. My reasoning that i originally replied was to your "why do people care if they account password is breached they shouldnt care if they pay attention to the other things" and to that i say, theres valid reason to care. Its one more step to losing accounts. If you act fast it wont matter, but it only takes a few days of being inactive for any reason. And it depends on each individuals security. Talking about account security in such a broad fashion is difficult. However Il try and do a summerization of each of my assumptions.
My first assumption is that the majoity use the same, or very similar passwords for each account.
My second is that even though thats the case, the person still tried to look at things like 2fa (specifically on discord) and realized that both options on there could cause problems, or that they don't trust either or.
My third is that they probably wouldn't read through account security if it was similar to TOS, however that was already discussed plenty for work arounds.
My fourth is that they wouldn't have someone target them to much anyways. Which is more of a side point for the people that are knowledgeable in account security, specifically the people that wouldn't be effected by DM scams because they have them disabled for example.
And my final main assumption is that the other sites are also needed, or really wanted by some shape or form, but have in some way worse security. Maybe its not a lot, but even just a tiny bit of a difference can cause problems. Maybe one doesn't say the location of where it signed in from. Maybe it doesn't show whats currently logged in on the site. Maybe it doesn't have a captcha for every password fail, regardless of what it is. There is still going to be at least one site that is at least slightly worse in security. Especially if that person isn't a security freak to the point of making a new email for every single individual account. It only takes a little bit of information to find more and more rapidly.

You have been ratelimted - discord

Telegram doesn't have an option not to delete the data. You can only extend the time up to 1 year from the default of 6 months, but that is it. You have to log in.

@@R1ch4rd I know it doesn't, I mentioned Telegram for comparison as it at least has the setting and was the first to come to my mind. I would never recommend Telegram for privacy either

@@rbdm if you knew, why did you say it does meanwhile it doesn't?

@@R1ch4rd I never said it does have that. I said that Discord should have the setting in a similar way to how Telegram has it, with a sane default BUT also an option not to delete it at all.

@@rbdm my English is bad, my bad

Gotta love the karma

they can make that money back in under a month

@@cuminthesink It will be a pain tho, greedy people don't even like to pay 1k dollars
edit: 1 dollar

€800 000 actually 🤓🤓🤓

@@lxdixd 🤡 There was no need for correction they wrote it in USD

I mean you can log in the acount then leave Takes like 10 minutes to do

@@Conductor01 I should have clarified that my account was hacked and then locked out since the hacker placed their own 2FA on my account. I've had the account "disabled" or suspended and it requires you to reset the password, but you still need 2FA which I have no access to.
Can't login to prevent it.

@@pankudev i had the same issue but i emailed discord support, they replied within 2 days but i did mention i had nitro for a while. you could try that

how was it hacked im curious

Your fault for not setting up your own 2FA first and clicking on that nitro scam link :^)

except he is one

🤓

@@vixer9950 oh my god who cares

@internet admiral asn True but their email can be spoofed and if they cracked the password most people use the same password everywhere so they can possibly have more than just a discord acc compromised

I am curious how you know this.

@@dusaprukiyathan1613 It's common sense tbh no one is gonna waste more than 30 min of their time unless it's worth it

@@dusaprukiyathan1613thats just basic IT security knowledge

Yes that is true. That alone they need sued over and over. People seriously need to stop being afraid to sue these companies for evading their rights and privacy.

What part of the TOS? Just curious

yea but you cant do anything about that since u agreed to the TOS when signing up

This is in section 3 of discord's tos: The information we collect
*INFORMATION YOU PROVIDE TO US*
"*Content you create*. This includes any content that you upload to the service. For example, you may write messages (including drafts), create custom emojis, or upload and share files through the services. This also includes your profile information and the information you provide when you create servers. We generally do not store the contents of video or voice calls or channels. If we were to change that in the future (for example, to facilitate content moderation), we would disclose that to you in advance. We also don’t store streaming content when you share your screen, but we do retain the thumbnail cover image for the stream for a short period of time."
"*Information from actions you take*. We collect information about your use of and activities on the services. This includes the friends you add, the servers or other communities you join, your roles in servers, content moderation decisions you make, and other related actions."

@Kolonya Please take a little trip to the psycho ward

@@raj.r412 I'm not sure I Don't read tos I use a tos checker site that tells you the privacy stuff you agree too

People will minimise the special characters and make them easy ones to get to on keyboard if you try to enforce it like this, and as a cracker I can now disregard all passwords that don't meet these rules. Finally a totally randomly generated password by chance failing these rules may not be accepted now. NIST retired this recommendation long ago, and in 2017 put out a set of new standards (NIST Special Publication 800-63, 800-63B is the one with the how to password 101 in it) that totally and uterly covers the yeah, our bad, here is how you should do it. Check against commonly used password list, minimum character length and allow any character you can.

Discord: *Gets charged for breaking a whole collection of laws, then forced to change their behavior without wanting to*
Mr_Drip: YOOOO massive W for Discord!!!1!1!!!1!

@@XenorioWasTaken Maybe they meant Discord as the people using it.

though, password cracking isn't how people get into accounts, people use various ways to get your token, which allows direct access to an account without the credentials no matter where you are (which is kinda sussy)

​@@chlorobyte_projects It's a form of cookie. Anyone can get access to your accounts through cookies. Most company already use cookies for account sessions, so that's got nothing to do with Discord, just how accounts work nowadays. Nothing they can do about it. Anyone dumb enough to run something that steals cookies (such as Discord's token) is at fault here.

@Kolonya I'm not sure about the phone number thing. Afaik they only require you to have a phone number on your account if there's something suspicious to Discord going on, like multiple accounts being created on the same computer and IP. As for the credentials, that depends on the website. If a website wants to store your email, phone number and home address, and you allow it to, it might as well, but as far as I know Discord doesn't store any of these (because it doesn't even ask you for permission either way). And as for your password, it's hashed so you can't really get a password just from cookies. But the other information that they store, like your home address, phone number and email... Well, your email is pointless, your phone number is just as pointless since it is easily changeable and you can just block a number if someone annoys you, and your home address, well there are multiple ways of getting someone's home address, but again, this also depends on the website. Not every website stores your home address.

A LITERAL discord server?

are you sure it wasn’t a LITERARY server? I’m kinda sceptical on the LITERAL part

@@Worsterest Yes it's true that they did make a Discord server, Im not sure if it's still up.

If a child is in danger on discord, it's usually always the parents fault.

@@variegatus4674 While I agree that many parents can do more to protect their children from pieces of shit online, Discord is HUGELY at fault for lackluster child safety measures, as well as failing to mandatorily report illegal content such as CSAM to authorities. They will purposely delete servers/evidence instead of archiving such content to report to authorities (they are required by law, like any tech company in the USA, to report illegal material).
Cybertip/The National Center for Missing and Exploited Children is the best way to report such things, and they are well aware of Discord's laziness or purposeful obliviousness to the MASSIVE child safety issue and CSAM issue on their platform.
It's not even just child safety, they are also being investigated for being complicit in events such as shootings, where the perpetrator had demonstrated the desire to commit an act of violence/crime.
They also make the reporting process purposely tedious and it is simple for any user or server to avoid getting reported by simply deleting their messages. To archive a message (or so they claim) to report, you have to use the mobile app, which is clunky when it comes to reporting and copying each and every message link that you reported, as well as keeping a descriptor.
It's sad that more is not done by companies like Discord, and they absolutely need to be held accountable for disregarding privacy, and failure to take measures to ensure the safety and protection of children on their platform, as well as mandatorily reporting illegal content and the users who distribute it. It's sickening.

@@variegatus4674 That too.

@@donkeykongisbetterthanmari7495 I also thought of something just now... it's also the childs fault for not having common sense and more than half a brain

@@variegatus4674 Don't blame children for being naive. Blame the parents for not having the integrity to sit down with their kid and teach them about online safety.

Sorry to bother you but out of curiousity, what happened to her?

@@edu7979 No worries, she passed away unexpectedly upcoming 2 years in February so I would say that is when her account will be deleted based on this video.

​@@HKZTHAPIRATE You can download everything if you have access to her account, I did it a few weeks ago and it looks like everything I've ever said is inside. I don't think replies are included and such, I haven't actually checked closely. But if you download your own account's data too, you'll have the complete interaction.

@@Herkan97 That is smart, thank you.

I don't think you can legally consent to that but I'm unsure...

@@erikkonstas I don’t think you can legally deny their ability to remove their services entirely without reason.

@@notchs0son I mean legally consenting to permanent retention of account data.

Pretty sure they added that several months ago worldwide.

@@yoshicake
nah they definitely haven’t I just logged into my account from like 2017 and I stopped using in 2020

A rare sight of the french actually doing something right

I don't think the messages will be gone
for example even if you delete your account rn the messages will still be there
but your account info won't be showing

@@James-un8io
you can information in messages. thats the whole point.
its also why every single message you send is given to you when you request account info

actually i want them to stay

@@Nobody00008 y

better delete all those messages yourself then because discord certainly wont to it

Apple is already being forced to use USB-C

@@Smileyreal yeah that's what i meant i just forgot what USB

@@Smileyreal thing is, they gonna go wireless to not use usb c

I mean it’s not really as a normal routine. Imagine logging off discord by clicking the x while in vc and not being aware of still being in chat, letting everyone else hear your mic and potentially letting discord record it

Yeah almost all Mac software behaves this way iirc haha

Try not looking at the video instead just listen

It's a setting you can turn off, it's a completely optional thing

​@@modernmarrow1411 True, plus a lot of applications and games have the same feature, it’s a fairly common thing. If the user wants to quit discord they can just right click on the task bar icon. I personally find it practical and fast to be able to minimize discord by just clicking on the very corner of my screen.

The point was that this option should be the default and not the other way around, to comply with GDPR

it isnt set on by default, if a user doesnt know that option exists or doesnt know that discord runs in the background thats a big problem

Bro this thing happened with my friend so many times this is literally a privacy issue for many users who only know that clicking on the 'X' will close it. They don't even know that some thing called "tray" exists on their pc. Many people also asked discord earlier to make this change but they didn't, I am very happy that they charged them. Now they will surely default it or did it. 😂

You right click the Discord Icon on the tray and click quit.
No seriously I can't be the only person who didn't struggle with the X button not fully closing Discord.

a lot of programs have that unfortunately,so I always check the task manager after closing a new one

discord have an option to fully close the app when pressing the x button in the "advance" setting..so i dont really get that.. did they just not try to check the discord client settings?

I think the issue is that it's not that way by default.

@Kolonya The "-" button literally exists to minimize programs at user's will though

It's a common thing, this is more for the old people that do not understand modern times and most likely don't bother understanding anything new.
12 out of say 15 processes in the tray are either already only there or can be toggled to be only there. They are not on the task bar and pressing x does not close the program. That's most programs I currently have on that do not close on x, it's not an issue. Imagine you see a window and you try to bust the window open to get out instead of using the door handle for the door the window is attached to. It's not a person that wants to understand.

same thing happened to me, but he fucked off after a while

*With regards to a user's right to their data. However, it seems a lot of people are meaning "I don't want anything reposted about me if I don't like it" instead of "I don't want my data becoming a liability to me."

Problem is, most of these corporations have large sways in politics, so they won't vote to actually limit themselves.

That's... the side effect of not having a potential liability bomb brewing. Sucks, but inactive accounts being deleted is a tale as old as the internet itself.

@@bakerboat4572 Tell that to Steam.

Except it does mean the password itself and not any (salted or not) hash of it. The question is whether Discord's servers will allow it (they won't because they don't want to be DDoS-ed with login requests).

Reading youtube coments about security is always enlightening...

@@Darkxellmc true, you can just slap on a email and slap on the 2nd verification thing as well and it wont be cracked

Yeah 800 buckeroos for discord is nothing

18.75% of their 2021 value is not what I would call "pocket change"

@@ShiroIsMyName Well where'd you get those numbers from lmao if you had used your braincells and googled it you'll know they got $300m in 2021 and they only lost $820,000 which is just 0.27% of 2021 revenue

@@xClairy 300M is their revenue, not their benefits. One is before tax and cost, the other one after. the numbers are from the Forbes article regarding Discord.

@@ShiroIsMyName Unfortunately i can't find it can you link it or give the search query you used?

Teams does but the call is a separate window so it would close the call

ikr

it's not the default is why, I'd assume they'll be making it the default setting going forward

true but i would say they should make it default the app closes and just have the setting to minimize it instead

there is a setting, just not default and twitch and etc also doesnt have it defaulted

@@yamiru3417 I know there is I was just saying it should be default to close fully

18.75% of their 2021 value is not what I would call "a dent"

@@ShiroIsMyName Nice statistics bro where the sauce at?

You're talking about a company that abandoned their last online service without notice, and to this day, exposes their token-incompetence by failing to base64 encode userids.

Oh and just to add a little more context to Article 25.2, if that goes to Appeals and is allowed to stay, every desktop & mainframe operating system in the world will be banned from the EU because they all use background applications you can't see or close to work.

fr