On the exefile.exe process there is a parameter called /machinehash, what is the parameters (presumabily made up of values identifying my machine) of that value and algorithm used to compute the hash and what is the purpose of it?
It’s a short hash (32-bit) so a weakish algorithm (MD5? Truncated SHA-1?)?
This would qualify as PII wouldn’t it under the GDPR (as far as I can read it is qualifying as PII as pseudonymisation is not the same anonymisation and can be used to identify as per Recital 26 of the GDPR, even if you cannot reverse the hash, you can still attribute it to an individual, even individuals whom have no account with you if using another machine).
From the Privacy Policy - CCP Games
Which data components are making up the machine hash and how would using Wine on Linux affect that?
If we change hardware configuration, so what? That means one component would need to involve the client hash in order to determine unauthorised modifications, so why not just use the client hash? That’s IF the purpose is as per privacy policy statement, to detect unauthorised clients. Knowing the machine configuration says nothing about the legitimacy of the client code.
The keywords here in the CCP declaration of purpose of use are
That seems to be overreach and outside the stated declared purpose. The items listed cannot be used to determine legitimacy (approved by CCP) of the running game software. It also states may, however this value is passed in EVERY time the game client is launched. That contradicts itself.
However, it very well can be used to fingerprint and identify an individual (which is not what that privacy policy section is declaring).