ESI Scopes that let others read your entire mail box

I think OP just wants the ability for corps to access the mail scope removed but not possible without removing the scope, which i disagree with removing it

Right. Being that the scope is granted to an application, which is not an Eve entity, it can’t be controlled that way. Whoever has control of the application you grant access to has control over the use of the data that application can access.

I understand your hesitation about relinquishing these scopes, especially if it restricts access through your own programs. I believe it’s possible to both prevent corps from having blanket access to your mailbox and still allow you to retain personal permissions. There’s certainly a way to ensure that only you can access your mails via an app or program. As Geo Eclipse rightly pointed out, I have no issues with this being used for personal purposes.
However, the current state goes far beyond just personal use.
A choice that demands players to sacrifice their personal privacy or face exclusion shouldn’t exist in a video game.

With encapsulating regards
-James Fuchs

1 Like

I don’t think so but purely because I doubt a good spy would communicate with the alt he infiltrates. Information on other potential alts in the account would be more useful I imagine.

Not necessarily difficult but unreliable. Especially online when a lot of the mannerisms helpful to read someone are missing. The answer could be starting corporations, let them in slowly while gauging intentions.

I don’t know what particular subject could be so damaging and yet can be brought up inadvertently. And someone with such loose tongue could not be trusted in a PvP game.

But it is imposed. For good reasons like the ones listed on the forum by ISD when they close a thread that went off the rails. GMs in game chat… Self-censorship is asked of players to avoid harassments of all kinds and it is asked irl too.

The process should be clearly explained and the choice respected.

What kind of data is concerned should also be taken into consideration. Character data, game-related data… Some information has to be shared and the developer shouldn’t be responsible for the way players use the chat, mail and how much they want to reveal about their lives in those communication tools.

I’m glad we can do that in a civilized manner and I think you are right to bring it up. But it’s a thorny subject for everybody.

And I appreciate yours and the way you present your points. I am not against anything that can improve personal privacy in online games. The thing is it has to be done right, in a way that won’t hurt the game and that everyone can understand and be happy with.
What are the alternatives besides what we have now?

It’s not though. It’s only accessible to people that you give access to. If you don’t trust them, don’t give access. It’s that simple.

1 Like

You already can grant access to your own applications without granting it to any corporation’s application. As it stands, the responsibility for deciding who gets to do what with your data is your own, which I think is as it should be.

You want to make it impossible for me to grant this permission to anyone of my choosing because some people can’t or won’t make good decisions. If I want to grant a corporate application permission to read my mail, I want to have that option because it is my data and I rightly should have control of it. Control implies responsibility. Responsibility I don’t want to delegate away to an authority figure in exchange for that control.

You could maybe invent some system that is more convoluted and painful in order to protect people from their own poor decisions, but as long as they’re free to make that decision there will be invasive apps and people making poor decisions. This is unfortunate, but vigilance is the price paid for the freedom choice.

Fortunately this is just a game and the stakes are low. For their own sake, people need to learn to be vigilant before the stakes get any higher, and Eve is as good a place as any to learn. People are ever too willing to give up their rights and freedom for safety. As long as the user is making their own decisions as to who gets access to their data, I don’t have a problem with it. A data leak the user is unaware of or did not authorize would be a problem, but a data dump they authorize is not a problem for me. Let them decide for themselves if they want to give up their privacy in exchange for what that corporation or alliance offers.

Generally I think this is a pretty crappy thing to do to your members, and I would not join such a corporation, but I am a Gallente at heart and freedom is my bread and butter. I give people all options that do not infringe on the freedom of others and allow them to make the choices I would not. Think of it as an opportunity to start a corporation that doesn’t do that, or think of it as a mark that describes a corporation you don’t want to join so it is more obvious who cares to know their members well enough to decide whether they can trust them without reading all their mail.

I don’t have a problem with it as it is, nor do I really have a problem with you having a problem with it. I just philosophically prefer more choice and more responsibility to less choice and less responsibility.

Maybe CCP should make a new ESI function called spy_check that returns true or false :smiley: and that should be enough

Agreed. While it’s expected for serious infiltrators to work around these practices and hence rendering these ultimately ineffective, the idea isn’t just about in-game espionage. It’s about basic privacy and the principle that players shouldn’t feel like their in-game mail system can be an open book for others.

Absolutely. And while human interaction might be unreliable, isn’t that the vital part of what an MMO is about? Judging character, forming bonds, and sometimes making misjudgments? Should all this be replaced by clicking a button?

It’s not necessarily about damaging subjects but more about the principle of privacy. A casual mention of a vacation, personal struggles, or even just sharing a discord link to communicate outside the game can be unintended slips that players might not want openly accessible.

While self-censorship is indeed required in certain scenarios, there’s a difference between being wary of sharing sensitive personal information in public spaces and having your every private conversation be directly forwarded to a recruiter’s screen. While the former is just considered good practice, the latter is very much considered thought-police.

I do agree, but a fine line must be drawn. Players must have agency over what they share. It must always be their personal choice if they want to forward their mails, and they should always know who exactly is going to receive it.

This is where our views might diverge.
In my opinion, no entity, be it a player, corporation, or alliance, should have the ability to access a player’s private in-game mails. Full stop.
This is not a matter of compromising or finding a middle ground. It’s a fundamental belief in the right to personal privacy.
A belief in the principle, that the final say in who gets to read your mails is not the recruiter, the alliance boss or any other quack with enough permissions, but it is you yourself!

No more of this glass house nonsense.
No more giving up fundamental rights so big corporations can play space dictator better.
The current system’s design should inherently lean towards safeguarding your personal privacy, and any alternatives we consider must begin with this foundational principle. I have outlined a few ideas in the reply before, in regards to the personal usage of mail access.

Either way, thank you for engaging in this discussion so constructively, your replies are appreciated.

With undisclosed regards
-James Fuchs

1 Like

Does it show location, Ip, or even mac-address?

Thank you for your thoughtful reply, Qia. I completely understand your standpoint on the importance of freedom and choice, particularly in EVE, where it is all about personal choice and freedom (or lack thereof).

However, I really want to clarify a point.
Let’s say that the ESI mail scope actually is banned over night.
This does not in any way prevent you from actively sharing any piece of information or mail with whoever you wish, does it?
You can still compile messages, include all the relevant parties, and hit send.
The difference is, you are deciding who gets the mail, and what kind of mails they get.
It’s about the active choice of sharing versus having a system where, by default, others have continous and direct access without the your immediate and transparent acknowledgment.

And since there is no warning or indicator that your mails are forwarded in this way, there might very well be users at this moment, that are not even aware that all of their mails have been open season this entire time!

My argument is rooted in the principle of privacy by default. It’s not about restricting one’s freedom to share but about protecting one’s right to keep things private unless they expressly decide to share.

I value your perspective on personal responsibility and choice, but I also believe that systems should prioritize protecting the individual first and foremost. After which, it’s up to them to decide what they do with their data. That’s freedom.

Again, thank you for contributing to this discussion.

With valued regards
-James Fuchs

I’m not sure we have the same definitions here. You are presented with a window that describes the scopes you’re allowing, and you have to agree to that, so you do have privacy by default, and the scope is listed so you know you’re granting it.

Now if your argument is people should be made more aware that the scope is included in a request, or that what they’re agreeing to should be more obvious (It has been a long time but, if for example it’s listed as esi programmer gobbledegook and not in plain English like “The application will be able to read all your mails.” then I don’t mind making things more clear to the user, but I would still leave it up to the user to decide what to grant and the app developer to decide what scopes to request. You can also revoke permission at any time. It is not perpetual. If you change your mind, you can do that. For the sake of anyone who’s granted mail reading permission to an app, or any permission for that matter, and wishes to revoke it you may do so here:

If corporations are trying to surreptitiously get people to grant this scope, then I believe that’s a violation of a user agreement and subject to enforcement, but I have not thus far heard of this happening.

1 Like

In my alliance, I require everyone to let me read their IRL emails, so when you think about it the ESI thing isn’t that extreme.

1 Like

And bank accounts too?

You gotta pay to play!

I would **** on your table and leave the office grinning :slight_smile:

1 Like

How to fill empty cells with 0, with value above/below in Excel???

You use something like this…


That defaults the cell to either 0, or the value that is in EN48

1 Like

Wait, there are alliances that don’t require this?
I’ve been lied to!

Ok calm down miner

I have a question about this if I may.

Does the notes that we type on the Character Information page readable to others?