The Plex video player launched a new social media feature where it shows you things like “your friend Nelson watched Totally Licensed Movie last night”. You can see your feed of friends’ activity at this link. This seems to be part of a broad new product effort called Discover Together.
I didn’t opt into this sharing. I don’t want my friends to see a list of the TV shows I watch. Plex unilaterally decided to start collecting and publishing that data without my explicit consent. Which video files I watch is private data and potentially a legal problem. I can see how it’d be useful for Plex to become more of a social media app. But the abusive way they launched it makes me want to go scorched earth and block every aspect of data sharing I can from Plex.
Update: in a discussion on Mastodon a Plex engineer responded with a personal (not official) comment and said
You should have been shown two screens at some point; one to opt-in or out of view state syncing, and another more recently to opt in or out of the social sharing stuff, and would have needed to opt-in to both for any of this to be shared with friends.
So it’s possible I clicked something at some point to allow this.
Update 2: over on Reddit someone posted what the UI looks like for the opt-in I might have clicked. There’s four screens that pop up interrupting whatever you turned your TV on to watch. The first three are marketing copy, the fourth is the consent request. It’s very unlikely I paid enough attention to this to make an informed choice. It also looks like the default was to opt people in to friends sharing.
Update 3: PC Gamer has an article about Plex’ explanation of how people got this turned on without their consent. Turns out the “You’re in control” UI has a flow which turns off the privacy without the user intending it. Terrible design although not clear if it’s malice or incompetence.
Here’s what I did to preserve my privacy. I found two major things to block in Plex: watch history and ad preferences. There’s also some other minor account settings. Details below.
Profile settings: activity sharing
You can opt out of sharing what you are watching with friends by going to this link to edit your profile and selecting “Privacy Settings” at the bottom. “My Watch History” is the one I found most invasive.
Account setting: ads and more
Plex has a bunch of other privacy settings in your account. You can edit them by going to this link to edit your account and looking at the bottom for Privacy. There are several links there.
The most useful one is the Ad Vendors page, where you can opt out of them selling your data to 100+ marketing companies. This only works in some US states (thank you, California!) You have to disable your ad blocker to see the UI that lets you change things.
Here’s the list of opt-out states. The obvious typos are perhaps an indicator of how seriously Plex takes this part of their product.
California Colorado Connecticut Virginia Utah Indiana Iowa Montana Oregon Tennessee Texas Massachusettes New Jersey Pennsylvania Deleware
There’s also a “Privacy Preferences” link that takes you to this part of the webapp. It looks mostly like legalese text but if you look closely there is a checkbox you can turn off for “Send playback data to Plex”.
Further up the account settings page there’s also “Sync Your Watch State and Ratings”. That’s also keeping a record of what you watch. I think this particular feature is private to you and it provides a useful function, so I’ve left this one on for now.
Dark patterns
Plex’s scattered privacy settings seem designed to make it hard for users to find and configure them. It’s so hard to even find these things that I had to write a whole blog post. And after spending 30+ minutes on this I’m still not sure I got it all configured the way I want.
The playback preferences are buried deep in thousands of words of legalese text. The ad vendor preferences are only available to users from certain jurisdictions. And then the UI doesn’t even work if you are running an ad blocker (as likely 98% of people who get to this page are).
Maybe that’s all just bad design, Plex is not the most professional product. But it sure feels intentional, to keep users trapped in choices that benefit the company.
Nelson's log 
I don’t really buy the whole “you had to click this to enable” nonsense either. When you throw a new and probably vaguely-worded option in front of somebody they may consent without fully appreciating what is going on behind the scenes. It’s a lot of semantic sleight of hand. I wish Jellyfin were more ready for prime time.