Data Collection Is the Real Business of Video Game Companies

March 24th, 2019

Modern gaming revolves around online connectivity. Without it, playing games like Animal Jam and Fortnite is impossible. Although these games claim to be “free” to play online, there’s always a price to pay for this level of access. And in the case of online gaming, that price is a wealth of personal information that’s made available to gaming companies.

Downloading a mobile game typically prompts a series of requests for “permissions.” These have become normalized over time, but they can (and should) cause parents to exercise caution. A game might require location services to be on, potentially for valid reasons, but do you really want a game provider to know where your son or daughter is located?

Unfortunately, these explicitly stated permissions are just the beginning. The real data collection is detailed in the game’s privacy policy, which most people don’t bother to read. That’s a shame, because it almost always contains vital information about collected data that would shock most parents.

What Privacy Policies Don’t Tell You

Privacy policies cover the collection and usage of some of the expected topics, such as the information provided by gamers when they sign up for an account. However, privacy policies can be vague, and it’s not by accident.

The Epic Games privacy policy, which governs Fortnite, includes such open-to-interpretation items as the collection and use of “Information that facilitates a safer and more personalized experience”. One one hand, that does include legitimate factors, such as identifying areas where gamers are having trouble and making those areas easier to manage. This exact scenario came to be famously incorporated by King, the makers of Candy Crush.

However, Internet users are well-trained in expecting the worst from the privacy policies of large companies. Parents have every right to assume that “Information that facilitates a safer and more personalized experience”, in practical use, actually means the selling of consumer data for profit. While there is indeed a law that aims to protect children from being tracked by gaming companies – the Children’s Online Privacy Protection Act – the law only applies to children aged 13 and under. Guess how many kids use their actual age when downloading software that’s restricted to kids under 13? That’s a loophole that companies can, and do, exploit, to the tune of more than half of 6,000 studied apps violating this law, according to a study done earlier this year.

Your Voice Recordings Aren’t Necessarily Yours

A growing concern in gaming and elsewhere is the potential collection and inappropriate use of voice recordings. It stands to reason that our every conversation could be recorded. After all, if Alexa hears us ask her about the weather, what else might she be hearing? In the case of video games, companies are allowed to record and utilize voice data from gameplay. However, it isn’t exactly clear what’s done with this data. This is another case where parents have to assume the worst – think back to Fortnite’s privacy policy. What’s stopping Epic, or any other gaming company, from claiming that analyzing and selling voice data could somehow lead to a better gaming experience?

At minimum, know what you’re getting yourself into before signing your kids up. Encourage them to play online for just short durations of time, and with voice chat disabled. For mobile games, consider using ad blockers or VPNs that minimize the inherent privacy risks that come with mobile gaming. It’s a dangerous world out there, but there are measures you can take to allow your kids to have fun without exposing them to major risks.

. . .