Thursday, September 18, 2014
Joe Newman & Joseph Jerome, Future of Privacy Forum, and Christopher Hazard, Hazardous Software, Inc., are publishing Press Start to Track?: Privacy and the New Questions Posed by Modern Videogame Technology in the American Intellectual Property Law Association Quaterly Journal (2014) (forthcoming). Here is the abstract.
Advances in technology – particularly in the field of online communications – have revolutionized the way modern videogames are made and experienced. The evolution of many games from standalone products to constantly updating online services has all but upended the industry, creating new game features, new types of interactivity, and new monetization strategies. Mining player data has incredible potential to benefit both developers and players alike. Nevertheless, the shift to games as a service also means that players must put their faith in developers to consistently respect their personal privacy.
Today, videogames collect and generate enormous amounts of information about their players, much of which may be considered highly sensitive. This data includes information relating to the real world, ranging from a player’s voice or physical appearance to his location or social network. It also includes detailed information from the player’s actions within the game world, which may be analyzed to create in-depth profiles of a player’s cognitive abilities and personality. Information collected within a game has many uses both within and outside the gaming ecosystem. Among other things, a player’s psychographic information can be used to create personalized gaming experiences, drive educational games, and dynamically adjust a game’s difficulty or mechanics to keep players engaged (and spending money). This paper surveys some of these applications, revealing the potential for both major innovations in the games industry as well as major risks for player privacy and trust.
The game industry must confront and address the privacy issues raised by player data collection, lest it becomes the latest scandal to draw the ire of policymakers, parents, and players. This paper briefly surveys the many laws, agreements, and regulations that affect data collection and use by games, such as the Children’s Online Privacy Protection Act (COPPA), the Fair Credit Reporting Act (FCRA), intellectual property laws, international privacy law, the Federal Trade Commission’s Section 5 authority, and other relevant frameworks. Privacy guidelines for developers remain underdeveloped when it comes to fully capturing player’s privacy expectations. Rather than proposing strict rules or attempting to balance benefits to players versus harms, this paper simply aims to show where users are most likely to be unpleasantly surprised by data use. By better understanding player’s privacy expectations, developers will be better able to reduce surprise and foster player trust.