Read the Fine Print

posted by on 22nd August 2014, at 3:14pm | Discuss Article

When someone mentions online privacy, the first thing that probably comes to our minds is the revelations of Edward Snowden regarding data gathering by the United States government. Not only have we heard about the methods used and the amount of data being gathered, but also the collection of data on U.S. citizens themselves. This doesn’t even take into account how the information is being used. To most of us gamers, data gathering is nothing new. In fact whether we know it or not, many gaming companies have been doing it for a long time. Granted, the kind of information they gather is much narrower in scope than what the U.S. government wants, but the information is just as revealing to companies.

If you don’t believe me that gaming companies don’t gather information, Google “privacy policy” followed by the name of your favorite game publisher. There’s a good chance you’ll find one. A privacy policy is simply a document that outlines how a company manages data used by gamers. Any and all information you give, create, generate, use, etc. belongs to the company that owns the game. That in itself is a stunning concept. For all the time they put in, none of the data used belongs to gamers, but to the company.

Upon further consideration, this makes sense. The gamer did not create the game itself. The company did. Not only that, but the data generated by gamers would not exist without the work of the gaming company to make it possible. Any data used by gamers is fair game to be collected by a gaming company; this much even I could agree with. The trouble most companies that do data collection get into is the kind of information being collected. This is where privacy policies start to matter.

A standard privacy policy will always contain an opening/introduction, definitions, policies, and answers to questions.

Opening/Introduction

The opening/introduction section of a privacy policy usually starts out saying that “By registering to use this (insert platform or service), you agree to this privacy policy.” This opening is a short clause that tells gamers at the very least, they agree to follow the privacy policy. Most people never read privacy policies anyway, but those that do read see in the very first sentence that they agree to abide by the policies laid out.

Definitions

If gamers continue to read a privacy policy, the next thing they come across is a definitions section. Before you can get someone to agree to follow something, you have to define your terms so both parties are on the same page as to what words and phrases mean. Definitions cover what is constituted by the word “data,” “personal information,” “non-personal information,” and other various terms used throughout the document that could interpreted multiple ways.

Policy

Halfway through the document, we finally get to the heart of the policy itself. In this section, gamers can read about how, when, and what information is collected. Companies try to be transparent throughout the document; however, they can leave many parts of the policy vague and open to interpretation. Although I’m not 100% sure, I don’t believe a company has to tell you what it plans to do with your information. Only that they collect it, transfer it around, and use it for whatever purposes they intend, stated or unstated.

Answers to Questions

Often times, companies will preemptively answer the questions going through gamers minds who have read this far and are probably wondering “why the heck am I trusting this company with all this information.” Again, the level of transparency in this sort of section seems entirely up to the company. Sometimes they’ll mention third party involvement or deletion of information. Usually this section will try to ameliorate fears gamers have about personal information going to third party sources. Most companies don’t do this…at least not without your consent they say.

All in all, it is a blessing and a curse that gaming companies, unlike the U.S. government, have taken the time to address the issue of privacy and draft up policies outlining everything a gamer needs to know about it. It is a blessing in the fact that these types of documents exist, are well crafted, and are very clear on companies’ privacy standards. It is a curse in the fact that companies are able to set their own terms, collect almost all information, and do pretty much whatever they want. Seems hardly a fair situation for gamers, but unfortunately it’s how things currently stand.

This leads us to the crux of the article. With such a thorough document regarding data collection, what should gamers know and expect about their privacy? Well for starters, you have to know that anytime you sign up to use a service (whether it be Steam, Origin, Xbox Live, etc.), you always agree to some sort of privacy policy. You may skip over it quickly and not look at it or remember it later, but you do agree to one.

Privacy policies are also iron clad. By that, I mean they are very clearly defined, well written documents. I can guarantee you that companies spent the time and money to hire lawyers to draft, review, and finalize the document. Given this, it is highly unlikely that even if you went to court with a company over something stated in the privacy policy that you don’t agree with, you have a zero percent chance of winning. These documents are just that sound.

But even though these privacy policies are in place, it doesn’t mean there’s no room for change or input from gamers in the future or even now. Just like the U.S. government after Snowden, gaming companies are not static entities that are completely oblivious to the world. In fact, many times companies will elicit feedback from players on many things even through privacy has seemingly fallen through the cracks.

What is the importance of privacy to gamers and how should gaming companies work with them on it? Well, I absolutely believe it’s important that gaming companies get feedback from players on what they are comfortable with in terms of information collecting. Both sides can likely agree that any information from the game itself is fine to be collected. However, when it comes to personal information, there needs to be an understanding and clear procedures on how to manage that type of data collection.

Online privacy, both in gaming and the world at large, will be one of the biggest issues to address over the next decade. There will likely be an indefinite struggle between the individual and larger entities, namely businesses and governments. The only chance individuals have of affecting policy is by educating themselves and by making their voices heard now, loud and clear, as to the kind of privacy they want in the future.