The tech world has been bracing for a new set of European privacy rules that go into effect: the General Data Protection Regulation, better known as GDPR. Compa…
The tech world has been bracing for a new set of European privacy rules that go into effect: the General Data Protection Regulation, better known as GDPR. Companies will have either changed how they handle their EU users‘ personal data or face serious fines. The regulations are intentionally broad, which has led them to affect industries that aren’t typically thought of as trafficking in user information — like gaming. That means gamers are protected by GDPR while playing online or posting in forums. But in complying with the EU regulations, gaming companies are nervous that they’ll inadvertently run afoul of the new law’s vaguely written rules.
The GDPR replaces the 1995 EU Data Protection Directive, forcing every company around the globe to abide by strict rules when handling European subjects‘ personal data. The regulations were adopted to protect EU residents and arm them with awareness about how companies use their information. While GDPR addressed tech companies that have dealt with and make money off user data, like Facebook and Google, the expansive definition of „personal data“ — everything from names and email addresses to biometrics and IP addresses — means that gaming companies have had to comply, too. And that has cost them time and money to avoid incurring fines.
This is good for gamers in the EU, who will have a much better idea what information is collected when they play, buy products or use services. Game enthusiasts outside Europe will benefit, too, as some organizations, like Razer, treat the GDPR as a privacy bellwether and adopted it globally.
Like most protective measures, we might never know if adopting new regulations ends up preventing a disaster. „One of the things that GDPR may do is head off potential future privacy scandals that might not even happen because of the law,“ said Jay Stanley, senior policy analyst at the National ACLU. He cited Vizio’s incident using smart TVs to track users‘ behavior without their knowledge as an example, a scandal that cost the company a $2.2 million fine from the FTC.
„Like all programs and apps, there’s potential in games for mischief when it comes to collecting valuable personal information for users,“ he said. „We don’t know exactly how much this European law will affect the practices in America, but it can’t hurt, and there’s a good chance it’ll offer some protections.“
It’s unclear how much effort it’s taken the gaming industry to adapt to GDPR: No companies contacted by Engadget disclosed how much it cost to comply.
