As you’re aware the European Union has recently enacted new rules that will help protect your data – the GDPR. And you’re now well aware that companies will have to change the way they handle their EU users’ personal data or face serious fines. The regulations are intentionally broad, which has led them to affect industries that aren’t typically thought of as dealing with user information – like gaming. That means gamers are protected by the GDPR while playing games online. But in complying with the new EU regulations, gaming companies are getting nervous that they will inadvertently run into issues with these new rules.
The GDPR replaces the 1995 EU Data Protection Directive, forcing every company around the globe to abide by strict rules when handling European subjects’ personal data. The regulations were adopted to protect EU residents and arm them with awareness about how companies use their information. While GDPR addressed tech companies that have dealt with and make money off user data, like Facebook and Google, the expansive definition of “personal data” — everything from names and email addresses to biometrics and IP addresses — means that gaming companies have had to comply, too. And that has cost them time and money to avoid incurring fines.
Is this a good thing? It is for gamers in the EU as they will now have a better idea of what information is being collected, and then how it’s being used. There are some gamers outside of Europe who will also benefit too. Razer, for example, is treating the GDPR as their privacy bellwether and have adopted it globally. And maybe more companies should be adopting it as their own.
The problem with data collection, in general, is that we might never know if adopting these kinds of regulation ends up actually preventing a disaster. Jay Stanley, a senior policy analyst at the National ACLU had this to say:
“One of the things that GDPR may do is head off potential future privacy scandals that might not even happen because of the law. Like all programs and apps, there’s potential in games for mischief when it comes to collecting valuable personal information for users. We don’t know exactly how much this European law will affect the practices in America, but it can’t hurt, and there’s a good chance it’ll offer some protections.”
I think that’s the big take away in all of this – it can’t hurt. At this time, however, we don’t know how much effort it’s taken the gaming industry to adapt. I mean, is it millions of dollars, or was this just a matter of moving a few things around internally? I’m guessing it’s not the latter. But I don’t necessarily think it’s a bad thing either. All tech companies need to understand how user data moves throughout their operations, and you can’t put a price on that.
That said, there are some companies that might not be able to withstand the GDPR in terms of changing their practices. On one hand, I think that’s too bad, but on the other hand, we live in a time when privacy is paramount, so if the company can’t bring their systems in line with the new rules, I don’t think there’s room for them anymore. Only time will tell which games and companies will survive the GDPR.