The Unnerving Rise of Video Games that Spy on You

Players generate a wealth of revealing psychological data -- and some companies are soaking it up. From a report: While there are no numbers on how many video game companies are surveilling their players in-game (although, as a recent article suggests, large publishers and developers like Epic, EA, and Activision explicitly state they capture user data in their license agreements), a new industry of firms selling middleware "data analytics" tools, often used by game developers, has sprung up. These data analytics tools promise to make users more amenable to continued consumption through the use of data analysis at scale.

Such analytics, once available only to the largest video game studios -- which could hire data scientists to capture, clean, and analyze the data, and software engineers to develop in-house analytics tools -- are now commonplace across the entire industry, pitched as "accessible" tools that provide a competitive edge in a crowded marketplace by companies like Unity, GameAnalytics, or Amazon Web Services. (Although, as a recent study shows, the extent to which these tools are truly "accessible" is questionable, requiring technical expertise and time to implement.) As demand for data-driven insight has grown, so have the range of different services -- dozens of tools in the past several years alone, providing game developers with different forms of insight. One tool -- essentially Uber for playtesting -- allows companies to outsource quality assurance testing, and provides data-driven insight into the results. Another supposedly uses AI to understand player value and maximize retention (and spending, with a focus on high-spenders).

Developers might use data from these middleware companies to further refine their game (players might be getting overly frustrated and dying at a particular point, indicating the game might be too difficult) or their monetization strategies (prompting in-app purchases -- such as extra lives -- at such a point of difficulty). But our data is not just valuable to video game companies in fine-tuning design. Increasingly, video game companies exploit this data to capitalize user attention through targeted advertisements. As a 2019 eMarketer report suggests, the value of video games as a medium for advertising is not just in access to large-scale audience data (such as the Unity ad network's claim to billions of users), but through ad formats such as playable and rewarded advertisements -- that is, access to audiences more likely to pay attention to an ad.

Really interesting! a

[oldgraybeard]

real life Psychohistory(asimov) data set?

Re:

[Catvid-22]

Too narrow to be the psychoHistory of knownSpace(niven), unless it's going to be the futureHistory(heinlein) of theMeta.

This is why I never upgraded pass my Atari 2600

[jfdavis668]

Game cartridges can't spy on you.

Re:

[Catvid-22]

Well, any offline game shouldn't spy on you after the initial purchase or download, both of which you can anonymize fairly well if you're not after spy agency anonymity. Many open-source online games also provide reasonable privacy above the IP address level, good enough if you're on a dynamic IP setup with no crypto to lose in case your machine does get compromised. I'd recommend something like Wesnoth (online/offline) or one of those many Quake mods. I'll stick and click to my tetrominos [wikipedia.org] and Tux the pengu

Old games are best

[AndyKron]

Tetris never did that and I'm glad

Re:

[aerogems]

Everything is just a rip-off of Pong!

Everything spies on you

[TheNameOfNick]

and will continue to spy on you until it becomes illegal to do so and chief executives do prison time for it.

Re:Everything spies on you

[alvinrod]

There's no guarantee of that if the government views it as a convenient way to sidestep laws or regulations against spying on citizens themselves. Just have the companies collect the data and then get it from those same companies.

Outlawing this requires people to value and care about their privacy and judging by how many people willingly give it away to companies like Facebook it's hard to imagine any kind of real popular support on a large enough level for it to become a reality.

Re:

[gweihir]

Yes, pretty much.

Wait which is the most evil?

[thegarbz]

Activision soon to be owned by Microsoft.
Epic, who harvest your data for it's 48.8% owner China. Err I mean Tencent
Or EA, because... well it's EA.

Re:

[waspleg]

I vote Epic. MSFT/EA has a sordid history but it doesn't include genocide, organ harvesting, etc.

Re:

[gweihir]

MS/EA just had lack of opportunity...

This is why

[robinsonne]

This is why I stopped playing anything made my EA or Activision (never played Epic games) a long time ago. They've always wanted wanted lots of data and never used it for good (like bugfixes).

Re:

[fazig]

The beware of any game that uses achievements.
Because that's pretty much how it started to become a popular thing. Have players complete some specific or random shit in the game and then award them with a nice little achievement icon that they can share with their friends, signifying the actions they've taken in the game with a time stamp.
It doesn't even need to be an online game, where the ones hosted on remove servers that weren't owned by the players, did it right from the start in the 90's already.
It

Dating Apps are worse

[gurps_npc]

They ask you a ton of questions, try to connect to your Facebook, all the while charging you for it.

Some (Bumble) ask to get your GPS location rather than allow you to enter a city.

Honestly, most people would accept the huge invasion of privacy if they WORKED, within a single month. But they do not.

"Unnerving"?

[jenningsthecat]

Anyone who finds this news surprising, or sees it as being any more distressing than what Facebook, Google, Microsoft, consumer electronics companies, and countless others have been doing for over a decade, must have been living under a rock. Incrementally, it's just a small blip, and was utterly predictable anyway.

Re:

[thegarbz]

I see it as distressing. Facebook, Google, and MS are under scrutiny for privacy under EU law. EA and Tencent (who own half of Epic) are not.

GDPR

[Alain Williams]

Collection of this is not necessary for game play so the user should be asked if they want to allow it to be collected and should be able to play the game even if they say "no". The games companies might like the metrics, but they are not entitled to demand them. They currently just take them, sooner or later someone will take them to court.

Re:

[Anonymous Coward]

Of course they are asked. It's part of the initial signup. Maybe not at the smaller companies, or an indie title, but the big publishers have armies of lawyers breathing down the engineers necks to make sure the company is not exposed to these kinds of things, PII is not kept, account deletion has the proper workflows etc. Do they do everything that's legal and still grants an advantage? Yes. Would they knowingly expose themselves to a violation, fines, courts, bad press etc to find out which part of

Re:

[gweihir]

Not only that. It must be "off" by default and the game must be fully playable without it. Otherwise it is not compliant with the GDPR.

Re:

[thegarbz]

The problem is enforcement. The EU is a slow moving monolith when it comes to investigating issues such as this with wealthy companies. Look at the GDPR's clause for terms changes post purchase. It is blatantly a breach of the GDPR for Facebook to demand Facebook accounts for Oculus users years after they first bought their headset, and yet here we are still required to log in.

A law is only as good as its enforcement, as everyone speeding down our street totally not at all doing 30km/h will tell you.

Re:

[account_deleted]

Comment removed based on user account deletion

This is the scary future of consumer systems

[schwit1]

This is one of the reasons that right to repair is such a threat to the auto industry.

They not only want to monitor the users, they don't want you to be able to know what data is being collected or use it yourself or turn it off.

Dark / Genocide Path

[IonOtter]

Everyone who chose the "bad" choices and decided to become "evil" is probably going to be a little nervous about this news? But if they made those choices as part of multiple playthroughs, where they try different routes each time, then not so much.

The folks who made the "evil" choices first - and only playthrough - should probably be worried they'll be picked up as potential political candidates.

Fearmongering / Scope

[RegistrationIsDumb83]

This article is dumb, manufactured fearmongering, and I say that as someone generally concerned with my privacy. Game analytics are the ideal case of analytics - data systems contained in one product scope, designed to improve that product, and of no value doing anything else. The article cherry picks some insurance survey as a 'game' but that's just not what happens. This isn't Nvidia collecting every exe name and sending it (which is a problem imo), this is per-game 'what part of the map are people getting stuck on.'. Let us wish all analytics are as restricted in scope as this is.

Re:

[thegarbz]

This isn't Nvidia collecting every exe name and sending it

You're grossly misunderstanding. It very much is what you describe, and worse. Epic, Activision, EA, each requires running additional software on PCs ala their own stores. Each hoovers up data completely fucking irrelevant to your running game. Shit man Epic was actually scanning you system for installed copies of Steam and then duplicating the contacts from steam into your Epic account all without asking, an account of course 48% owned by Chinese Tencent.

This isn't any more "analytics", than MS requiring a

Re:

[fazig]

Your brain just turns off when someone mentions Epic, doesn't it? All because they took your precious Rocket League away.

Re:

[thegarbz]

Never played rocket league myself. Though I figured on Slashdot of all places you wouldn't support the idea of a company buying a game that used to run on linux and making it windows only.

But I have three questions for you:
1. What have I said which was incorrectly / not independently verifiable with even a cursory search.
2. Why do you think a company's objectively bad practices revolve around a single game rather than the many games they affect.
3. From your vast experience, what does Tim Sweeney's cock actu

Re:

[fazig]

You've become an Apple apologist over this. Like those people who hate Facebook and Twitter, but if someone mentions the EU not doing something against their practices, suddenly Twitter and Facebook are the paragons of freedom.

It's Tucker Carlson grade bollocks. Maybe one day you realize it yourself.

Re:

[fazig]

To be fair, if the game isn't source available, there's no higher degree of certainty what's in the code.

They could virtually record, process, and transmit anything. What do you think a savegame function goes?
It can be just some fun metrics, like in some choice based games that show you at the end what percentage of other players made the same choices or different choices. Fun stuff, for most people. But unless you have insider knowledge, you can't know what else they collect, while they have you agree t

Testing in production

[EpeeTouche]

"One tool -- essentially Uber for playtesting -- allows companies to outsource quality assurance testing" - so they are testing in production. Why would you ever buy a game that has just been released?

This is very true

[Sharlos]

I worked for the largest digital media advertiser outside of FB and Google in a role central to their strategy. The vast majority of purchased data was coming from mobile app games, and IAB (that thing the EU court found to be invasive of your privacy). These articles give me hope that we will actually be able to combat the marketers methods.

Depends on the use

[tlhIngan]

It depends on the purpose and why it was collected.

Multiplayer games have been doing it for decades now as a way to get heatmaps of deaths and other things. It's how they re-balance weapons and such. Sure sometimes it's based on user reports, but those reports are analyzed with actual analytics to see if it's true.

it's also used to identify cheaters because their behavior will stick out like a sore thumb based on where you get your kills and how - if you're making impossible shots, they show up in heatmaps of your kills when overlayed with everyone else's.

And yes, even single player games often need it - because "getting stuck" is a common issue, and last thing you want is someone who gets a half hour in, gets suck, and turns off the game for good and leaves a negative review. If a lot of people are getting stuck at the same point, then providing a patch to give assistance might not be a bad idea. Heck, it's why games often have a save point right before a hard boss fight - not because the devs were nice, but because they saw people dying, respawning at the original point, having to fight through all the old corridors again and finally getting to the boss fight and dying. Only so much going through the same old stuff over and over again before you turn it off for good. So why not put a save point right before.

Of course, there are also terrible uses for the data, and we all know what they are, so no need to say them.

And yes, in an era where games are a dime a dozen, alienating your audience is the kiss of death for most of them - once the game is turned off out of frustration, most players will never return. Sure a tiny tiny minority of games attract rabid fanbases that are dedicated to the hard core nature of the game, but the vast majority of games do not have the luxury nor the payoff to be worth it. Steam provides me with new games for under $10 every week, so I have plenty of OTHER games I can play if it feels like you're wasting my time.

Re:

[_observer]

Yup, for game-play rebalancing, it's been around for a long time. I'm pretty sure I remember it be used in Half-Life 2, 17 years ago. The devs knew where players were getting stuck and could make small changes to keep the game fun.

Re:

[cas2000]

And yes, even single player games often need it - because "getting stuck" is a common issue, and last thing you want is someone who gets a half hour in, gets suck, and turns off the game for good and leaves a negative review. If a lot of people are getting stuck at the same point, then providing a patch to give assistance might not be a bad idea.

There's nothing wrong in principle with that, as long as it's opt-in or, at the very least, opt-out and opting out actually works.

Every game, in every program, ever

Protip

[plate_o_shrimp]

Protip: assume anything and everything connect to the Internet is spying on you

Priracy!

[Gravis Zero]

Just one more reason to get the pirated version of the game and play offline.

And this is why you should reject TPM, pluton, etc

[Austerity Empowers]

Many games already are invading various parts of your system acquiring data they have no need to access, or are being used for purposes that are not in your best interests. It is entirely possible, because I've done it, to filter and spoof the data those various processes are using and return sanitized and meaningless data. It has no impact on gameplay because none of that is necessary for gameplay. In fact you can do this for any application running on your system, and you probably SHOULD do this.

Unfortunately under the guise of "secure computing", it may be very difficult or even impossible to continue doing this if you allow the devil into your home. The single value of a security chip on your PC is to ensure that only software *you* authorize is running, unfortunately the way it's being pitched to developers is only software *they* authorize, taking control of your PC from you and giving it to people who don't have your best interests at heart.

Re:

[blahplusplus]

unfortunately the way it's being pitched to developers is only software *they* authorize, taking control of your PC from you and giving it to people who don't have your best interests at heart.

Not going to happen, the average computer user took up client-server software over the last 23 years with mmo's (aka rebranded PC rpg's with stolen networking code) the game industry has been stealing PC games on an industrial scale from a stupid and computer illiterate public. Not only that windows 10 is the first client-server OS.

As anyone who has basic computer knowledge, knows client-server software is the ultimate security risk, you've lost control of your PC. As valve, EA turned the internet into th

When I became a man ...

[Potor]

... I put away childish things. Life is simple if you let it be.