‘Twas the season for video games. And what better way to top up the coolest gift you gave over the holidays than with an accompanying list of privacy warnings for your loved one?
The practical concern
This past November Canada’s Privacy Commissioner released a guide for safe online gaming, and spoke about the unique privacy issues that arise from internet-connected gaming consoles that link to social networks and advertisers.
“And while chasing high scores and questing may be the name of most games, privacy considerations shouldn’t be an afterthought. As with any other online activity, how information is collected, shared and used by industry should be taken seriously,” reads the guide.
“You might ask – what kind of personal information is collected through online gaming? The answer is everything from names, addresses and credit card information for billing purposes, to email addresses and IP addresses, down to feedback rankings from others, digital images and personalized profiles.”
And while the guide contains many pragmatic tips – use strong passwords, monitor credit card statements, don’t share personal information when chatting with other players, and actively manicure your console and social network privacy settings – it fails to adequately flag concerns about third party access to your information.
In response to the FAQ “Who else do game companies share my personal information with?” it states, “The list of third parties may include: individual programmers under contract (anywhere in the world), financial institutions, online hosting or distribution services, call centers for technical and gaming support, Internet Service Providers, researchers, advertisers, marketers, and law enforcement and other state agents.”
What it doesn’t mention is that “other state agents” may include the US Department of Homeland Security, who in 2012 awarded a $177k contract exclusively to develop technology to extract data from foreign game consoles. Not only did Foreign Policy magazine cover the story, but so did Ars Technica, along with a useful list of how to clear your personal data off a console.
The slightly paranoid but legitimate conceptual concern
Moreover, as game consoles become more sophisticated, so does their capability to extract extremely personal information about users. Think far beyond credit card or billing information – think about the type of cognitive information that your behavior and physical actions belie.
The Kinect or Wii collects information about how you move as part of the player experience, but as Jeremy Bailenson of Stanford’s virtual Human Interactive Lab points out, the intel gathered by the console creates a digital footprint of you.
“As such, scientists throughout the world, including my team at Stanford’s Virtual Human Interaction Lab, are starting to study what the Kinect and other gaming systems reveal about you. I’ve been studying digital footprints—the behavioral residues left behind in video games and other virtual worlds—for almost 10 years. During that time I have collaborated with Fortune 500 executives, military officials, and educators. Our ability to automatically classify someone’s nonverbal cues—the essence of their identity, psychological state, and behavior—could prove extremely beneficial. It’s also not to be taken lightly.”
There’s currently little capacity within the consoles to analyze the data or will within the gaming companies to put this data to use, but that’s not going to last long.
Certainly there is some opportunity for positive outcomes in terms of diagnosing learning disabilities or illnesses of subtle physical degeneration. But ultimately the profit motives will far exceed the social good; the ability to target ads based on actual physical need is seductive.
Unfortunately, it seems unlikely that gamers will weigh these privacy concerns any higher than they have past negative gaming data about increases in aggression or simple daily productivity loss.
Regardless, where users lack the collective political wherewithal to assert their privacy rights, the Canadian government should on their behalf. The Canadian government needs to more actively protect its citizens from privacy violations, especially from countries like the United States, who are publicly developing the capability to collect data from foreign consoles.
The Privacy Commissioner’s report on gaming reads more like a disclaimer than it does a strong government policy document. And it’s far from legislating what gaming consoles and game-enabled social networks can and can’t do with user data.
So don’t get too excited about that new Wii you bought yourself for making it past the Mayan doomsday. Privacy Armageddon still looms!
Denise Brunsdon is a JD/MBA Candidate at Western University.