4 Ways to Protect Your Privacy When Playing Online Games

The Call of Duty: Modern Warfare II open beta kicked off last weekend and players are giving their first impressions of the game mechanics via social networks(Opens in a new window), the company that publishes the game, Activision, collects their data and uses it to sell products. It’s no big secret, as the company outlines its data collection and retention policies in its privacy policy.(Opens in a new window).

Activision’s privacy document is comprehensive, but it’s written in an easy-to-understand manner and contains links to help users opt out of their targeted mobile advertising program. In the past, I have asked readers to review privacy policies before using mobile apps. Here I tell online gamers the steps to keep their data private while playing.

Why Game Developers Want Your Data

As noted by authors from the Brookings Institution in an article examining data-driven video game design(Opens in a new window), today’s game companies collect a lot of data about their players to improve everyone’s gaming experience. In the case of Activision, the company notes in its privacy policy that gamers should expect surveillance with respect to their in-game chats or voice communications, as these may be monitored for anti-trust purposes. cheat, anti-fraud and anti-toxicity. .

If you play an Activision game and simultaneously run other software on your gaming device, Activision may monitor and record that activity. My first reaction to this kind of follow-up was negative. However, a quick search on Twitter(Opens in a new window) give rise to complaints of Call of Duty: Modern Warfare 2 players regarding others using software to cheat during the open beta. I think anti-cheat monitoring is necessary for everyone to have a fair and fun gaming experience, so I agree with that kind of in-game observation by the company.

How Game Companies Collect and Lose Your Personal Information

I have less of an issue with game companies monitoring player activity and more with the amount of data that companies dungeon on their players. The more information companies keep about players, the more data there is for hackers to steal during inevitable data breach incidents.

Earlier this year, a criminal breached the Neopets database, potentially exposing payment and personal information related to nearly 70 million accounts. In a statement, the Neopets (Opens in a new window)The website confirmed the hack and informed users that the stolen information could include the following: “…data provided when registering or reading Neopetsincluding name, email address, username, date of birth, gender, IP address, Neopets PIN code, hashed password, as well as data about a player’s pet, gameplay and other information provided to Neopets.”

Online security research site TechRobot recently published a report(Opens in a new window) analyze the privacy policies of major game developers. TechRobot found that more than half of the online game developers surveyed in the study keep data about gamers they play with, and nearly 90% of game companies collect information gleaned from in-game chats.

The most egregious data collector in TechRobot’s report is Riot Games, the company behind the hugely popular free-to-play title League of Legends. Riot Games last reported a data breach in 2013, when approximately 120,000 transaction records were viewed. I looked at the privacy policy of the game(Opens in a new window) and confirmed that Riot Games automatically collects information such as a player’s IP address, geographic location, ISP, and chat logs. Riot also collects any information players voluntarily provide, such as demographic information, hobbies, favorite games, and contact lists.

Riot collects a lot of personal information, and that’s exactly the kind of stuff bad actors want when they’re planning their impersonation schemes. Following a data breach, it’s easy for criminals to combine all of this disparate personally-identifying information to create a victim profile. Scammers then use these data profiles to impersonate their victims and open lines of credit in their name or create fake social media profiles used to scam people on their contact lists.

How to protect your data when playing online games

Below are a few ways to reduce your online data footprint while still playing the games you love:

1. Unlink your social media accounts. Many game companies, including the ones I mentioned above, monitor all of your in-game communications, which sometimes extends to social media posts. For example, in accordance with their privacy policy, Riot Games collects social data from users who link their Facebook accounts to their Riot Games accounts.

2. Use a VPN while gaming. A VPN is a privacy tool that can hide your IP address, thereby hiding your geographic location and changing your DNS information. Keep in mind that some games prohibit players from using the VPN for location-locked release dates or region-locked game items. Since latency and speed can be affected by usage, we’ve put together a list of the best VPNs for gaming.

3. Use a password manager to create and store your game account credentials. When the gaming company’s servers are hacked in the future, you’ll rest easy knowing that you’ve created a unique password for that gaming account, so your other accounts aren’t at risk of being compromised by hacks. reused passwords.

4. Enable multi-factor authentication on your account. MFA secures your account by ensuring that hackers need something you own (like a hardware token or cellphone) or something you are (like your fingerprint) in addition to something you know (like password) to access your account details.

Do you like what you read ? Get an additional SecurityWatch story delivered to your inbox every week. Sign up for the SecurityWatch newsletter.

What else is going on in the security world this week?

This malware can infect your PC with more than 20 malicious programs. The NullMixer malware can simultaneously download a large number of Trojans onto a PC, according to antivirus vendor Kaspersky.

UK police may have arrested a hacker behind the GTA 6 leak. London police say they have arrested a 17-year-old on suspicion of hacking.

Twitter: Our password reset feature failed to log users out of devices. He blames the now-resolved issue on a bug accidentally introduced last year.

Meta sued for tracking iOS users even though they unsubscribed. The lawsuit also claims that the Facebook app violates state and federal laws.

Use the Google app to request removal of search results containing personal information. Removal of search results can now be requested via Google’s Android app for certain users.