Video game developers can collect our data, and for now, they can sell it to advertisers. But that may not be as easy in the future due to California’s new data privacy law. On this week’s Kotaku Splitscreen, we do a follow-up episode after last week’s analysis of the state of gameplay data and privacy.
First, we talk about games we’re playing.
Jason and I are both playing the Switch port of the Phoenix Wright trilogy, and Kirk and Jason are both dabbling in some Destiny 2. Jason is also playing more of the massive Assassin’s Creed: Odyssey, and when Kirk isn’t comparing Rage 2 and Doom, he’s running into unexpected dragons in Monster Hunter World.
We wrap up with off-topic talk (1:11:55) and Kirk’s music pick.
Get the MP3 here, or read an excerpt below.
Jason: I imagine that from a practical perspective, assuming that [tech companies] go with a national legal standard as opposed to giving Californians more privacy rights — assuming they go the route of “All of our users will have X” — this effectively is the entire tech industry, because the bulk of the tech industry is based in California in Silicon Valley.
So if Facebook and Google and Twitter and all of these websites that we use regularly have to abide by this law, that is probably a good thing, right?
Kirk: I think that even if Twitter and Facebook, or if there were a tech company outside of California, if California passes the law, it applies to people who live in California. And so many people live in California that, regardless of where the company is based, they would have to abide by the law.
Or do a separate thing where people in California get a special EULA, which doesn’t seem like that’s gonna happen.
Maddy: But how much money are those companies making from selling that data, potentially? And would it actually be more practical for them, in the event that the California law passes, to make a separate set of privacy agreements for every other person in every other state to agree to? Then they could sell all of those people’s data, and that would be still be legal.
That’s probably in their best interest, but again, it’s a black box to me. I don’t have a sense of how much money they’re making from selling this data, because obviously they know how unpopular it is to publicise that kind of information.
Jason: Part of the point is to obfuscate all of this and to make it so you don’t really know. And the other element of this equation is that you just have to accept these things by default. You have to go through the terms of service, and if you don’t hit “yes”, then you can’t use whatever it is you want to use.
It’s not like the consumer has any leverage at all in cases like this. If these companies can fuck over anyone who doesn’t live in California, they don’t have a lot of incentive not to do that, unless there’s more strict regulation on a federal level.
Maddy: But why would there be?
Kirk: To be clear, California passed this law. It goes into effect in 2020. In the interim period is when there’s a whole scrum to see if a federal legislation can be passed, or if other states can follow, and what the landscape’s going to look like afterwards.
I’m reminded of this article by Ian Bogost, the game designer and academic who made Cow Clicker, which is that funny Facebook game... He got all this data that he didn’t even want, just because he made an app for Facebook.
It was really good and had a whole lot of interesting points about how the way that these apps work and how a lot of the apps that run through Facebook aren’t running in Facebook, and yet you see them in Facebook, so you think, “Oh, this is safe, because I’m in Facebook!” But you’re not. You’re just on some other app page.
One thing that he pointed out is the thing that you just mentioned, Jason — how you have to agree to those terms of service at the very beginning, and how that’s a really fucked up thing. I feel like if I were writing legislation on this, that would be one of the things I would go after, because it’s not something we think about any more.
But you shouldn’t agree to anything before you even use the app. You don’t even know what it is, or what service it provides. Maybe you downloaded it and you just have no idea, and you’re already agreeing to the huge complicated terms of service for the use of it. It seems like you shouldn’t have to do that until later, and they shouldn’t be allowed to enforce it until later.
We see anything like that, and we just think, “Well, I guess I have to agree to do this thing I want to do, so I agree. All right, moving on!”
Maddy: It’s just another box you click as you’re installing the app. You don’t even register it as being a thing you’re agreeing to, at that point. At least, I don’t.
Kirk: Right, we take it as a matter of course.
Jason: What I wonder is how much of this is going to start changing as more and more boomers start dying in Congress and they start being replaced by people who actually know tech, have a sense of what a website is, actually use a computer regularly.
And I wonder how many of these conversations will actually start to become, “Yes, we should federally regulate these things,” because our government is no longer being run by people who share memes on Facebook and post on brand pages and that’s the extent of their use of the internet.
Maddy: But I think it’s more dependent on whether or not the people making those decisions ethically agree with the decision to sell people’s user data to advertisers.
And there are certainly people who believe that that is completely fine, and that the free market should do what the free market does, and if advertisers can buy that data and it’s available to them, why not? It’s just ad targeting, and it’s completely fine, and leaks happen, and whatever.
Basically, it just depends on whether or not the people who are government officials at that mysterious point in the future when it’s all young people who understand technology, whether they believe that technology should be regulated in that way. I don’t know that they will believe that. It depends on who we all vote in.