Ubisoft Accused of Sneaky Data Collection, Might Have to Pay Huge Fine
Well, it seems like gaming publisher Ubisoft just can't get a break these days. Adding to all the other problems, they're now facing a serious accusation that can make them pay an astronomical amount of money and further damage their reputation.
The Accusation: Disobeying Privacy Laws
The European Digital Rights Center, NOYB, has filed a complaint against the French publisher. They are accusing Ubisoft of infringing on the General Data Protection Regulation, or GDPR, a hefty set of rules on how companies process personal data in Europe. The source of the issue, NOYB claims, is that Ubisoft allegedly collected data on its players in the background, without their adequate consent, and then used that information for their own purposes.
NOYB has already taken action, filing a formal complaint with the data protection authorities in Austria to get this investigated.
How Did This Come To Light
This issue seems to have been found by a gamer. They seem to have been trying to play the offline single-player game Far Cry Primal, but could not get it to launch. This prompted them to wonder what the company was tracking. When they asked Ubisoft directly about what data was being collected, they were supposedly told it was just small things like game session length.
However, this player conducted their own investigation, and the reality was far from it. Their investigation supposedly showed that during a 10-minute period, the game connected to outside servers a whopping 150 times. And they were not even internal servers; giants like Google, Amazon, and Datadog were supposedly receiving this information.
Ubisoft's Response and The Stakes
Naturally, the player wasn't happy with what they found and complained directly to Ubisoft. The company's response, the report states, was to point back to the user agreement. They are quoted as having stated that they had to do these things in order to "improve the experience" and simply ensure that the player did, in fact, own a copy of the game.
NOYB is not buying that rationale. It is demanding that Ubisoft be held responsible for these alleged data handling practices. If the investigation is to find Ubisoft guilty of GDPR infringement as asserted, the monetary penalty is enormous – it risks being fined up to 92 million euros.
This episode is a stark reminder of how data privacy is being so closely watched, and the serious fines that companies can face if found mishandling user data.
