Trend 1: Big Data and Privacy
Today, data is collected by every digital transaction, whether it be a credit card purchase, a text, a Google search or a keystroke. This data is used to predict behavior and reveal preferences. However, with big data, comes big questions about personal privacy which will likely continue to amplify over the next decade with the emergence of the “the internet of things” (IoT), wearable technology and the continued expansion of digital media.
However, recent massive data breaches, like the hack of 40 million Target customer accounts; the hack of 200 million credit files on Equifax or Facebook’s Cambridge Analytical data scandal that involved using the personal information of 87 million people for political purposes, has highlighted that personal user information is big business. The economic model underlying the eSports ecosystem, including keystrokes to online streaming behavior, is anchored in collecting and monetizing the information of participants and fans. The result: eSports faces the same risk as Facebook. An early example of this risk is when the E-Sports Entertainment Association (ESEA), a private company that runs eSports tournaments, had hackers release the stolen emails, private messages and phone numbers of 1.5M accounts (Vanian, 2017).
The result of these data scandals led different jurisdictions to respond with personal privacy legislation that had far-reaching implications on any company that collected user information. For example, the European Union’s General Data Protection Regulation (GDPR) defines personal information and establishes the age of consent at sixteen. This creates a significant challenge for game publishers whose games involve younger players. Moreover, the GDPR requires that companies ensure all personal data is available to the user on demand. The data protection provisions of the GDPR are significant and less than 2/3rd of global companies were complaint six months after its introduction (Perez, 2019). The California Consumer Privacy Act (CCPA) created similar, but different issues. For example, eSports companies must obtain explicit consent to collect and monetize biometric data, such as keystroke patterns, click speed and logon/logoff times of users (Perez, 2019). This is because the CCPA defines biometric data as personal data, whereas the GCPR does not. This jurisdictional incongruence creates challenges for global companies who operate in multiple jurisdictions.
Therefore, the eSports ecosystem faces the same significant technological, social and political challenges as social media companies. In both cases, the monetization of user information is the anchor of their economic model. This issue becomes far more difficult to manage with the divergence of privacy policies across different jurisdictions. Regardless, global eSports companies must comply with a patchwork of privacy policies at the local, national and regional level. Thus, one of eSports greatest strengths, its ubiquitous global reach, may emerge as its greatest burden.
Summary
- •
New privacy legislation is impacting the ability for eSports to collect and monetize personal user information.
- •
The inconsistent patchwork of laws makes global compliance a significant challenge for eSports.