One of the games I am about to release does some anonymous stat tracking of things like average length of a game session, average time between deaths, amount of times someone triggered a mine etc. It's not personal data to my mind and I'm just tracking it to watch for game imbalances, catching problem areas, things being too easy or too hard, etc. However, with these strict EU rules on data collection etc I left this stat tracking disabled by default with an option to enable it in settings with some text saying basically it would be kind if you turned it on.

Some people are telling me that I should have it enabled by default and some even say don't even have it as an option, it is fine to track this data - especially as I've made sure there is no way to tell which players any data comes from. Another person made the point that if tracking this data without consent is illegal then everytime someone finishes a run and it submits their highscore to database then it is surely just as illegal... x_X

Any words of wisdom here?

On 7/24/2018 at 5:59 PM, David Burford said:

Any words of wisdom here?

If you're in the EU talk with an attorney who is comfortable with the law.  If you're not in the EU but probably will travel there, also consider talking with one.  If you're based in the US or another country that doesn't particularly care about EU policies and you aren't planning on ever traveling there, you might consider ignoring it.

In addition to this, they should also review all your other legal documents like EULA, web site TOS, cookies statements, etc.  

On 7/30/2018 at 2:53 PM, frob said:

If you're based in the US or another country that doesn't particularly care about EU policies and you aren't planning on ever traveling there, you might consider ignoring it.

Whether you ever step foot there doesn't matter. The regulations apply to any company doing business there. If you sell in Europe via Google Play, iTunes, Steam, etc, you need to comply -- the alternative is to blacklist the EU from your sales platforms, which is totally doable. 

(Also, plenty of US states will accept penalties determined by foreign courts and allow recovery via local law enforcement. So not stepping foot somewhere isn't a shield.)

The GDPR covers personal information. IP addresses do count as personal information, as they can be tied to an identity, so don't log them. Anonymous gameplay statistics probably don't count (but best check that with someone who's actually read the GDPR legislation). 

Imo, don't send anything from someone's machine unless you have explicit permission to do so. Not everyone wants to be a beta tester for your game.

Consider this analogy .. you pay a housekeeper to come in and clean your house. Would you be happy if your housekeeper talks about the layout of your house, where you keep your money / valuables to her family around the dinner table when she gets home, with her son being a burglar? I suspect you would not, and that you would have an expectation of privacy.

Someone's computer / phone is like their home, they expect privacy and don't want you sending information from it, unless they explicitly give their permission and it is something that benefits them.

The fact that so many developers / companies don't understand / feel the need to comply with this simple etiquette is disturbing, and the reason why these laws have had to be brought in.

20 minutes ago, lawnjelly said:

Consider this analogy .. you pay a housekeeper to come in and clean your house. Would you be happy if your housekeeper talks about the layout of your house, where you keep your money / valuables to her family around the dinner table when she gets home, with her son being a burglar? I suspect you would not, and that you would have an expectation of privacy.

I think in this analogy, the housekeeper would be reporting information such as how many tiles he scrubbed and how long that took, the amount of time spent hunched over, the number of pairs of gloves used -- data relevant to the performance of their own activities. I would expect a housekeeper to be taking note of such things so they can be good at their job.

The housekeeper reporting where you keep your valuables would be akin to an Android game installing malware to sniff your internet banking passwords, which yes, is obviously immoral.

19 minutes ago, Hodgman said:

I think in this analogy, the housekeeper would be reporting information such as how many tiles he scrubbed and how long that took, the amount of time spent hunched over, the number of pairs of gloves used -- data relevant to the performance of their own activities. I would expect a housekeeper to be taking note of such things so they can be good at their job.

The housekeeper reporting where you keep your valuables would be akin to an Android game installing malware to sniff your internet banking passwords, which yes, is obviously immoral.

But surely that decision is not yours to make? That is the point. You may think that the information is not something that the house owner cares about, but you may be incorrect.

And there have been several instances where at the time a developer has innocently thought that collecting data was innocuous, but in retrospect there could have been sinister use of the data. See recent cases against facebook.

For example, your housekeeper keeping such records. If I was a burglar, from your 'innocent data', I could work out that the house in question has a certain number of bathrooms, how often they need cleaning (how often there were people in the house?), and whether they had enough money to hire a housekeeper. All this could give me a fair idea of how to pick targets.

Ask once, the first time the game is started, and then allow the user to change their choice through the settings menu.  You are more likely to get permission if you politely ask than if you wait for the player to give you permission on their own.  And, yes, you do need permission before collecting any information from me.  I generally give permission for the collection of harmless analytics, but if I catch a program connecting to the internet without my permission, then I'm going to assume the worst.