YOUR
Search

    15.11.2018

    “GDPR everywhere”: computergames and data protection


    In his keynote on our conference “More Tham Just a Game” Prof. Dr. Michael Ronellenfitsch, Commissioner for Data Protection and Freedom of Information of Hesse, talked about the EU General Data Protection Regulation (GDPR) and the different approaches of German data protection authorities in case of violations of data protection law. While the data protection authorities in the Northern states of Germany were very strict in the interpretation of applicable regulations, interpretation in the

    South of Germany was somewhat more liberal so that, after all, it does make a difference which data protection authority in Germany is responsible for a company.

     

    The subsequent expert panel discussing the topic “GDPR how you never knew it” consisted of Mike Atamas (Company lawyer with Epic Games), Prof. Dr Michael Ronellenfitsch (Commissioner for Data Protection and Freedom of Information of Hesse), Susanne Klein, LL.M. (Partner with BEITEN BURKHARDT), Darya Firsava (Company lawyer with Wargaming) and Beata Sobkow, LL.M., CIPP/E (Lawyer with Harbottle & Lewis). The panel was chaired and moderated by Dr Andreas Lober, Partner with BEITEN BURHARDT.

     

    The effects of the GDPR are clearly noticeable in the games industry just as in any other sector. And the game providers have reacted: As Epic Games wishes to provide users of the online game “Fortnite” all over the world with the same gaming experience, according to Mike Atamas, one of the effects of the GDPR is that Epic complies with its strict requirements around the world, irrespective of whether the player concerned plays in a EU member state or not (“GDPR everywhere”).

     

    According to Mike Atamas the GDPR is among the strictest data protection legislations in the world, only South Korean data protection regulations are even stricter. Further, the GDPR provides data subjects with more possibilities to assert their rights. This was also confirmed by Susanne Klein of BEITEN BURKHARDT. The data subjects had a clearly greater awareness for data protection issues  and the rights they are entitled to than before. That is why, since the entry into force of the GDPR, data subjects have increasingly asserted their rights also vis-à-vis games enterprises, e.g. their right to information pursuant to Art. 15 GDPR, which could in many cases result in collisions with entrepreneurial interest in the protection of their business secrets. Beata Sobkow of Harbottle & Lewis and Darya Firsava of Wargaming agreed to this observation.

     

    This is, in particular, reflected in the field of anti-cheat measures. By way of asserting GDPR claims, users would increasingly request information on anti-cheat mechanisms implemented by the games companies, said Darya Firsava. But according to Firsava of Wargaming, such information was not made available as from Wargaming‘s point of view such information constituted trade secrets. In fact, at Wargaming such information serves to identify some 70 percent of all users of cheat software, said Firsava. Disclosure of such information would, thus, present a risk for the games companies.

     

    Another topic was the legal admissibility of personalised advertising in mobile games. Darya Firsava of Wargaming reported in this context on her work at Wargaming with respect to the promotion of own products and the difficulty in considering whether a separate consent of the user had to be obtained in each case or not.

     

    If you have any questions please feel free to contact Timo Conraths and Susanne Klein.

     

    How the Digital Services Act Can Help Enforce IP Rights
    There has been a lot of discussion about the EU's Digital Services Act (“DSA”) s…
    Read more
    [Translate to English:]
    ADVANT Beiten Advises Amphenol on Acquisition of Luetze Group
    Berlin, 16 October 2024 - The international law firm ADVANT Beiten has advised t…
    Read more
    E-Commerce Action Plan: Germany’s Strategy to protect Online Shoppers in the EU
    On 6 September, the German Federal Ministry of Economics and Technology (“BMWK”)…
    Read more
    Consent Management Regulation - Goodbye cookie banner?
    According to a recent study by Bitkom, 76% of internet users feel annoyed by coo…
    Read more
    ADVANT Beiten Advises Shareholders of Fischer Information Technology on Sale to Quanos
    Freiburg, 5 August 2024 – The international law firm ADVANT Beiten has advised t…
    Read more
    Update AI Act - the ten most important questions for users of AI systems
    After the political agreement on the AI Act was effectively announced in the media in December 2023, the now provisionally final version was adopted on 13 March 2024. The AI Act was approved by the Europea…
    Read more
    Artificial intelligence: what is more important than the AI Act?
    The EU recently passed the EU Artificial Intelligence Act (AI Act) with much fanfare. The Act is a milestone (see our blog post for more details). It is really relevant for providers and deployers of AI…
    Read more
    The Cyber Resilience Act: What You Should Know Now
    Almost unnoticed in the shadow of the AI Regulation, the so-called Cyber Resilience Act ("CRA") was passed by the European Parliament on March 12, 2024. This comprehensive law introduces extensive security…
    Read more
    Cloud, SaaS and edge business models under fire
    The EU Data Act came into force on January 11, 2024. Up to now, connected products have been the main focus of public interest. However, providers of cloud, SaaS, edge and similar services are also affe…
    Read more