Illustration of online gaming

The complete guide to online gaming privacy

If you play online gaming, you are probably being spied on. 

Privacy concerns may be inherent in the design of the game itself, such as games that require access to your webcam or microphone. Some companies sell any relevant information they’ve collected about you to advertisers, and others collect enormous quantities of data for their own purposes. 

It’s also difficult to know whether your data will be secure on the gaming companies’ servers, as previous data breaches have highlighted.

While you are probably happy to share some data with a company, other pieces of information can be used to build a profile of your habits and personality. This can then be sold to advertisers, who will bombard you with unwanted ads. Or, worse, it could be leaked in a data breach and used to steal your identity. Unfortunately, many bad actors are more than happy to take advantage of this opportunity.

This article outlines some of the issues surrounding online gaming privacy. At the end, there’s a list of steps you can take to mitigate your chance of becoming a victim.

9 risks to online gaming privacy

1. Camera and microphone access 

Many multiplayer games require mic access to communicate. Younger children especially may not realize the mic is transmitting everything they say. If someone happens to be speaking about personal information in the room, then that would be transmitted to whoever was listening. 

Likewise, many gamers stream their content for viewers online, exposing them to similar risks. If their personal information (such as passwords or location) are viewable in the background of the footage or on their desktop while screen sharing, then this can be stolen and put to ill-use.

Learn more about protecting your children’s privacy online(nouvelle fenêtre)

2. Location tracking 

Some games, such as Pokemon Go, track your real-world location(nouvelle fenêtre), sometimes to sell this information to advertisers. For example, if you frequent a certain clothing store and the game notices this, it can tell the advertiser to start showing you ads of that store’s clothing. This, in itself, would be a privacy invasion if you don’t consent, but the harm would be compounded if that same data were revealed by a security breach. You can mitigate both these issues by turning location tracking off if possible.

Ubisoft, for example, which owns the Assassin’s Creed and Tom Clancy franchises, says it respects privacy and security, and yet the company may record your playing habits(nouvelle fenêtre) at any time. They can also log your location and how much money you spend in-game. 

3. Poorly protected servers 

Hackers can breach any company’s servers without you making any mistakes of your own, which is why it’s important to limit the information you share online and familiarize yourself with the track record of companies that store your sensitive info. Perhaps the most infamous example of this was the Sony Playstation hack(nouvelle fenêtre). When hackers breached the company’s database, they got access to the personal information of over 70 million user accounts, including names, passwords, credit card details, and addresses.

4. Online gaming malware 

Malicious code can be inserted into the game itself, especially if it’s been pirated(nouvelle fenêtre). This code is used to access your personal information, such as login details, passwords, or even payment information. Beware of free games from unknown developers: They could turn out to be far more costly.

5. In-game ransomware

Many gamers invest thousands of hours(nouvelle fenêtre) in their video game characters. This is most common in massively multiplayer games like World of Warcraft. This is why many gamers have their accounts targeted: hackers know people will pay substantial sums to have access returned to them. Ransomware is typically injected when gamers buy third-party, unlicensed power-ups to benefit their character.

6. Keyloggers 

A keylogger is a kind of malware that records all your keystrokes to capture login credentials. Through emails or private messages, hackers posing as game developers may offer free content or access to a beta version of a new game. After falling for these phishing attacks(nouvelle fenêtre), a keylogger will record any passwords or login information you enter, giving the hacker access to your account. From there, they can steal your personal data or ransom your account(nouvelle fenêtre).

7. Unsecured WiFi 

Using unsecured public WiFi(nouvelle fenêtre) exposes you to risks if you enter your login credentials or credit card information. This risk is compounded by the fact that many gamers don’t use VPNs for fear they’ll slow down their connection speed, and thus worsen their online gaming experience (and additionally potentially face ISP throttling). However, it is worth mentioning that many VPN companies are even more problematic and compromised(nouvelle fenêtre) than the networks they seek to secure. It’s important to know the characteristics to look for in a trustworthy VPN provider(nouvelle fenêtre).

8. Phishing 

No matter the industry, phishing remains one of the most common forms of attack(nouvelle fenêtre). Typically an email is sent out posing as someone trustworthy, which encourages you to enter login information. However, if you do, whatever information you enter will be stolen and used to break into your account.

9. Not using 2FA 

Without two-factor authentication (2FA)(nouvelle fenêtre), your risk of getting hacked is much higher. Despite this, many game companies (and even enormous companies like Facebook and Google) do not require users to implement 2FA, leaving them vulnerable to many of the risks detailed above.

How to improve your online gaming privacy

The good news is that if you take online gaming privacy seriously, there are many things you can do to stay safe:

  • Seek out and utilize a trustworthy VPN provider that won’t contain malware or put your information at risk, such as ProtonVPN(nouvelle fenêtre).
  • Avoid using pirated versions of games from torrents. These may save you money (at least initially), but it will also make you significantly more vulnerable to malware and other online gaming privacy compromises. 
  • Be mindful of phishing attacks, including in-game. If someone you don’t know sends you links or attachments, do not click on or open them.
  • In your account, find the privacy settings and configure them to maximize your privacy, such as by turning off location tracking. In your security settings, turn on two-factor authentication if it’s available. 

Have you ever fallen victim to an online gaming scam? Are there any safety tips you use that you would recommend to the Proton community? Feel free to join the conversation on our social media channels.

You can follow us on social media to stay up to date on the latest Proton VPN releases:

Twitter(nouvelle fenêtre) | Facebook(nouvelle fenêtre) | Reddit(nouvelle fenêtre) | Instagram(nouvelle fenêtre)

To get a free Proton Mail encrypted email account, visit: proton.me/mail(nouvelle fenêtre)

Articles similaires

How to fix a 502 error
en
In this article, we explain what a 502 bad gateway error is and explore possible ways to fix it as a visitor to a website.
Watch Thanksgiving Day football with Proton VPN
en
Here's how you can live stream this year's Thanksgiving football games using Proton VPN, whether you're watching from home or abroad.
Where to watch Macy's Thanksgiving day parade
en
Here's how and where to watch Macy's Thanksgiving Day Parade live from anywhere in the world with Proton VPN.
What we've been up to, and what's next
en
Here are the main things Proton VPN delivered this spring and summer and the exciting changes that lie ahead on our product roadmap this winter.
Proton VPN for Windows ARM
en
  • Actualités Proton VPN
We’re pleased to announce a new Proton VPN app with native support for Windows devices that use the ARM chipset.
What is doxing and is doxing illegal
en
  • Vie privée, les fondamentaux
We look at what doxing is, who does it (and why), and at how to protect yourself from doxing .