Unnecessary Online Connections: Ubisoft Faces Privacy Concerns

A growing issue in the gaming industry revolves around mandatory online connections for offline games. French game developer Ubisoft has drawn criticism for requiring PC users to log into an account before playing purchased single-player titles. Despite these games being designed for individual experiences, such as the popular Assassins Creed, Far Cry, and Prince of Persia series, players must connect to the internet prior to launching their games. One gamer encountered this issue firsthand when attempting to play "Far Cry Primal" offline after purchasing it on Steam, only to find that the game demanded an active Ubisoft account.

Data collection practices have also come under scrutiny. A tech-savvy user sought transparency by filing a request under Article 15 of the GDPR to learn more about Ubisoft's data tracking methods. The company disclosed details such as unique identifiers and gameplay patterns, revealing how long the game was active and when sessions ended. Further investigation uncovered alarming findings: during just ten minutes of gameplay, the software established connections to external servers 150 times. Notably, data was shared with major entities like Google, Amazon, and Datadog. Ubisoft defends its actions by citing ownership verification and enhancing user experience through third-party analytics tools, yet no explicit consent is obtained from users for this extensive data processing.

Privacy advocates argue that such intrusive measures are unnecessary and potentially unlawful. According to legal experts, if owning the game confirms purchase legitimacy and an offline mode exists, collecting personal data without consent violates GDPR regulations. Instead of default data transmissions, Ubisoft could offer optional bug reporting or seek explicit permission for improving game quality. Lisa Steinfeld, a lawyer specializing in data protection, highlights the financial burden gamers already bear and criticizes companies exploiting privacy for profit. As a result, a formal complaint has been lodged with Austria's Data Protection Authority (DSB), urging them to declare Ubisoft's practices illegal, demand deletion of improperly collected data, and impose significant fines based on the company’s substantial revenue figures.