Combatting spam and other attacks on their systems where the protection of said systems outweighs individual users' rights is PII processing that you explicitly do not need consent for under the GDPR.
This is called "legitimate interest".
Atemu
joined 4 years ago
Don’t know if this is the case with BattleEye
They leave it up to the game publisher; same as Proton support.
How is this ok with any privacy policy?
But you're looking at it? There's even a link to a (presumably) more detailed version? I don't know what else they'd tell you though; this read pretty clear to me.
Is there any way to not let this fucking “anti-cheat” (looks more like a trojan) to steal every single data from my activity?
None that won't get you banned.
I don't know why you make such a huge fuss about this. Stupid client-side AC has been the status quo in online games for how many years now?
This policy seems to be rather tame though:
- They only gather technical info
- It's only ever stored on their side if they suspect you of cheating. It even explicitly states that most people's data isn't stored.
- It's not shared with third parties or used for purposes other than cheat detection
If you wanna know what data they have on you, make a GDPR request. Based on this policy however, I highly doubt it's more than IP addresses (for which they have a legitimate interest) and player IDs (which aren't particularly sensitive PII).
An excerpt from the linked privacy policy:
Furthermore:
As trust is paramount when it comes to anti-cheat, we feel that it is important for us to clarify to all of our users that your privacy is respected and protected by us at all times. There has been a lot of misinformation posted on the internet about BattlEye in recent years and therefore we want to emphasize what exactly we are doing in an unambiguous way without confusing you with typical legal language.
While BattlEye needs to have full access to your system’s internals to have the capability to detect all hacks, we do not look at, check, transmit or even sell any of your personal information, data, documents, credit card details, passwords or similar. Our mission is to provide effective anti-cheat protection, not to spy on you. Besides, looking at your personal information does not help us reach the goal of providing a cheat-free environment in any way, so there is absolutely zero point in doing it in addition to it being immoral.
Like most other anti-cheat solutions, BattlEye has the theoretical capability to transmit flagged executable code to our servers for further review. This is needed to be able to discover and identify new hacks being used. However, for normal users that do not run suspicious software this should never happen and other than that we do not transmit any of your memory contents to our servers.
Finally, any data relating to you / your game account is always stored on secure servers. We usually only store data if there is some sort of detection and that includes your IP address, account/in-game name and possibly hardware serial information for identification. This is also mentioned in our EULA that usually comes with the games we support.
(Emphasis mine.)
Given that all of what they've written is legally binding for them aswell and that they're an actual company in a domicile with rather strict privacy laws (Germany) not in some an off-shore scam company, this is pretty trustworthy.
On that note, I just noticed that Battleye is an e.K. ("Eingetragener Kaufmann" ~= Registered businessman); this is a one-man shop O.o
If they fsck up legally, they're personally on the hook.
I didn't know that before and was still rather suspicious of them but, reading their privacy policy, they're actually kinda trustworthy in my book now.
If that's your stance, you don't need to worry about any of Kuketz' findings in LOS.
Note that, by its nature, µG "leaks" quite a bit more data to Google. It tries to do so as little as possible but it's still a helluvalot more than just pure LOS.
Sadly a necessity though.
Well, you're in luck then since everything listed in that article is very far away from critical data source such as touches, apps or microphone/camera.
The most "severe" data "leak" described IMO is the connection between public IP address and nearest cell tower for AGPS.
Actual severe data leaks start when you decide to install Google ~~Spy~~Play Services.
Edit: This is wrong, AGPS exposes the nearest cell tower together with your IP address. Still a very minor bit of info, even for Google.
To my knowledge, AGPS does not expose your location. It's a protocol to get satellite position data via IP instead of waiting for the satellites to send it to you at staggering 50bit/s.
At no point does location data leave your device here. It couldn't, actually, as you don't know where you are; that's why you're fetching the position data.
The only data it does expose is that your current public IP tried to download satellite data at time x. Not ideal as Google could technically mine a bunch of data out of just that but it's not a huge leak either.
What of it is supposedly not private?
What does "private" even mean to you? Private as in Firefox or private as in TOR Browser?
Did you ever figure this out? I'm having the same issue trying to connect a Nokia G60 with stock Android One ROM to two macs. Though only most of the time; rarely it just works.
Wow, that's peak enshittification.
Shh, don't give US lawmakers ideas!
If you want anonymity, you'd use TOR, yes. If you don't need quite that level of privacy but still more than a single hop of VPN proxy, a multi-hop can have some limited benefits such as making use of multiple domicile's privacy laws.