The Information Commissioner’s Office (ICO) has issued a series of recommendations to game developers to help ensure they protect children when playing their games and comply with data protection laws. The recommendations are based on the ICO’s experiences and findings during a series of voluntary audits of game developers, studios and publishers within the gaming industry.
These recommendations will ensure that games conform with the Children’s code and should assist design and gaming communities embed data protection considerations when designing gameplay.
The Children’s code is a code of practice for online services likely to be accessed by children, and explains how the UK’s General Data Protection Regulation (UK GDPR) applies to children using digital services.
The information issued includes recommendations for games designers and providers to ;
- identify if players are under the age of 18 with a reasonable degree of certainty, and discourage false declarations of age;
- ensure that games are not detrimental to children’s health and well-being, by including checkpoints and age-appropriate prompts to encourage players to take breaks from extended play or help them to disengage from extended sessions without feeling pressurised to continue playing or becoming fearful of missing out;
- turn off behavioural profiling for marketing by default. If a child chooses to opt into receiving ads, you should implement measures to control or monitor product placement, advertising, or sponsorship arrangements including within community servers, where children can access community servers from within the game
- discourage the use of “nudge techniques” to encourage children to make poor privacy decisions, including reviewing the marketing of social media competitions and partnerships to children and the encouraging of children to create social media accounts for fear of missing out on rewards.
Top tips for games designers – how to comply with the Children’s code | ICO