ZeniMax apologizes for Elder Scrolls Online spyware, says it was ‘erroneously added’ and will be removed [Updated]

    
80
Hey who here loves – nay, adores – officially sanctioned spyware? Lots of hands staying in laps, we see. You all sure? You aren’t secretly clamoring for studios to monitor your every action? Not even you Guild Wars 2 players?

Well, Elder Scrolls Online players aren’t too pleased at the discovery that ZeniMax is using a program called Red Shell to track where its players live and what they are doing as part of the game’s marketing effort. There’s a concerted effort on the forums to find the best way to either block or opt out of the spyware software for privacy reasons. The program also raises issues concerning Europe’s new GDPR laws, as players are not given the explicit option to opt in or out of the program, though that might be covered by the game’s privacy policy.

According to the Red Shell FAQ, the program “tracks device-based information about your” PC.

“We do not collect any personal information about gamers. We don’t collect names, emails, or addresses. Our service basically says ‘this computer clicked on a link from this YouTube video and the same computer played your game.’ We have no interest in tracking people, just computers for the purposes of attribution.”

The tracker is operating only on PCs right now, although allegedly the software will be available for consoles in the future.

Source: Official forums, Reddit. Thanks Mel!
Update: ZeniMax’s Matt Firor has an official statement out on Red Shell, apologizing for it and promising to take it back out – in fact, it was never meant to go in in the first place. Here’s what the studio sent to us:

My apologies for the confusion over the integration of Red Shell into ESO. Here’s what happened: we have been experimenting with a better way to link which advertisements and web content new players see to the eventual account that is created in the game. The ONLY purpose this would be used for is to determine from which origin points our new players come from, so we can better plan where to place advertisements and other web content. Existing accounts will never encounter this, as they are already created.

Several factors came together in Update 18 and Red Shell was erroneously added to the live build when we were still testing and evaluating it. It has never been active in ESO, even though the base tech is in the client – i.e. it was never enabled. So, we will remove it from Update 18, which will take place in the PC/Mac incremental build scheduled for this coming Monday (it was never considered for Console, so won’t be in Tuesday’s U18 launch). We never should have done this without giving everyone a heads up it was coming, and we will learn from this mistake.

That being said, we are still investigating how to use this technology in the future to grow and sustain ESO more effectively. When/if we do so, we will give everyone a heads up with clear instructions as to what it is doing, how it is doing it, and how to opt-out should you so desire.

Check out the patch notes on Monday for the notice that Red Shell has been removed from U18, and we will keep everyone posted – and again, my apologies.

Matt

 

80
LEAVE A COMMENT

Please Login to comment
  Subscribe  
newest oldest most liked
Subscribe to:
Reader
Diego Lindenmeyer

Just
“this computer clicked on a link from this YouTube video and the same computer played your game”

They must be kidding right? Pretty sure it collect more stuff .. Was not playing and just deleted the game xD

Reader
Kickstarter Donor
xanadox

Great, so they have “discovered” that a spyware has been added to their game, and their reaction is:

Let the spyware have 2 more days of data mining before we uninstall it.

Even supposing the spyware hadn’t communicate with red shell, it’s not what I would expect.

Reader
Michael

Everyone already has your data if you ever put it on the internet somewhere (Especially social media). It is too late. Move on.

Reader
Ittybumpkin

So because you have data out there already, you should just give up on it and not fight back? Seems like a silly standpoint to take. You should absolutely fight for your privacy instead of rolling over. and letting companies track your every action. It is also silly to think that all data holders share all their data about you to everyone. That data is considered valuable and they are not just freely giving it away, so you should not just be okay with more companies getting your data because some other company might already have it.

Reader
draugris

Yeah added unintentionally, of course…. As if they are unaware which code is added to their game and which isn´t. They must really think players are completely stupid.

Reader
Kickstarter Donor
xanadox

So if the begin to mine some bitcoins… they could use the same excuse ( we don’t control the code we run on your computers).

Reader
Alyn


All your privacy belong to US! Bad ZeniMax BAAAAD!

whowutwhen
Reader
whowutwhen

RABEL RABEL who really cares? Your data has been harvesting 1000 times already today. Lots of impotent outrage.

Reader
Jokerchyld

Exactly. Half the people here probably have no idea what is being collected from them on a daily basis.

Reader
Sana Tan

Yes but the excuse ” it’s ok because everyone does it” was never a valid one.

whowutwhen
Reader
whowutwhen

Thats not what Im getting at. My point is, this all is impotent outrage. Any one upset about this, needs to straight get off the internet if data harvesting is a Non Starter for them.

Reader
Kickstarter Donor
xanadox

Or change the law, like the GDPR.
If we had not complained about this kind of abuse, we wouldn’t have gotten any GDPR (and it’s just one step in the good direction).
One company will suffer the GDPR anger, to keep the others inside the law. Zenimax has already been spotted. They wish EU will find another bigger whale to hunt.

And the “we didn’t notice what we run on our clients computers” excuse it’s… hard to believe ( I hope).

dixa
Reader
dixa

These companies need to stop giving their marketing departments so much power. This is what they are teaching kids in college today – do whatever it takes to sell your shit, no matter how shady or morally reprehensible. Make that money, that’s all that matters.

Someone came up with this idea, someone approved it, someone coded it, someone implemented it. That entire fucking chain of implementation exists in every damned company right now because this is all that matters – that money. Your employees well being? Don’t care, they make us money and do what we tell them and there are more idiot college kids willing to work for nothing coming up, abuse the hell out of them. Your customers? Those aren’t people, they are money printers.

People used to laugh at scifi movies where corporations ran everything, saying the governments of the world wouldn’t let that happen. Yeah well, we keep getting closer and closer to that reality when these kinds of abuses of our constitutionally protected right to privacy continue to go unchecked and unregulated.

whowutwhen
Reader
whowutwhen

Almost as if its a for profit company. Your RtP is from the government not from companies you willfully entered into an agreement with. If people REALLY cared they would be reading the ToS’s they sign that give the power to companies. But they dont. The majority of ESO players will never even know this happened.

dixa
Reader
dixa

don’t go being a contrarian just to be cool, now. that hasn’t been a thing for a decade.

i expect ip address, mac address and the like to be tracked by these types of games for many reasons.

it is not acceptable that they track what emails i am reading. they can put that shit in their tos all they want and i quite frankly dont have to actually read it – it won’t hold up in any court of law. a game company has no business snooping on my email activities, especially my fucking WORK EMAILS.

do not white knight this issue. the tos is not a blank check to be a douche company when there is a reasonable expectation that the average player is not going to read it.

should everyone read it? yes, absolutely. every game, every time. that does not mean that it’s ok to have these policies or even put them IN the tos at all. you can’t agree to give up your constitutionally protected rights in this manner.

whowutwhen
Reader
whowutwhen

Your right to privacy has nothing to do with interactions between private citizens or corporations.

Reader
Ittybumpkin

So people should just stop using technology altogether as the amount of ToS, privacy policies and license agreements the average user of the internet would need to read through in a year would take a literal full time job. Imagine attempting to read every revised privacy policy people just received in the last month. What needs to happen is more people fighting back and taking companies to task for what they are collecting and what they are doing with what they collect. More governments need to take a stance to implement things like GDPR. Instead we just how here we should give up because companies already have our data. These companies are not freely sharing all of our data between each other, so it is certainly a good goal to try and limit how many companies have your data. Anyone who thinks otherwise is ignorant.

Reader
mr_gibbins

Unsurprisingly I feel fucking appalled at this massive breach of trust.

Surprisingly the GDPR complaint from available from the UK’s Information Commissioners Office was really quick and easy to complete.

Reader
Jokerchyld

You do realize they were not collecting GDPR information. They collected your stats not your PII (which is what the GDPR is protecting).

Reader
Mizpyra G. Irl

I guess the penalty for potential GDPR breach (2-4% of worldwide total revenue or 10-20mil euros, whichever is bigger of the two, depending on the level of the violation) can turn even the most rogue entity into an apologetic little baby angel.
You’re welcome, non-EU players.

Reader
Zen Dadaist

I was given a copy of this recently, hadn’t got around to actually installing it.

Rather thankful of that!