The European Union is very strict when it comes to data protection and it frequently changes and overhauls its rules. Two years ago, the community of states has passed a resolution that is set to go live this May on the 25th. Many gaming companies and eSports organizations could be affected by these changes, if they don’t comply with the new regulations.
The General Data Protection Regulation as the set of rules is commonly referred to is aimed to protect EU citizens. Organizations that operate across the continent are expected to comply with these rules when processing and holding personal data of citizens. Sanctions are steep and those who don’t respect their obligations can be subject to fees of up to €20 million. For many electronic sports companies, even a fraction of this amount can prove catastrophic and drive them out of business instantly.
GDPR is a two-edged sword
On paper, the new rules have the merit of improving security by making sure that sensitive data is properly handled. Any breaches must be reported to the authorities immediately, with a precise deadline of 72 hours to be met. EU citizens also have the right to access information regarding the way data is handled, used and stored. The delicate issue known as the “right to be forgotten” is also brought back into the spotlight by these rules.
For major videogame developers this can be a problem, simply because they need to acquire and hold a lot of information about their players. Riot handles the information of millions of League of Legends players, some of them residing in Europe and they need to make certain changes to their policy. Streaming and coaching companies could also be affected by these changes, although it is not yet certain how this will happen and to what extent will their activities be impaired.