Dozens of PC games drop tracking software after surveillance fears

Posted on

What exactly is Red Shell collecting?

Red Shell, named after the opponent-seeking projectile from the Mario Kart series, is a kind of attribution service, which allows marketing teams to see which adverts lead to sales of their product, and which don’t. There are many services like this for apps on mobile devices, as the App Store and Google Play let developers see which links are driving traffic to the store page, even down to individual advertisements and posts.

On desktops, attribution is dominated by Google Analytics. However, because the majority of PC games are sold via Steam, (which only tracks the website which contained the link) and are then played away from the browser via the desktop, developers have less information about if their advertising campaigns are working or not.

Therefore, Red Shell’s method tracks a different set of data points when users interact with adverts. These are generally data points about the user’s device, such as its operating system, installed fonts, browsers (and versions) used, timezone, language, the user’s in-game ID, and screen resolution. This is what Red Shell calls a ‘fingerprint’, which can also be made on games consoles as well as PCs.

When someone buys a game, the chosen parameters are checked again when the player starts it up. With the two fingerprints matched, the developer once again can work out if certain forms of adverts or certain websites are providing value for money.

The data is sent to Red Shell via an encrypted SSL protocol, and typically kept on their servers for 13 or 25 months, depending on the client’s specific policies.

Adam Lieb, CEO of Innervate, the Seattle startup that operates Red Shell, believes the data the service collects is within the rules of Europe’s General Data Protection Regulation (GDPR), which came into force at the end of May.

“People can have their own opinions on it but our data is not personally identifiable information (PII),” claims Lieb. “We don’t want PII, we don’t care who these people are, and nor do our customers, what they care about is knowing if this is the same computer or person, not who that person is.”

While Lieb says it would be possible to get the same attribution using less information from gamers and their devices, “the more data points we strip away, the less accurate it is, which is therefore less useful.”

PrevPage 2 of 5Next

Leave a Reply

Your email address will not be published. Required fields are marked *