blog: Don Marti


how to CCPA a game company

03 January 2021

I was playing an online game the other night, and another player pointed out that the game had the Facebook SDK in it. This is a small piece of software that, well, I'll quote from their site. Facebook SDKs enable you to pass app event data from your app to Facebook.link added by me

Creepy, right? What can you do about it?

First, the easy answer. On Apple iOS, users are soon going to get an Ask App not to Track button that should help with this problem. You'll start getting dialogs with that option plus an Allow option. I don't have the budget for enough lawyer time to understand what I would be agreeing to if I click Allow, so I'm not going to select that. Keep an eye out for these dialogs, and select the Ask App not to Track button when you can.

Second, the almost as easy answer. Send a CCPA opt-out to the game company. Under the California Consumer Privacy Act, you can require a company to stop selling your personal information. A sale for CCPA purposes does not have to be an exchange of personal info for money. So even if the game company is just getting different data back in exchange for yours, the CCPA still covers it.

How to do that:

  1. Get a CCPA opt-out letter.

  2. Put your info in the blanks with double brackets (name, address, phone, email.)

  3. Find the game company's privacy email address, which is generally in their privacy policy somewhere, and send the email.

They will either act on the request (as they're required to by law) or write back with some instructions for extra stuff they want you to do, which is not exactly legal legal, but companies have been getting away with it. Follow the instructions and you should be good.

After a year of doing CCPA opt-outs, it looks like even if they make you do extra steps to do your opt-out, it's almost always faster to follow the instructions in the email than to try to find the right form on your own. And I use the email outbox as a way to check which companies I have already started the CCPA process with. Yes, there are going to be easier ways to make this stuff work including browser signals and authorized agent services. I'll update with links as they become available.

INTERVIEW: Facebook's policy and privacy director discusses the intentions behind its amped up anti-Apple campaign (FB, AAPL)

You Might Abandon Your New Year's Resolutions, But the Internet Never Will

Video games took on larger roles amid the pandemic

Crime Shouldn't Pay: Why Big Tech Executives Should Face Jail

At Least Now You Know Which Video Game Reviewers Are Sellout Clowns

The data that apps use to track you, according to Apple

Phase 1 Complete – Privacy Transparency Comes to the AppStore

Facebook Employees Leaving As Hate Speech Festers