For some time now, start-ups, health care and tech companies have been experimenting with smaller video games to have people around the world help with categorizing or analyzing big data sets that typically take months or even years to analyze. The idea is that if everybody invests only a few minutes, the work could be done in days or weeks instead of years. A player who participates has to solve a few simple matchmaking or categorization tasks and can thereby help in research related to cancer, Alzheimer’s disease, and the categorization of human genomes or proteins.
Citizen sciences in video games have of late been getting more attention from well-known backers from the games industry, such as CCP with Eve Online and Gearbox with Borderlands. Some video game companies have also started to leverage their huge player base by asking players to carry out smaller tasks to improve the company’s own technology, which is essentially the same concept as citizen science. Furthermore, new start-ups are emerging, which help connect video games with traditional citizen science projects. As a result, some projects have not only made it to the front page of The Wall Street Journal but also to some of the most successful citizen science projects overall. With that in mind, it is not surprising that the EU recently decided to fund, to the tune of EUR 1 million, the idea of connecting video games with actual science under the Horizon 2020 research and innovation programme.
Headlines were also made when several tech companies, including Nvidia, recently called on PC gamers to help fight COVID-19 by donating unused graphical processing power to Folding@home, a distributed computing project based at the Washington University in St. Louis School of Medicine, which performs molecular dynamics simulations of protein dynamics.
The article shared here describes the phenomenon of citizen science around the video games industry and analysis some of the most striking data protection law aspects, mainly from the perspective of the EU General Data Protection Regulation (GDPR). The GDPR remains one of the most practically relevant data protection regimes due to the significant sanctions it administers, and because it also applies to the processing of personal data of persons within the EU/EEA even if the relevant company is established abroad but offers goods or services to persons within the EU/EEA. Since video games are often played by players across the globe, the territorial scope of the GDPR catches most video game companies as video games are typically also played by players in the EU/EEA. The article also briefly touches on copyright questions.