The UK video games industry is economically important. Games themselves can bring enjoyment and promote psychological benefits. Games can be used for education, training and business as well as for fun.
However, in recent months concerns have been expressed about excessive play, game mechanics and online harms. The House of Lords Select Committee on Communications has recommended the establishment of an industry standard on what constitutes reasonable and prolonged use of digital, social and entertainment platforms. The House of Commons Select Committee for Digital, Culture, Media and Sport has investigated immersive and addictive technologies. The World Health Organisation (WHO) has included ‘gaming disorder’ in their International Classification of Diseases (ICD-11) as an officially recognised illness. The ICO has published an Age Appropriate Design Code. Above all, the UK Government has published an Online Harms White Paper.
The Online Harms White Paper heralds a new regulatory framework for online safety. Companies in scope of this new framework (namely, those who ‘allow users to share or discover user-generated content or interact with each other online’) will be subject to a new statutory duty of care. An independent regulator will be established to implement, oversee and enforce the new regulatory framework. All companies in scope of the regulatory framework will need to be able to show that they are fulfilling their duty of care by following the new regulator’s codes of practice.
While it will be for the new regulator to produce codes of practice when it becomes operational, the Government expects companies to take action now to tackle harmful content or activity on their services. More details of what is considered as harmful content or activity within the scope of the White Paper can be found here. More details of the Government’s expectations under the duty of care can be found here.
Safeguarding players should be a key concern. Not all games businesses will be subject to the Government’s new framework for online safety. We have therefore drawn up 5 TIGA Principles for Safeguarding Players. The TIGA Principles are broad and high-level in scope. In order to assist games companies to comply with the TIGA Principles, TIGA has created a set of draft ‘Positive Practices’ for each Principle and is inviting games businesses to provide feedback on them. The Principles are voluntary in nature, but games studios, publishers and platform holders that adhere to them will demonstrate a firm, active commitment to safeguarding their players. The Government’s vision set out in the Online Harms White Paper is to have ‘an online environment where companies take effective steps to keep their users safe.’ Endorsing TIGA’s Principles are a good way to demonstrate a commitment to this objective.
While some of the Principles and their attendant ‘Positive Practices’ are applicable to all games businesses, others are only relevant to platform owners or to providers of online games. The Principles are designed to enable games businesses to take proportionate actions. For example, a large multimillion pound games business providing an online game will clearly be better placed to invest more in sophisticated technology and teams to protect players from illegal or inappropriate behaviour than a small business. The Principles are designed partly for UK games businesses and partly for overseas games businesses and platform holders that sell, or enable the selling of content, to UK consumers.
- Protecting children
Our first Principle focuses on protecting children:
Take particular care in the design of games that are likely to appeal to children and provide the necessary tools and information about content for parents and guardians to enable them to manage all aspects of their children’s enjoyment of games.
Games businesses should ensure that games are safe to use for all players. Games businesses should, in particular, ensure that the interests of children are a primary consideration whenever designing and developing games and online services likely to be accessed by a child.
Our first Principle also means that providers of game platforms should provide a robust and accessible set of parental controls that enable a parent or guardian to manage all aspects of their child’s enjoyment of games. Games businesses should also take other steps to protect children, including promoting parental controls and online safety advice. This will help to make sure that consumers, particularly parents and guardians, are better informed about how to ensure that children play games safely online.
- Treating consumers fairly
Our second Principle involves treating consumers fairly. Games businesses should:
Deal with players as consumers in a fair manner at all times, in addition to complying with all relevant marketing, advertising and consumer protection law.
Games businesses should therefore have: accessible terms and conditions; fair enforcement terms; a refund policy; and a complaints procedure. Games businesses should also comply with the OFT (now the CMA) principles relating to online games and in-app purchases; and with all applicable consumer protection law.
Safeguarding online communities
Online games offer great opportunities for shared experiences and communities that enrich the lives of their members. However, online communities can also sometimes be misused by a minority of players who behave badly or even dangerously towards others. Our third Principle is designed to address these issues:
Make every effort to ensure that online communities and interactions are safe and do not expose players to harm.
Games businesses can safeguard online communities in a variety of ways, including: making explicitly clear the standard of behaviour required and behaviour that will not be accepted; providing an accessible complaints system; and taking effective and proportionate action in response to players who breach behaviour policies. Games businesses can also consider including features of game design to minimise harassment, ‘griefing’, ‘trolling’ and other undesirable online behaviours, for example, by enabling players to mute, make invisible and not be impeded by the avatars of those who are harassing them.
If standards of behaviour are made explicit, reporting procedures introduced, sanctions for infringement enforced and user protection from harm by design adopted, then players will be safer online.
- Respecting personal data
Our fourth Principle entails respecting personal data:
Take appropriate and proportionate measures to fulfil the seven data protection principles under the General Data Protection Regulation (GDPR) and comply with all other relevant data protection laws to ensure that players’ rights to personal data privacy are respected.
Games businesses should therefore take actions including: adherence to data protection laws; building data protection into the heart of game design to minimise the risk to players’ information; and design games to be privacy by design and by default, meaning that default data privacy settings should be high and avoid more intrusive and optional uses of personal data.
Spending and time management
Anything can be done to excess. Everything should be done in moderation – including playing video games. Our final Principle addresses this important area:
Enable players to manage the amount of time and money spent on games through appropriate design and proportionate measures.
Putting this Principle into practice could involve a range of proportionate measures, including spending and time controls. In the case of game companies operating ‘closed’ game platforms, such as home video game consoles, providing controls to enable players and/or their parents and guardians to monitor and also to restrict the overall amount of money and time spent within each game and on the platform as a whole, will be important. In the case of games available on an ‘open’ platform like a PC, the relevant games businesses could consider introducing such controls where proportionate and technically practical.
Again, where proportionate and technically practical, games businesses could include game design features that enable players to manage the time spent within a game. For example: enabling players to save a single-player game regularly; incorporating features such as reminder messages to take breaks; rest systems; and time limitation structures (e.g. the player has a specific time limit to complete a level in order to encourage shorter periods of play).
Additionally, and where proportionate and technically practical, some games businesses might want to include the function for players to self-exclude from further spending any more money or time on a game for a set period of time.
It is increasingly likely that loot boxes will be subject to greater regulation. In the meantime, games businesses should disclose the use of paid or hard currency loot boxes (or other chance systems) upfront before a player purchases, downloads or signs up to a game and describe their potential contents and the chances of that content being received in simple and easy to understand language. PEGI should consider explicitly identifying the existence of paid or hard currency loot boxes to enable consumers to make informed decisions.
Our industry should always strive to be mature, diligent and responsible when it comes to issues of player safety. Our Principles for Safeguarding Players should help developers, publishers and platform holders to play their part in safeguarding players. It is the right thing to do.
Dr Richard Wilson OBE, TIGA CEO
TIGA is inviting games businesses to provide feedback on the Principles and the ‘Positive Practices’ before 20th January 2020. TIGA will then review all feedback before formally publishing the first set of Principles for Safeguarding Players in January 2020. Comments and feedback should be sent to: firstname.lastname@example.org