Epic Games deny Store software spying accusations
No, Epic unsurprisingly say, they aren't spying for the Chinese government
If you jacked into the world wide whisperhell at a certain time yesterday, you might have come away with the impression that the Epic Games Store software was spying on you for China. Gamingchair detectives prodding at the Epic Games Launcher recently discovered that the client scans your Steam account, investigates what other software is running on your PC, does something with Internet browser root certificates and cookies... which led to the surprising conclusion that Epic, at the behest of Chinese part-owner Tencent, are spying on us and sending our data to the Chinese government for dark purposes. Mmmmmnooo, Epic responded, that is not what's happening. Ah, the Internet!
This all flared up on the Reddit subforum for Phoenix Point, the latest game to turn its back on other stores and become exclusive to Epic for one year. Anti-Epic Store sentiments are riding high as they keep splashing megabucks on securing scloosies, and this was inevitable: someone with a little knowledge, enough to be dangerous, jumping to conspiratorial (and tbh kinda racist) conclusions.
Then amateur analysis was taken as fact and stripped of context and passed around the cybernet, prompting Epic to respond and try to clear it up.
"Epic is controlled by Tim Sweeney," Daniel Vogel, Epic's VP of engineering, said on Reddit. "We have lots of external shareholders, none of whom have access to customer data."
So no, he says, Epic aren't spying for the Chinese government.
Vogel also offered explanations for the Launcher's various probings and activities. These range from making sure it doesn't try to update a game that's currently running, through tracking for store metrics and their 'Support-A-Creator' programme, to the basic realities of how the Launcher works as software built largely upon the Chromium browser. More than just offering explanations, Vogel pointed to publicly-available source code he says is powering a number of these moving parts.
Given that Epic's main rival is Steam, the Launcher scanning Steam directories and compiling information was a particular focus of speculation. Vogel's explanation is that the Launcher automatically copies (and encrypts) some Steam data, but doesn't use it unless you tell it to import your Steam friends to Epic - and then only sends friend IDs, nothing else. It does appear shady that the Launcher looks before you ask it to but I do trust it's ultimately harmless.
Epic shouldn't have been caught off-guard by this. We've seen similar claims of spyware (though not international spying) levelled at Steam and Origin clients over recent years, and neither had stirred the hornet's nest nearly as much as Epic have with their aggressive strategy to buy up exclusives and cut out other stores. And yes, Epic's privacy policy might permit the Launcher's observations but it doesn't explicitly state them - and they must know no one reads those anyway so people are surprised when they hear what they've agreed to.
Epic's policy is fairly legible as these go, far better than many EULAs, but it'd be sensible for companies to clearly lay out specifics. While the vagueness and bendiness of such policies may serve the companies well, letting them do more than many users might expect, they inevitably spark backlash and conspiracy.
As much as I might like to see Epic's exclusives not be exclusive (which tbh isn't a MASSIVE amount because I have a half-dozen clients installed anyway), let's not go instantly buying into conspiracy theories just because they justify our dislikes, yeah?