If you jacked into the world wide whisperhell at a certain time yesterday, you might have come away with the impression that the Epic Games Store software was spying on you for China. Gamingchair detectives prodding at the Epic Games Launcher recently discovered that the client scans your Steam account, investigates what other software is running on your PC, does something with Internet browser root certificates and cookies... which led to the surprising conclusion that Epic, at the behest of Chinese part-owner Tencent, are spying on us and sending our data to the Chinese government for dark purposes. Mmmmmnooo, Epic responded, that is not what's happening. Ah, the Internet!
This all flared up on the Reddit subforum for Phoenix Point, the latest game to turn its back on other stores and become exclusive to Epic for one year. Anti-Epic Store sentiments are riding high as they keep splashing megabucks on securing scloosies, and this was inevitable: someone with a little knowledge, enough to be dangerous, jumping to conspiratorial (and tbh kinda racist) conclusions.
Then amateur analysis was taken as fact and stripped of context and passed around the cybernet, prompting Epic to respond and try to clear it up.
"Epic is controlled by Tim Sweeney," Daniel Vogel, Epic's VP of engineering, said on Reddit. "We have lots of external shareholders, none of whom have access to customer data."
So no, he says, Epic aren't spying for the Chinese government.
Vogel also offered explanations for the Launcher's various probings and activities. These range from making sure it doesn't try to update a game that's currently running, through tracking for store metrics and their 'Support-A-Creator' programme, to the basic realities of how the Launcher works as software built largely upon the Chromium browser. More than just offering explanations, Vogel pointed to publicly-available source code he says is powering a number of these moving parts.
Given that Epic's main rival is Steam, the Launcher scanning Steam directories and compiling information was a particular focus of speculation. Vogel's explanation is that the Launcher automatically copies (and encrypts) some Steam data, but doesn't use it unless you tell it to import your Steam friends to Epic - and then only sends friend IDs, nothing else. It does appear shady that the Launcher looks before you ask it to but I do trust it's ultimately harmless.
Epic's policy is fairly legible as these go, far better than many EULAs, but it'd be sensible for companies to clearly lay out specifics. While the vagueness and bendiness of such policies may serve the companies well, letting them do more than many users might expect, they inevitably spark backlash and conspiracy.
As much as I might like to see Epic's exclusives not be exclusive (which tbh isn't a MASSIVE amount because I have a half-dozen clients installed anyway), let's not go instantly buying into conspiracy theories just because they justify our dislikes, yeah?