By Wolf Chivers

Predatory Game Design

Did you know that video game addiction is a condition recognized by the World Health Organization? As more and more games have implemented microtransactions, countries around the world have started considering whether those games should be regulated as a form of gambling. Certainly people sometimes spend incredible amounts of money on in-game microtransactions, especially in the form of loot boxes that provide randomized in-game benefits in exchange for actual money. So when parents hear that their kids are potentially getting addicted to video game gambling, what then is likely to happen? Lawsuits—lots and lots of lawsuits. 

Identifying Claims

What exactly aggrieved parents might claim in those lawsuits, however, is not as clear as it might seem at first glance. Many countries in the world are considering regulating loot boxes as some form of gambling, but have not yet explicitly done so, which narrows the options for parents. What is left? Is it negligence on the part of the game companies? Maybe one could argue that the companies have ignored known risks in their design, but the companies are not making these games by reckless mistake. The core of some of the lawsuits is that the companies are intentionally making the games as addictive as possible. If so, it seems like some sort of intentional tort. However, most of the classic intentional torts that someone might come up with at first glance—assault, battery, trespass, and the like—do not seem intuitively to fit. 

If the claim is not negligence and not obviously an intentional tort, it might seem to leave plaintiffs in an awkward spot. The games represent a peculiar intersection between the fact that the games are fun, widely-enjoyed activities that are harmless in moderation, and the fact that they are also designed to be addictive and can cause great harm when abused. In short, the game practices have many of the same issues as conventional gambling, target a much younger demographic, and lack equal regulatory oversight. If game companies say “This isn’t gambling; all we did is make a fun game,” are there legal theories plaintiffs could still use? There are at least two that the plaintiffs are currently claiming—that the games are defectively designed and that the companies failed to provide adequate warnings of the safety risks. 

Design Defect

The strongest claim available to the plaintiffs in these lawsuits may be in product liability; that is, alleging that the games were defectively designed. A design defect is a flaw in a product that was produced as intended (contrasted with a manufacturing defect), and works as intended, which then produces harm to consumers. In order to show a design defect, the plaintiffs at least must show that the product posed a foreseeable risk of danger to a consumer using it for its intended purpose. That much is likely easy; the possible harms and dangers of video game addiction are wide-ranging and encompass everything from financial harm to long-term mental health challenges. 

In some jurisdictions, however, the plaintiffs also must show that there was a reasonable alternative design, both practically and economically, which is potentially more difficult. If the companies have designed the games to be as addictive as possible, and therefore bring in as much money as possible, any less-addictive alternative designs are logically likely to bring in less money. There are, however, at least some alternatives that seem eminently reasonable; Epic Games settled with the FTC over allegations that, among other things, Fortnite players were tricked into spending money simply by confusing button layouts. Additionally, even if the games were to adopt less-addictive designs, they would likely still be worth billions of dollars, which certainly seems to indicate that they could be less addictive without being significantly less economically viable.

Failure to Warn

Game companies may rebut a design defect argument by suggesting that the games’ designs are not defective or inherently harmful—there are plenty of people who play them safely, and consumers presumably want the games to be as fun as possible. The addictiveness, the argument might run, is a feature, not a bug, distinct from something like a brake failure in a vehicle line. If so, plaintiffs could fall back on a claim that the companies failed to warn consumers of the inherent risks.

A failure to warn claim alleges that the company failed to provide adequate warnings about the risks of using a product, or instructions on how to do so safely. Game companies are no strangers to the process of supplying warnings; for instance, game consoles already have extensive, in-depth Health and Safety sections in their manuals that cover a broad range of known risks. If the plaintiffs can show that the game companies intentionally designed their games to be addictive, failing to provide warnings to that effect is a strong claim. 

The two common defenses in failure to warn cases are that the risk was obvious, or that the misuse was unforeseeable, neither of which seems likely to work to the game companies’ benefit. First, at least in some cases the purpose of the design was to trick people into spending money, in which case at least some of the risks are patently non-obvious. Second, the use to which the consumers put the games, i.e. playing them, was not only entirely foreseeable, it was the whole point. A failure to warn claim thus seems likely to succeed.

Conclusion

Even though design defects and failures to warn seem like strong claims, they also seem vaguely unsatisfying given the degree of harm and manipulation involved. At least one man spent over $16,000 in approximately a year and may have ruined his life. Anyone might easily feel wronged if they later discovered the games were designed to suck that much money out of them, and that example involved a mature adult. If, as alleged, game companies are intentionally getting impressionable children addicted to their games to milk as much money out of them and their parents as humanly possible, with no regard for the harms it may cause or the long-term damage to the children, lawsuits over whether there were enough warnings in the manual seem trite.

Given the current state of regulation, however, it is not entirely clear what else those impacted by the games’ predatory designs ought to do. There is also no easy answer for regulators, since the games likely should not be outlawed entirely. Even so, at a bare minimum, children should not be the target audience. Minimum age laws akin to restrictions on casinos or other forms of gambling would at least reduce the risk to some of the most vulnerable, and might provide a clear legal framework for plaintiffs to use if game companies continue targeting children.

#WJLTA #videogames #microtransactions #lootboxes #gambling #productliability #addiction

By: Lindsey Vickers

Last week, legislators united to sign into law the Take It Down Act, a bill introduced by Texas Representative Ted Cruz. The bill’s next stop will be President Trump’s desk, where many expect he will sign it into law. (Melania is certainly rooting for the bill.) 

But in a world of deepfakes and alternative realities, is the Take It Down Act truly enough to protect the public from the negative consequences of deepfakes? 

What is the Take It Down Act? 

The Take It Down Act is federal legislation that mirrors a growing number of state laws. The law aims to ban “nonconsensual online publication of intimate visual depictions of individuals.” 

You might have read that and thought, “huh?” Yeah, me too. In essence, the Take It Down Act is criminalizing what have come to be known as “deepfakes.” This internet-era term refers to computer-generated media that depict things that didn’t actually happen or that distort things that did happen into a twisted, alternate reality. Deepfakes can be audio, video, or images—in essence, many types of media that easily spread online. 

The worst part? Deepfakes can be virtually indistinguishable from reality. 

While the term “deepfake” dates back to 2017, the media only reached a real boiling point when Taylor Swift was the subject of a deepfake scandal just over a year ago. Users took to a Microsoft AI technology to create illegitimate deepfakes of Swift in the form of nude images. With Swift’s touch of star power the depictions of her, and other nonconsensual deepfakes, became a hot national issue. 

But people across the country have been subject of non-consensual deepfake porn, ranging from high school teens, to a woman whose image was manipulated into porn by a coworker. 

However, this is not the only nefarious use of deepfakes. Audio deepfakes, for example, have been used to scam people out of millions of dollars, automate realistic robocalls, and even demand ransom from unsuspecting parents. 

What Does The Take It Down Act Do? 

The Take It Down Act’s purview is limited to deepfake pornography and mimics state laws. It does not provide a cause of action, or a way for people to bring a legal allegation, for all deepfakes. Instead, it only criminalizes nonconsensual “intimate imagery,” which essentially means porn or nude images. In essence, it criminalizes the action of sharing or threatening to share nonconsensual intimate images. 

The act puts the onus to remove nonconsensual intimate depictions on the websites where the depictions are posted. However, the burden to remove them only kicks in after the website owner receives notice (aka a person has complained about a nonconsensual deepfake). 

Why Doesn’t the Take It Down Act Conflict with Section 230?  

In general, providers of interactive internet services are exempt from liability for posts by third parties, which includes deepfakes like those targeted by the Take It Down Act. This promotes innovation and protects the free internet. 

But, there are a couple of caveats. That’s where section 230 comes in. Section 230 was enacted in 1996 as part of the Communications Decency Act. The act initially aimed to regulate obscene speech online, but most of it was quickly struck down by the Supreme Court for being overbroad and violating the First Amendment. 

Section 230, though, remained intact. This section of the act broadly exempts providers from liability, only protects websites and internet service providers from civil liability, or things like torts. So, you can’t sue a website provider for defamatory statements posted by another person, for example. For example, you couldn’t, say, go after Yelp for another person’s bad review of your restaurant. 

However, Section 230 contains an exception for crimes. This means that internet service providers can still be liable for criminal activity that breaks the law. For example, a classifieds list or housing search engine could be held liable for violating the Fair Housing Act by asking users to answer questions that may be discriminatory. 

The Take It Down Act makes posting nonconsensual deepfakes a crime, meaning it falls under the exception carved out of Section 230. 

Is the Take It Down Act Enough? 

The Take It Down Act poses some free speech concerns, but also has other pitfalls. Namely, it only targets one category of nefarious deepfakes: intimate images. The law fails to provide protections against people making a deepfake TikTok inspired by your fit check, for example, and using it to spawn a confusing, illegitimate competitor account. 

While this might sound like a pie-in-the-sky, it’s a legal problem many states have taken steps to solve through what’s called the “Right of Publicity.” These laws offer protections to people’s personality, which includes their name, image, and likeness. 

Some state Right of Publicity laws, including Washington’s, provide all citizens a right to their name, image, and likeness. Others only offer protections to celebrities, whose persona has commercial value. Regardless, these laws offer a more expansive framework to combat AI deepfakes of all sorts, not just the pornographic kinds. 

So, while the Take It Down Act does put some worries at bay, it leaves many citizens unprotected from non-sexual uses of their identities—despite the presence of a clear alternative through a federal Right of Publicity law.

#takeitdownact #newlegislation #deepfake

By Jonah M. Haseley

Traditionally, people carried paper tickets to concerts, sports games, and other venues. By today’s standards, that seems quaint. But the rise of biometric data, particularly facial recognition technology, is allowing your face to become your ticket. 

The Rise of Facial Recognition in Live Events

Venues are beginning to use facial recognition to expedite entry and augment security. The New York Mets introduced facial recognition at Citi Field, allowing fans to enter without traditional tickets. The NFL has deployed facial recognition to control access to restricted areas within stadiums.

Legal Challenges and Privacy Concerns

While facial recognition offers convenience, it also raises legal and privacy issues. In 2024, a federal judge dismissed a lawsuit against Madison Square Garden, which used facial recognition to identify and ban individuals who were in litigation against the company. The court found that the practice did not violate existing privacy laws, despite calling it “objectionable” in its order dismissing the lawsuit. 

Not all venues have followed this tech trend. In 2023, more than 100 artists and venues pledged to not use facial recognition at their events, citing concerns over civil liberties and privacy. This resistance exemplifies unease within the entertainment industry about biometric surveillance.

Biometric Privacy Laws: A Patchwork of Protections

The legal landscape for biometric data in the U.S. is fragmented. Only a few states—such as Illinois, Texas, and Washington—have enacted comprehensive biometric privacy laws that require informed consent for the collection and use of facial data. Illinois’s Biometric Information Privacy Act (BIPA) is perhaps the strongest of these, allowing private individuals to sue for violations.

However, most states offer no such protections, meaning that depending on where a venue is located, concertgoers may unknowingly surrender biometric data. This lack of consistency leaves fans vulnerable and venues with unclear obligations.

The Need for Transparency and Consent

A major issue with the use of facial recognition technology is the lack of transparency. Venues often fail to disclose that they are collecting biometric data. Venues sometimes obtain consent first, but often the consent is buried in complex terms and conditions.

One notable example occurred at a Taylor Swift concert, where facial recognition was used to scan attendees for known stalkers. Stalking is a real problem, and celebrities like Taylor Swift have legitimate security concerns. But fans were unaware that their images were being captured and analyzed, raising ethical and legal questions about covert surveillance at public events.

The Path Forward

As facial recognition becomes more common at live event venues, lawmakers should enact clear, nationwide rules that protect individuals’ privacy rights and regulate how biometric data is collected, stored, and used. Venues must also take responsibility by being transparent about their practices, obtaining clear, informed consent, and securing the data they collect. People deserve to have their data protected and their privacy respected. By implementing stronger legal protections and ethical standards, we can ensure that attending a concert remains about watching the performance—not about being watched.

#FacialRecognition #PrivacyRights #ConcertTech #BiometricData