Last summer’s phenomenon, Pokémon Go, which was downloaded onto more than 5% of Android phones in the US within just two days of its release and exceeded both Snapchat and Twitter in terms of daily active users, provided a first mainstream look at the potential of augmented reality in the gaming industry. Some estimations put the AR market at a value of $120 billion by 2020 (Digi-Capital), and the myriad legal challenges posed by the sector led us to investigate the issues in a recently-published industry whitepaper.
Facial recognition, geo-location and real-time data harvesting via AR games results in novel legal challenges. This technology will be used by many stakeholders, including game owners, advertisers and analytics service providers. The potential liabilities are significant, making it important to pin down as far as possible the responsibilities and roles of the parties. Various legal difficulties may also arise in relation to copyright and advertising. Yet notwithstanding these hurdles, analysts believe that the technology will be transformational for consumers in the next ten years.
Privacy
AR is spreading rapidly, but usage must still fit within the new legal frameworks for data protection – especially if data relating to identifiable individuals is being collected or otherwise used.
Personal data means data which relate to a living individual who can be identified using this data, or other information which is in the possession of, or is likely to come into the possession of, the data controller. Personal data can include:
- Name;
- Email;
- Geo location;
- Appearance; and
- Health.
A fundamental requirement of European data protection law is that individuals are made aware of how their data will be used, shared and handled – and which entity is responsible for each. This is often achieved with privacy policies. As well as transparency and data security, users are entitled to a copy of their data, and are able to have it deleted in some scenarios; processes need to be in place to facilitate this. Building up large datasets from a huge user base may be tempting, but it brings significant responsibilities.
A lot of the data collected by AR will be personal data. For example, Pokémon Go asks for access to the user’s camera, contacts, GPS location, and SD card contents. Given AR’s capacity for “always on” data recording, there is the potential for reams of data to be collected, much of which could be linked back to the user, even if unintentionally. Developers must be wary of key principle of data protection: personal data collection should be adequate and relevant for its specific purpose, but never excessive.
Security
As with many rapidly evolving technology ecosystems, AR is vulnerable to breaches in security. The risk of bogus, malware-ridden copies of AR apps is huge; developers and players need to be careful to guard against hacking and protect data. It’s for the best that encryption is increasingly becoming standard, particularly for data in transit.
Developers should aim for ‘privacy by design’, embracing privacy and data protection compliance from the conceptual design stage of projects, instead of attempting to address privacy and security features as an afterthought.
Sanctions
AR companies failing to comply with the rules risk significant consequences. Breaches of data protection law can trigger fines of up to £500,000.
On top of negative press, fines and other sanctions, individuals are entitled to sue for compensation if they have suffered damage as a result of unlawful use of their personal data. Pokémon Go developer, Niantic, has been in the spotlight and privacy regulators are starting to ask searching questions around data collection and storage.
Copyright
AR can also raise complex copyright issues. For example, who owns user-created content which is integrated with digital information from an app? How does the freedom of panorama defence, which allows photography of buildings and sometimes sculptures and other art works which are permanently located in a public place, interact with AR? Footage of recognisable sights could be augmented for commercial purposes, potentially placing a virtual banner on a national monument?
Developers will need the appropriate rights clearances for their games, to guard against copyright infringement suits. When negotiating with rights holders, developers should aim for the rights being granted to be as broad as possible. Ideally, there should be no limitation on devices that can be used, and there should be a right to distribute on “internet-connected devices”.
Advertising
AR will create exciting new advertising opportunities: envision targeted and real life product placement through which brands can be embedded directly into the user’s experience. This could drive high levels of engagement. However, all advertising and product placement will also have to comply with advertising regulations. These demand, for one, that advertisers not mislead consumers, and ensure that marketing communications are obviously labelled.
As all these issues demonstrate, the advent of AR will bring with it challenges to match the opportunities generated. Gung-ho developers may wade into the field without the appropriate diligence, but prudence will likely be rewarded by longevity, and legal and regulatory security.
Reed Smith‘s Entertainment and Media team continue to be at the forefront of advising on legal issues relating to virtual and augmented reality on a global basis.
Gregor Pryor
Partner
Co-Chair of Reed Smith’s Entertainment and Media Industry Group
gpryor@reedsmith.com
+44 (0)20 3116 3536
— This feed and its contents are the property of The Huffington Post UK, and use is subject to our terms. It may be used for personal consumption, but may not be distributed on a website.