Games and Interactive Entertainment - Legal trends in 2024
Video gaming has become the world’s biggest entertainment industry and is at the forefront of harnessing technological advances. Tech developments are bringing growth in areas such as cloud gaming, esports, and virtual reality, and more immersive experiences and simulated worlds are enabling social games, entertainment experiences and online events. Despite a post-pandemic slump in consumer demand and a volatile geopolitical and economic outlook, gaming continues to attract significant interest and investment.
Looking ahead to opportunities in 2024, games companies and investors will need to navigate tightening regulation, increasing regulatory enforcement and heightened litigation risk to take advantage of the vast potential of the industry. In this article, the newly appointed co-heads of Linklaters’ Games and Interactive Entertainment Sector explore some of the key global trends shaping the legal outlook for games and interactive entertainment in 2024.
Tackling increasing regulatory hurdles to M&A
Regulatory hurdles to M&A are rising and it has become harder to predict precisely where and how concerns arise, and the conclusions different regulators will reach on whether a deal is problematic.
In 2023 gaming and other tech M&A deals around the world were closely scrutinised by authorities. While there is significant alignment between global regulators about the specific competitive harms that may arise, the risk of divergent outcomes on both substance and remedies is real, especially in a dynamic and innovative market like gaming.
Around the world we see the complexity and duration of reviews extending, with investigations being ever more burdensome. To secure an international merger, it’s therefore critical that parties pay careful attention at the outset to risk allocation and ensure a flexible regulatory strategy to address unexpected hurdles.
Leveraging AI beyond the hype
The rise of generative AI in 2023 brought new insights into the potential for AI to transform business and drive digital change. In online games, AI provides significant opportunities to enhance player experience, improve game development and productivity, and offer new revenue streams. However, as the industry seeks to push boundaries in implementing this emerging technology, managing regulatory and reputational risk is paramount.
The reality of the costs and risks of implementing AI – particularly GenAI – are becoming evident. Concerns focus on the lack of transparency and control, inaccuracy, biased outputs, and the need to protect privacy and intellectual property.
Governments and regulators are grappling with how to regulate AI and agree global standards, and we expect new regulation to be progressed across the globe in 2024. In the meantime, regulators are enforcing data protection and other existing laws to protect gamers and other consumers and the European Commission kicked off 2024 with the launch of a call for information on generative AI and virtual worlds, which will put gaming directly under the spotlight. More already high-profile AI cases and class actions are inevitable in the coming year.
To unlock the potential of AI safely in 2024 and beyond, games companies will need to address the evolving legal landscape and establish the right governance and risk management models in their wider ESG frameworks to safeguard their interests.
Read more: Gaming Series #5: Computer games – player data and AI, Patrick O'Connell (linklaters.com)
Addressing the wave of online safety legislation
A key focus for governments in recent years has been the protection of users – particularly children – against online harms. In October 2023, the UK’s long-anticipated Online Safety Act (OSA) became law, forming part of the complex web of new legislation promoting online safety across the globe including the EU’s Digital Services Act, and Ireland’s Online Safety and Media Regulation Act 2022.
The OSA is one of the world’s most ambitious pieces of online safety legislation, imposing significant obligations on up to 100,000 services. Any platform that offers “user to user” functionality could be in scope, and so games that offer online multiplayer text or video communication, content creation, virtual reality or metaverse functionality, and livestreaming could all be caught.
We anticipate that with Ofcom’s clear focus on protecting children (and requiring companies to do more, for example, on verifying users’ age), games companies with user to user services will be in the regulatory spotlight and need to make significant changes in order to comply with the substantive provisions of the OSA which are likely to come into force in 2025.
As online safety legislation develops across the globe, games companies with regulated services will need to continue to map laws and regulations that apply in different jurisdictions and continue to build and refine their frameworks to meet the requirements of these new regimes. The pace of change in regulation is rapid. Platforms need to invest now to ensure they can keep up with the new expectations regulators are placing on them across the world.
Read more: Gaming series #2: Online Safety and Gaming – EU and UK Approaches to Regulation, Guillaume Couneson, Jemma Purslow, Annabel Sim, Garance Dekeyser (linklaters.com); Gaming series #4: Age verification of children in the EU gaming sector - not child’s play, Faustine Piechaud, Sonia Cissé (linklaters.com)
Commercialising player data across borders
Data has proven incredibly value to games companies as they develop their operations. Analysing data on player behaviour, preferences, and in-game interactions enables developers to improve their product offering, and to devise targeted strategies for promoting in-game purchases and offering incentives to keep players interested. However, data and consumer protection regulators from a range of jurisdictions have indicated that they are monitoring the use of AI in computer games for commercialisation and engagement.
Further, in a climate of rising global tensions and growing national security concerns, governments are increasing restrictions on data exports to protect data sovereignty and the privacy of data subjects. This is impacting the free flow of data across borders to a single data centre and the ability of multinationals to adopt a centralised approach to achieve operational efficiency.
For games companies to stay ahead in a competitive market, it will be critical in 2024 for them to comply with the growing number of data protection laws and take account of the new rules and frameworks affecting international data.
Adapting to heightened cyber risk
We have seen an increase in cyberattacks in the games and interactive entertainment sector in recent years and high-profile cases have highlighted the significant financial and reputational costs of a cyberattack. Games companies will therefore need to adapt to safeguard their data and ensure operational resilience.
Ten years ago, there was little “cyber security law” beyond the general obligations in data protection legislation to take appropriate technical and organisational measures to ensure the security of personal data. Since then, the volume and significance of cyberattacks has increased dramatically. It is therefore hardly surprising to see a legislative response with strengthening of cyber security laws, including sector-specific and product security laws, Organisations must identify regulatory notification requirements, address specific technical obligations, and focus on supply chains more than ever.
In 2024 it will be business-critical for games companies to ensure that their cyber security programmes (including policies, procedures, and safeguards) are fit for purpose and reflect the evolving regulatory landscape.
Read more: Cyber Security Handbook – The Essential Handbook for In-house Counsel
We are very excited at the prospect of working with our clients and colleagues in this fast-moving area of law in 2024. Please reach out to us if you have questions or need our experts’ help!