Epic Games’ Launcher looks to be scraping your local files for data involving your Steam games and Friends list.
Now if any of you have the Launcher I would highly suggest reading the link and replicating the test yourself. Once I have time, I will definitely test this myself and post my findings in this thread.
Overall, my thoughts about this is the Epic Launcher could literally be branded spyware. I probably won’t ever install it on my main PC, but I am curious at seeing these results for myself so I will likely be building a VM environment to test.
This may be old news to some of you, but I feel it is important to note that Steam Spy and what Epic Launcher is doing are vastly two different things.
Steam Spy collects publicly available information across Steam’s websites and profile data user’s leave public. The Epic Games’ Launcher on the other hand is allegedly scraping your hard disk for identifiable information linked to Steam. Regardless of whether you agree to this or not, I believe this shouldn’t be done in the first place since it is basically using the Users as a proxy for Spyware into Epic’s competitors.
THE REST OF THIS IS WIP FOR MY PERSONAL TEST RESULTS.
P.S. This could probably be classified under #gaming as well, but regardless, it is also #community:policy-tech.
P.P.S. procmon may trip your anti-virus, it is a false positive.
copy paste from article 1 for those that dont click links before they type
Update: Epic Games Response
We use a tracking pixel (tracking.js) for our Support-A-Creator program so we can pay creators. We also track page statistics.
The launcher sends a hardware survey (CPU, GPU, and the like) at a regular interval as outlined in our privacy policy(see the “Information We Collect or Receive” section). You can find the code here.
The UDP traffic highlighted in this post is a launcher feature for communication with the Unreal Editor. The source of the underlying system is available on github.
The majority of the launcher UI is implemented using web technology that is being rendered by Chromium(which is open source). The root certificate and cookie access mentioned above is a result of normal web browser start up.
The launcher scans your active processes to prevent updating games that are currently running. This information is not sent to Epic.
We only import your Steam friends with your explicit permission. The launcher makes an encrypted local copy of your localconfig.vdf Steam file. However information from this file is only sent to Epic if you choose to import your Steam friends, and then only hashed ids of your friends are sent and no other information from the file.
Epic is controlled by Tim Sweeney. We have lots of external shareholders, none of whom have access to customer data.
I assume it depends if they are telling the truth. Just making a local encrypted copy of your Friendlist on your PC shouldn’t be a Problem (in terms of GDPR). If they actually default to sending it to Epic, that’s a different story. From the comment above, it sounds like the first is the case and it’s only send after explicit consent. Plus, it also seems like no personally identifiable data is send, “just” hashed IDs, which wouldn’t fall under GDPR anyways.
All this assumes Epic is telling the truth (not sure about the source of @kewidude007). I get the concern. We all need to watch closely what companies do with our data. But in the end, you don’t get features for nothing. Most of us want our Software to be convenient and interoperable. For this to happen, there are some things that have to be done. You are still free to not use it.
I don’t feel it’s that big of a deal. It should be clear, that importing your Steam Friendslist would share that data with Epic. It also isn’t enabled by default. All of this assumes, of course, that Epic is telling the truth in that regard.
Hello extra reasons to not use Epic financial power store…
They pay for anticompetitive anticonsumer games exclusivity, they lack features, they got hacked 3 or 4 times already, and now they are tracking the data from your other game launchers…
Eat shit Epic … GOG don’t do shit like that and Steam is still 100 times more convenient to use…
Well, I’m not using it. The exclusivity of games leaves bad taste in my mouth enough. Free games wise I don’t care. That is just another straw in the bale…
I’m the same way as well, but I am more interested in seeing if I can replicate the initial users results, so really the only thing slowing my testing is my daily responsibilities like work and shit.
I don’t like any of it. I don’t like the OP on Reddit. I don’t like any of the responses by Epic. The whole thing just reeks and makes me nauseous. It is like Epic is personally trying to move the goalposts on what constitutes a legitimate business practice and is totally not malware/spyware/Orwellware.
I appreciate this thread so much and I am uninstalling the Epic launcher and all related products now. There is a special place in hell for Sweeney.