Date : 11/01/2024

Relevance: GS Paper 3 – Science and Technology ( Also Relevant for GS Paper 3 – Indian Economy – Gaming Industry)

Keywords: DDoS attacks, Malware, Money Laundering, EGBA

Context-

The evolution of the gaming industry from the iconic Pong in 1972 to the modern marvel of Hogwarts Legacy in 2023 is a testament to its profound journey. Often criticized for fostering isolation, video games unexpectedly emerged as a global unifier during the COVID-19 pandemic, witnessing a 26 percent growth between 2019 and 2021. The accessibility revolution, fueled by cloud and mobile platforms, allowed India to claim the top spot with 507 million mobile gamers in 2021-22.

Severity of the issue

In 2023, the global active video game player count stood at approximately 3.09 billion, projected to reach 3.32 billion by 2024. The industry's colossal worth of over US$227 billion in 2022 surpassed the combined revenues of the American film and music sectors. Mobile gaming, constituting nearly half of the industry's value in 2022, has reshaped the landscape, with India experiencing substantial growth. Despite the industry's prosperity, cybersecurity threats have become pervasive, especially with the surge in online gaming. From distributed denial-of-service (DDoS) attacks to phishing, the gaming realm faces a barrage of cyber threats, endangering user information and even classified intelligence, as exemplified by the 2023 leak of sensitive US defense documents on a Minecraft-themed Discord server.

Cyber Threats in Online Gaming: Types and Instances

• DDoS Attacks: A prevalent form of web application attack, DDoS assaults aim to overwhelm servers, causing disruptions. The motives often include gaining a competitive edge by rendering opponents' systems slow and unplayable.
• Phishing Attacks and Personally Identifiable Information Leaks: Phishing, a common social engineering attack, deceives individuals into divulging sensitive information. Leaks of personally identifiable information pose serious threats, enabling identity theft, account takeovers, and more.
• Malware: Malicious software, or malware, threatens users seeking free or discounted games. Legitimate games may also be infected, exposing players to various risks like adware, spyware, ransomware, and viruses.
• Classified US Defence Document Leak on Discord: In a startling incident, classified US defense documents leaked on a Discord server related to the video game Minecraft. This episode underscored the intersection of gaming platforms and sensitive information leaks.
• Cyberattacks on Gaming Companies: Noteworthy breaches include the hacking of Rockstar Games, leading to the leak of Grand Theft Auto 6 footage, and Riot Games experiencing an online social engineering attack. The rise in social engineering attacks, as evidenced by the FBI's complaints, highlights the vulnerabilities in gaming company security.
• In-Game Currency, Gambling Laws, and Money Launderin/bg: The introduction of in-game currencies and loot boxes has sparked controversies, leading to bans in some countries. Moreover, the virtual economy in video games has become a hotbed for money laundering, emphasizing the need for tighter regulations.
• Predatory Practices by Videogame Developers and Dark Patterns: Unethical practices by game developers, exemplified by Epic Games' case, shed light on the misuse of dark patterns and the violation of online privacy protection laws.

The Global Regulatory Scenario

Existing regulations primarily focus on gambling, overlooking prevalent cyber threats in the gaming industry. In the EU, the European Gaming and Betting Association (EGBA) oversees online gaming, ensuring adherence to industry standards. The UK's 2005 Gambling Act primarily addresses online gambling, while the US relies on the Federal Wire Act and the Unlawful Internet Gambling Enforcement Act.

India, in response to growing concerns, implemented new rules in 2023 to regulate online gaming. However, the current framework falls short in addressing prevalent issues like microtransactions, loot boxes, and potential money laundering.

India’s Online Gaming Policy: Critique and Recommendations

While India's new rules signify a step forward, they fail to comprehensively address the challenges posed by online gaming. The focus on real-money games excludes microtransactions and loot boxes, leaving room for exploitation. The absence of provisions regarding content moderation on gaming forums and applications, alongside issues of money laundering, requires urgent attention.

Recommendations

• Incorporate Microtransactions and Loot Boxes into Existing Laws: India should enhance its gaming laws to include microtransactions and loot boxes, potentially adopting a rating system to restrict underage access.
• Empower Regulatory Agencies: The Competition Commission of India should investigate online gaming to safeguard consumer interests and curb predatory practices by developers.
• Address Money Laundering via Virtual Currencies: Include virtual currency investments in the Liberalised Remittance Scheme to monitor transactions, preventing money laundering in the gaming industry.
• Regulate Applications and Promote Safe Gaming: Engage in discussions on regulating platforms like Discord, focusing on content moderation and cybersecurity. Promote safe gaming practices through user education, emphasizing the use of tools like virtual private networks (VPNs).

Conclusion

The burgeoning online gaming community, despite its potential for good, confronts escalating nefarious activities and societal threats. Governments and policymakers must navigate the delicate balance between fostering a growing sector and ensuring its responsible development. As India anticipates significant growth in its gaming market, a holistic approach to online gaming policy becomes imperative. By addressing regulatory gaps, incorporating comprehensive measures, and fostering international collaboration, India can pave the way for a secure and thriving online gaming ecosystem.

Source- Indian Express