[Update 3/16/2019:] Valve has responded to the news about Epic Games Store datamining Steam user data from the local drive, and have stated that they are investigating the issue.
[Original article:] Some gamers were messing around with the process data when opening up the Epic Games Store client, and they found that the client appeared to datamine through user folders and Steam account information. Epic Games founder Tim Sweeney responded by saying that the data parsing and meta sifting is only to import Steam friends into the Epic Games Store client.
It started with a thread over on MetaCouncil.com, where users discovered that the Epic Games Store was scanning user data on their hard drive. This was followed up by other tests, including Twitter user Streletskiy, who warned users not to use the Epic Games Store client because it datamines your user data.
Don’t install Epic Games Client…
Don’t support Epic Games
Epic/Tencent wants to read and encrypt your Steam account data/metadata
Epic/Tencent wants to spy on you
— Streletskiy (@_s_t_r_e_l_o_k) March 14, 2019
Some people responded by saying that they have to use the Epic Games Client due to using the Unreal Engine 4 tools, which are only accessible through Epic Games’ client.
even more reason to worry.
— Streletskiy (@_s_t_r_e_l_o_k) March 15, 2019
This was tested and scrutinized by multiple engineers and data analysts, prompting multiple threads across social media to pop up.
Epic Games vice president of engineering, Daniel Vogel, attempted to clear up what was happening by responding to one of the threads over on the Phoenix Point sub-reddit, writing…
“We use a tracking pixel (tracking.js) for our Support-A-Creator program so we can pay creators. We also track page statistics.
“The UDP traffic highlighted in this post is a launcher feature for communication with the Unreal Editor. The source of the underlying system is available on github.
“The majority of the launcher UI is implemented using web technology that is being rendered by Chromium (which is open source). The root certificate and cookie access mentioned above is a result of normal web browser start up.
“The launcher scans your active processes to prevent updating games that are currently running. This information is not sent to Epic.
“We only import your Steam friends with your explicit permission. The launcher makes an encrypted local copy of your localconfig.vdf Steam file. However information from this file is only sent to Epic if you choose to import your Steam friends, and then only hashed ids of your friends are sent and no other information from the file.
“Epic is controlled by Tim Sweeney. We have lots of external shareholders, none of whom have access to customer data.”
This still did not sit well with a lot of gamers who felt uneasy about the Epic Games Store.
Tim Sweeney, Epic Games’ founder, was inundated with requests and comments about the datamining from the Epic Games Store.
On March 14th, 2019, Sweeney proceeded to discuss the issue across a series of tweets, answering questions as well as addressing the accusations that Epic Games was gathering data for Tencent Gaming, which has a 40% stake in the company. Sweeney stated…
“Oh no, Steam friends are only sent to Epic if you explicitly import Steam friends, and then only hashed IDs of Steam friends, so that we can’t personally identify them but only match up pairs of players who both imported Steam friends.
“[Game list and time played] information may be in the Steam file, but the Epic Games launcher doesn’t parse that information and never sends it to Epic. The only information that is ever sent to Epic is hashed friend identifiers, and only when you explicitly import Steam friends.
“[…] This is Epic’s product. I control the company and am 100% responsible for our company and decisions. Tencent has no involvement with this nor access to data.”
This was reiterated again after Sweeney made comments back in December of 2018, absolving Tencent of having any say-so in Epic Games’ dealings. Users had accused Epic of violating GDPR standards when it came to customer privacy.
The issues surrounding the digital storefront have been plenty and consistent, mostly due to the lack of user reviews, a lack of a forums, or the ability to play in offline mode.
This datamining issue certainly won’t make things easier or more palatable for fence sitters trying to determine if the client is worth using.
(Thanks for the news tip zac za and minuteworld)