This is a blog post by interactive entertainment lawyer Jas Purewal of Purewal & Partners and was originally published on Gamer/Law.
The European Commission has just published a press release and report on the investigation into free to play games which it is coordinating within the European Union. This follows my report back in February 2014 that the European Commission (one of the three legislative bodies in the EU and the prime policy maker) had decided to step into the increasingly thorny field of regulation of free to play games and in-app purchases in the online and mobile worlds. Now the Commission has, seemingly out of the blue, issued a press release explaining what it has been up to all this time.
THE STORY SO FAR:
In January 2014, the UK’s Office of Fair Trading issued “Principles” for free to play games – the first explicit regulation in this area in the world, to my knowledge. Not to be outdone, the European Commission announced in February that it was bringing together several national regulators across the EU to look at this same area. As I wrote at the time, it was unclear how much of this was motivated by a genuine desire to bring concerted EU action, versus how much was politically driven. It was also equally unclear exactly what the Commission was going to do, apart from haul in Google and Apple for a chat.
SO WHAT HAS THE COMMISSION DONE?
It says in this latest press release that it has sat down the EU regulators together and they have all agreed the following four key objectives:
- “Games advertised as “free” should not mislead consumers about the true costs involved;
- Games should not contain direct exhortation to children to buy items in a game or to persuade an adult to buy items for them;
- Consumers should be adequately informed about the payment arrangements for purchases and should not be debited through default settings without consumers’ explicit consent;
- Traders should provide an email address so that consumers can contact them in case of queries or complaints.”
These, the Commission indicated, were the burning issues about which it wanted Apple and Google to do something during that nice chat they were planning to have with them.
THE DISCUSSIONS BETWEEN THE COMMISSION, APPLE AND GOOGLE
The Commission says that Google has been a good boy and will make the following changes:
- “Not using the word “free” at all when games contain in-app purchases.
- Developing targeted guidelines for its app developers to prevent direct exhortation to children as defined under EU law and timeframed measures to help monitor apparent breaches of EU consumer laws.
- It has also adapted its default settings, so that payments are authorised prior to every in-app purchase, unless the consumer actively chooses to modify these settings.”
However, Apple has not played ball:
“Although, regrettably, no concrete and immediate solutions have been made by Apple to date to address the concerns linked in particular to payment authorisation, Apple has proposed to address those concerns. However, no firm commitment and no timing have been provided for the implementation of such possible future changes. CPC authorities will continue to engage with Apple to ensure that it provides specific details of changes required and put its practices into line with the common position.”
DETAILED ANALYSIS: WHAT THE COMMISSION ACTUALLY WANTS, WHAT GOOGLE AND APPLE HAVE (OR HAVEN’T) AGREED
I’ve outlined above the four key objectives the Commission said it wanted to achieve. Let’s compare that to what the Commission is now announcing. In doing so, I want to look at both the press release and the detailed report which the Commission released at the same time. As I show below, the press release skims over the details and in some cases is a little misleading, unfortunately (and, as a result, some of the press reporting about the investigation has been a little misleading I’m afraid).
Objective 1: “Games advertised as “free” should not mislead consumers about the true costs involved”
What the press release says: the Commission says that Google has agreed to “not using the word “free” at all when games contain in-app purchases“. On the face of it, it seems to me like the Commission has got rather more than it seemed to be asking for? Hold that thought until we look at…
What the Commission full report says. Actually, the Commission seems to be suggesting a more nuanced position:
“CPC authorities consider that only apps where in-app purchases are optional can be presented as “free” without misleading consumers….an on-line game cannot be marketed as “free” where the consumer cannot, without making in app purchases, play the game in a way that he/she would reasonably expect. This is to be assessed on a case-by-case basis for each app that includes in-app purchases. Internet platform providers need to ensure that apps that include in-app purchases which are marketed as “free” on their platforms comply with the relevant provisions of EU consumer protection law, as described above.”
Essentially, the Commission is agreeing with the position taken by the UK in its free to play Principles: whether a game can properly be called ‘free’ involves a (subjective) assessment of the game itself. You can’t draw any hard or fast rules based just upon games in general.
Apple doesn’t seem to be playing ball with these requirements, says the Commission. However, Google is a good boy:
“Google has removed the word “free” from its Google Play platforms for on-line games that are free to download but contain in-app purchases. Information about the presence of in-app purchases has been made more prominent and clearer for the consumer.
Google has proposed to display in the future the price range (from the minimum to the maximum cost) of all the in-app purchases offered by each specific on-line game displayed on its platforms. Google has agreed to display the price range information in ways that make it easily accessible to consumers on the app product page. Google will implement this change on Google platforms by 30 September 2014.”
The Commission says that these changes, once made, will mean that Google complies with the relevant EU consumer protection laws. That’s unsurprising, given that the Commission proposed a case by case assessment to whether an app can be called ‘free’ and Google decided that NO app with in app purchases will be called free in future. In other words, Google seems to be going substantially beyond what the Commission actually asked for (most likely because Google thought a case by case analysis would be unworkable). Apple, it seems, refuses to go that far.
UPDATE: my friend Eric Seufert has provided a great analysis of what this could mean for the mobile app economy in practice.
Objective 2: “Games should not contain direct exhortations to children to buy items in a game or to persuade an adult to buy items for them”
What the press release says: the Commission says Google – but, again, not Apple – has agreed to “developing targeted guidelines for its app developers to prevent direct exhortation to children as defined under EU law and timeframed measures to help monitor apparent breaches of EU consumer laws”.
What the Commission full report says. The Commission says that Apple pointed out its developer T&Cs require developers to comply with local law (“Apps must comply with all legal requirements in any location where they are made available to users. It is the developer’s obligation to understand and conform to all local laws“). The Commission said that that isn’t good enough and Apple is responsible itself for legal compliance. Apple responded by offering:
“A specific e-mail address through which enforcement authorities can inform Apple about possible violations of applicable law and coordinate discussions with the developers concerned. It also proposes to designate a specific team to process any such notifications and respond to the appropriate government entity. However, so far no precise implementation date for these proposals has been put forward.”
The Commission also said:
“Clear instructions to the app developers that on-line games involving direct exhortations to children are banned from distribution in the EU market are highly relevant.”
What’s happening here then is that the Commission is arguing that Apple needs to be proactive in making sure iOS apps comply with European consumer protection law, especially regarding children. As part of that, it wants specific guidelines from Apple to developers. Ideally it even wants Apple to undertake its own enforcement action. Apple responded that it will help create a special channel to deal with issues which are raised to its attention, but it won’t police iOS apps itself.
So, it seems a little unfair of the Commission to say in its press release that “Regrettably, no concrete and immediate solutions have been made by Apple to date to address the concerns linked in particular to payment authorisation, Apple has
proposed to address those concerns.” The press release implied that Apple had simply failed to engage seriously or at all with this process. Actually, the full Commission text shows that Apple has been engaged but there is a plain disagreement between Commission and Apple about how much Apple should be involved in the legal compliance of its app ecosystem. That’s an entirely legitimate debate to be had, but it’s not right to suggest Apple was simply not engaged.
What about Google? The Commission says that again Google is being a good boy:
“Google has implemented a dedicated email address for CPC authorities and the European Commission to report to it breaches of EU law appearing on its platforms. Additionally, Google has proposed to clearly draw the attention of game developers world-wide, through the Google Developers Console, to the specific prohibition on exhortation to children laid down by the UCPD for any game distributed on the EU market. Google will fully implement this proposal by 31 July 2014.
Google has undertaken to act swiftly when a non-compliant game is brought to its attention. This includes the immediate review of each complaint and, as appropriate, either to contact and warn the trader concerned or to directly remove the infringing app from Google platforms. Where Google encounters serious or repeated breaches of the relevant EU consumer protection legislation, and in particular breaches of the ban on exhortation to children, Google will ban the trader from offering apps on Google Play platforms.”
So, Google is putting in place a system under which it can be notified of problematic apps and will have a sanctions process which ultimately involves taking the app down and banning the app developer itself. Again, the Commission says this will tick the box for EU consumer protection law.
Clearly, what Google has offered goes further than either Apple or Google does right now. However, to my mind it’s not hugely more detailed or helpful than what Apple offered – it just has some deadlines attached to it. In return, Google is given the seal of approval but Apple was not. What seems to have fallen between the cracks though is the demands from the Commission that Apple and Google proactively investigate their own ecosystems. Apple was lectured about that, but the Commission says nothing about it when it approved of Google’s stance.
Anyway, all of this tells me we can expect some changes to the Google Play store imminently. Sooner or later, Apple will need to engage with this, too.
Objective 3: “Consumers should be adequately informed about the payment arrangements and purchases should not be debited through default settings without consumers’ explicit consent”
What the press release says: the Commission says Google has agreed to “adapted its default settings, so that payments are authorised prior to every in-app purchase, unless the consumer actively chooses to modify these settings”.
What the full Commission report says. Again, the position is rather more nuanced. The Commission makes a wide range of points about payment arrangements and Apple. I’ve summarised them as:
- The standard Apple 15 minute payment authorisation period isn’t enough alone.
- “Consumers must be able to choose between this setting and a setting requiring authorisation of each purchase individually.”
- Furthermore, consumers should be informed about settings’ options not only at the first purchase on a device, but regularly (possibly over a certain period of time) to make sure that their consent to the payment settings has been explicitly given.”
- “Explicit consent to each in app purchase has to be given in any case.”
- “Consumers could be given a possibility to set a maximum amount for in app purchases made without individual payment authorisation.”
- “The information on changing settings made by the consumers should be easily accessible and comprehensible in case they want to change it.”
- “Under the [Consumer Rights Directive], Any purchase must be subject to the explicit consent of the consumer and the trader needs to provide the consumer with the necessary information.”
These changes, if implemented, would be a sea-change in the way in which in-app purchases currently work. The Commission seems to want a FAR more restrictive approach in which users have to explicitly consent to every single purchase, potentially be able to set limits on how can be spent and for app developers to treat each purchase as a separate contract, with all the formalities and consumer protection issues that follow from that.
Apple’s response? “Regrettably, no concrete and immediate solutions to address the concerns linked to payments’ authorisations were proposed to this date…Apple has proposed to address these concerns in the future.” It’s a pity that we don’t have more detail about why or how.
Once again though, the Commission is happy with Google: “Google has begun implementing changes allowing consumers, at the moment of the first payment on a device, to choose between three settings: (i) a password requirement for every purchase (including in-app purchases), (ii) a password requirement every 30 minutes or (iii) never a password requirement. For subsequent purchases on the same device, the settings chosen by the consumer at the first purchase will apply. The current password setting is to be displayed on the settings overview page. Google will implement these proposals by 30 September 2014.
Under the setting requiring a password for every purchase, once the in-app purchase order is started, the user will receive a request for a password. This request will inform the user about the current password settings. Where the password request also allows the user to completely remove the password protection, a warning about possible unauthorised purchases will be displayed prominently.”
Again, although this seems to be less than what the Commission actually asked for, the Commission says that if Google actually does these things then it will be compliant with EU consumer protection law. Again, it also means we can expect some fairly imminent changes to Google Play…but not I suspect going so far as to make Google Play developers change their own working practices. We’ll see.
Objective 4: “Traders should provide an email address so that consumers can contact them in case of queries or complaints.”
What the press release says: nothing. Which is odd.
What the Commission full text says: “Apple has proposed to create and display an email address that customers can use to contact Apple with concerns about their purchases on Apple’s platforms. Apple states that it will also make it possible for consumers to contact developers directly, via a support URL provided on all store pages on which Apple is making content available in the EU. A date of implementation of this proposal has not been provided“. This, the Commission says, would be OK.
Google is going a way further than Apple:
“Google displays the game developers’ name, website and email address on the specific app product pages. Google will display the developer’s geographical address on each specific app product page for all on-line games that are paid and/or include in-app purchases and will add an email contact information link on Google Play. Google will implement this proposal by 30 September 2014.
Google has proposed to strengthen the product support by, e.g., introducing maximum time limits for developers (5 days – going down to 24h in cases that Google notifies to them to be urgent) to respond to consumer inquiries. At the same time, it has proposed that, if app developers provide inadequate user support, they will first face warnings and then possibly removal of their apps or, in the most serious cases, even the developer’s ban from Google Play platforms. Google will implement this proposal by 31 August 2014.
In addition, Google has made available an email address that allows national enforcement authorities and the Commission to report breaches of the law directly to Google.”
Again we have this reference to Google implementing a process which ultimately could be used to shut down an app developer’s account completely for failure to comply with EU law.
WHAT ABOUT INVOLVEMENT FROM THE ACTUAL GAMES INDUSTRY?
The Commission says in its press release that:
“Member States enforcers and the European Commission have also invited the associations of online game developers and platforms to reflect on concrete measures that they could take to address the issues raised in the common position, including the possibility for guidelines or standards incorporating the CPC position.
Enforcement, including possible legal action, is in the hands of the national authorities which will now consider how to address outstanding legal issues.”
So it seems that the Commission is interested in Apple and Google, the two largest gatekeepers in the mobile world, but not so much the games industry which makes the games it is investigating. The Commission simply noted in its detailed report that it has invited the three industry associations with whom it consulted to prepare some kind of guidance or proposals regarding the enforcement of EU consumer protection laws.
Consequently, the risk of any one games developer or publisher having legal action brought against it seems – in my eyes – to have fallen somewhat. Unless, of course, an individual national regulator decides to take legal action against them – and so far only the UK seems to have any appetite for that.
I’m a little surprised, based on what the Commission said when it announced this process. I was expecting some kind of guidance or admonishment, even if at a high level, to European games developers and publishers.
Google has set itself a series of deadlines for implementing these various changes. Otherwise, that seems to be it: the Commission is effectively ending the investigation and passing the torch on to any regulator(s) which want to carry out local investigations. That seems to be it.
So, it seems like in some cases the Commission has got what it wants – in particular, it has secured some fairly significant changes to the Google Play store. However, looking at the wider landscape, I have to question exactly how far along we are in addressing the issues identified by the Commission itself in February 2014. Apple is only partially involved. Google is taking part, but the real devil in the detail is yet to arrive because we don't know what Google will say is ok in terms of free to play game design, mechanics, marketing etc. That's far more important I think than IAP timers. Anyway, to continue: we don’t seem to have the other Android platforms involved. No other mobile or social platforms are explicitly involved (it’s almost as if only Apple or Google have any control over free to play games!) The games industry associations and the actual games industry don’t seem to have told much about what they should or should not be doing. The Commission now seems to think its work is done. The national regulators, they who have actual power to enforce EU consumer protection law, have said nothing about all this. The UK remains the only actual EU regulator with specific free to play rules (which go into these issues in far more detail) and, thus far, it has done nothing with them publicly.
It feels like free to play games and in app purchases are now firmly on regulators’ radar, as I and others have been concerned about for some time, but as yet there is no clear direction to where the regulators are going with this. There are clear and existing EU consumer protection laws which apply to free to play games and IAP and in many cases I’m afraid to say they are not being complied with. But the industry as a whole is not much further than it was last year in having these issues addressed or learning how to comply with those laws, or even perceiving much of a kick to start doing these things. The European Commission has now raised a series of concerns about how free to play games are being regulated, then at best done a partial job in trying to resolve those concerns.
For all that, these questions have not and will not go away- there is too much consumer attention, and frankly money, going into free to play games and in app purchases generally, for them to go away. Sooner or later – and I suspect sooner – this topic will be revisited by regulators or courts, probably in both the US and the EU. Until then, Google is going to make a series of changes to Google Play, Apple will continue to stand somewhat aloof, and the games industry will have to watch and wait for the next move in this nebulous dance.