
Warning: *privacy not included with this product
If you're a serious PC gamer, you probably use Steam, the online game store, community, and place to go to find and play over 30,000 games. Owned by Valve, Steam recently launched their handheld console, Steam Deck, to let PC gamers play someone other than their PC. And so far, based on how hard it's been to get a Steam Deck, the latest video game console referred to as a "Nintendo Switch for adults" by one publication, is a success. That's all fine and dandy, but how does Valve's Steam Deck do at privacy? Well, eh, they aren't the worst, we'll give them that.
What could happen if something goes wrong?
Good news! Valve's privacy policy, which covers the Steam Deck and the Steam store, doesn't raise any huge privacy concerns for us. It’s a little vague for our tastes, but we didn’t see any big red flags. We like that they say they don't require users to provide a real name when signing up for a Steam User Account. You will need to provide an email and a user name, and then will be assigned a Steam ID number that will be used to reference your account, rather than something more personally identifiable. This is good. Of course, Valve still says they can collect personal information on you, including any information you provide identifying yourself in posts to chats or message boards, so, as always, be aware of what you share online.
We also like that Valve says they don’t sell data. Yay! They make no explicit mention in their privacy policy if they share data with third parties for targeted advertising purposes. It’s always nice when a privacy policy explicitly states they do or do not share your personal information like that. However, you can bet that Valve knows what games you're playing, when you’re playing, for how long, and the like so they can target you with ads for similar games.
Valve does say they can process anonymous data and they may share anonymous data, aggregated or not, with third parties. This is a fairly common practice and doesn’t worry us too much. However, it is always good to remind people that some anonymous data has been found to be relatively easy to re-identify.
Here’s the bad news about the Steam Deck though. We can’t confirm it meets our Minimum Security Standards because we can’t confirm it uses encryption or if Valve has a way to manage security vulnerabilities. We emailed Valve three times with our privacy and security questions and haven’t heard back from them. There is a lot written out there on the internet about how to set up encryption on the Linux-based SteamOS yourself. However, we don’t think that users should have to go through that to protect their data.
What’s the worst that could happen with your brand new Steam Deck playing all those games online? Well, Steam is an online gaming community and those have been known to be pretty toxic, especially to women, the LGBTQ+ community, and minority gamers. So, be careful what you share on those public chats and message boards. Because while Valve might indicate they are doing a decent job handling your personal information, we’re not so sure every person on Steam will do the same. You don’t need to get doxxed or swatted or whatever the latest form of gaming harassment is because you overshared (or heck, just even shared) while playing Call of Duty.
Tips to protect yourself
- Do not sign up with third-party accounts. Better just log in with email and strong password.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- When starting a sign-up, do not agree to tracking of your data if possible.
Can it snoop on me?
Camera
Device: No
App: N/A
Microphone
Device: Yes
App: N/A
Tracks location
Device: No
App: N/A
What can be used to sign up?
Yes
Phone
No
Third-party account
No
What data does the company collect?
Personal
Email address and country of residence
Body related
Social
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In 2020, CheckPoint found four major vulnerabilities in the popular Valve games networking library. All vulnerabilities were acknowledged and received CVE’s. There were four major vulnerabilities in total.
In 2019, Valve investigated Epic’s use of Steam data after users raised privacy concerns on Reddit.
Child Privacy Information
Can this product be used offline?
An online connection is required to download games and play online multiplayer games. Once downloaded, some games can be played offline.
User-friendly privacy information?
Links to privacy information
Does this product meet our Minimum Security Standards?
Encryption
Strong password
Security updates
Manages vulnerabilities
Privacy policy
Dive Deeper
-
Pressure grows on Valve to unplug Steam gaming platform vulnerabilitiesPortSwigger
-
Standard Privacy Report for SteamCommon Sense
-
Game over? Vulnerabilities on Valve’s Steam put hundreds of thousands gamers at riskCheck Point
-
Valve to investigate Epic’s use of Steam data after users raise privacy concernsMCV/Develop
-
After 14 years, Steam finally gets some decent privacy settingsMashable
-
4 security bugs discovered in games on Valve’s Steam platformTechRepublic
-
Steam Pulls Game After Dev Goes On Transphobic Rant Against KeffalsKotaku
Comments
Got a comment? Let us hear it.