Epic has responded to growing concern its launcher accesses users’ Steam data without permission.
The company responded to a post on the subreddit for Phoenix Point, itself the focus of a controversy after signing a deal to go exclusive with the Epic Games store for a year, in which a user revealed the Epic Games store client pokes around your computer when it shouldn’t.
In the post, titled Epic Game Store, Spyware, Tracking, and You!, redditor notte_m_portent accused Epic of running processes and making attempts to access DLLs and root certificates without letting the user know. According to the post, the data obtained was found to be sent to Epic, and the Epic Games store app was found to store hardware information in the registry.
As you’d expect, this post sparked a great deal of concern, which promoted Daniel Vogel, VP of Engineering at Epic to step in with a response.
Vogel then confirmed the launcher scans your active processes to prevent updating games currently running, but insisted this information was not sent to Epic.
“We only import your Steam friends with your explicit permission,” Vogel added. “The launcher makes an encrypted local copy of your localconfig.vdf Steam file. However information from this file is only sent to Epic if you choose to import your Steam friends, and then only hashed ids of your friends are sent and no other information from the file.”
Much of the discontent about the Epic Games store appears to relate to Epic’s link with Chinese company Tencent. Tencent, which is one of the biggest game companies in the world, owns a part of the company, and some people are concerned their data may end up in the Chinese government’s hands as a result. But Epic boss Tim Sweeney remains in control, Vogel said.
“Epic is controlled by Tim Sweeney. We have lots of external shareholders, none of whom have access to customer data.”
Vogel’s post sparked a number of responses from users wondering why Epic’s launcher did all this behind the scenes work in the first place – and apparently without permission. As redditor eorl put it: “My profile on Steam is set to private, yet you are snooping around my local disk scanning Steam and I’ve not even connected Steam to Epic.
“You can’t excuse this one on the basis of data collection because this isn’t your application you are lifting from, especially when we haven’t even allowed you to do so. This is straight up spyware shit and it’s fucking disgusting.
“Also thanks for that weird as fuck last line. I’m glad to know it’s just Tim goggling at my private data.”
Later, Sweeney himself stepped in to say Epic was working to tweak the way the Epic Games store worked in response to the criticism.
In his post, Sweeney said Epic “ought to only access the localconfig.vdf file after the user chooses to import Steam friends”, before admitting he himself was to blame.
“The current implementation is a remnant left over from our rush to implement social features in the early days of Fortnite. It’s actually my fault for pushing the launcher team to support it super quickly and then identifying that we had to change it. Since this issue came to the forefront we’re going to fix it.”
Despite Epic’s attempt to clear up how the Epic Games store actually works, user scrutiny and scepticism doesn’t look like it’s going anywhere. There appears to be a groundswell of discontent at the company’s attempt to disrupt Valve’s control over the PC gaming market, and a pushback on the drive for Epic Games store exclusives from the hardcore PC gaming community.
Of course, it’s early days for the Epic Games store, which only launched in December 2018. Still, in just a few months, it’s certainly set the cat among the pigeons.