Cheating in esport: Can I monitor employees?

For numerous reasons, the topic of cheating in esports is currently very hot and controversial. But can I actually track my players to prevent cheating?

My articles on cheating in esports and toxic behavior are currently in high demand. And I think that rightly. Because a “clean” esport will be important for public perception in the future. But “cheating” is also a very underestimated topic among organizations and tournament organizers. Above all, many managers or managers underestimate how much financial damage can be done. A damage that can be quickly quantified not only by the fact that you may not get paid a single tournament win.

But as an organization, can I monitor a player, for example, when they train at an organization’s performance center. This is comparable to the legal question, which in classical professions can be compared with things like camera surveillance.

No covert surveillance?

Covert surveillance is not allowed in principle, as this would be a significant interference with the player’s personal rights. The exceptions are very limited, e.g. when a camera can help to investigate a crime. However, since the monitoring of PCs of the team itself is also very problematic, at least without an absolutely legally secure company agreement, actions by the organisation as an employer (or as a client within the framework of marketing contracts) should never be taken without advice.

An enterprise agreement is also important because otherwise you have problems with the monitoring of personal content on the respective PCs, e.g. when the player arranges a doctor’s appointment or chats with his girlfriend.

It is therefore crucial whether you want to control official or private content. Official e-mails and websites accessed by the service may be tracked and checked by each employee. Consequently, in the case of esports, this should of course also apply to the official use of a PC, e.g. in a performance centre.

Private e-mails and internet use, on the other hand, may not, in principle, be controlled by the employer. In this respect, it may be important to contractually exclude private use of PCs in performance centres or when exercising together, otherwise it will hardly be possible to separate them.

Monitoring allowed?

In order to assess, for example, whether other monitoring is permissible than, for example, by means of a program such as a keylogger, a distinction must be made between whether the employee is aware of the monitoring and whether the monitoring has a legitimate purpose. Surveillance must not merely harass or put employees under observational pressure. The hurdles are quite big, so it should be considered whether anti-cheating measures are simply technically solved by “normal” players having no rights to install any other software.

Of course, this is certainly difficult to impossible to implement for the regularly freelancers who also play on their own PCs, even if it is possible to conclude an enterprise agreement (or an addition to a marketing contract) that allows the installation of monitoring software. Optimally, players are provided with hardware that cannot administer them themselves and/or where private use and the relevant esport titles are neatly separated.

It should also be noted that the use of monitoring software is generally not permitted without cause. In 2017, the Federal Labour Court had to decide on the supervision of a softwar developer by means of a keylogger and concluded that the employer was not allowed to use the data obtained from the use of the keylogger, as the monitoring was illegally right to informational self-determination.

In the FOPH’s view, this would also have been different if the employer had had a specific reason for monitoring, i.e. if there was a suspicion of cheating, for example.

Data protection and fundamental rights

The organisation (whether as an employer or marketing partner) must always take into account the individual rights of employees, freelancers and data protection when monitoring. In principle, any kind of surveillance violates the personal right of a person under Article 2(4) of the 1 GG in art. 1 GG in the form of the right to one’s own image and informational self-determination. Such interference with fundamental rights must therefore always be proportionate. The provisions of the GDPR and the rights of the data concerned must therefore always be respected. Legally, therefore, it is quite a challenge.

As a result,

Monitoring should not take place without legal advice. In the best case, the data obtained is only not usable, in the worst case you even expose yourself to claims of the employee or the contractual partner.

Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.