According to statistics released by Tencent Game in 2025, the total number of players has exceeded one billion in their six most popular games operating in China, among which ten percent turn out to be in their teenage years (Delta Force, “Registered users across the platform have surpassed 40 million”). These figures point to the fact that teenage players form an essential part of the user group targeted by the Chinese video game giant. However, parents’ apprehension over their teenagers’ growing gaming addiction has also escalated to the degree that official regulations are requested to address the issue.
In 2021, along with the Ministry of Education of China, several local municipal governments and game companies agreed to a new policy asking that face recognition and ID binding are required in all games to properly monitor teenage players’ screen time (“Notice of the National Press and Publication Administration on Further Strengthening Regulation to Effectively Prevent Minors from Becoming Addicted to Online Games”). So far, many video games like Honor of Kings and Genshin Impact have started requiring users to verify their ID numbers and complete face recognition when logging in. In case that an account is registered using the identity of a juvenile, the account holder is then allowed to play one hour only on weekends.
While these measures have achieved tangible results in curbing underage users’ gaming addiction, they also have raised profound concerns about privacy and civil liberties–unlike conventional account verification, where the user only needs to authenticate their phone number with the game firms to access games, face recognition and identity verification rely heavily on the collection and storage of highly sensitive biometric data. On the other hand, face recognition records face features, which cannot be changed once compromised. As such, any data breach or misuse may expose millions of Tencent’s users to identity theft or other forms of privacy rights infringement.
Often, children and adolescents have not been adequately educated on the risks of sharing personal information, which also discourages them from understanding the long-term, irreversible risks of biometric data breach or misuse. For them, doing face recognition or identity verification is merely a chore-like step before enjoying the game, without realizing that their personal data will be stored in the database indefinitely since they do not seem to have the patience to read through terms and conditions–even though these platforms demonstrate evidence of compliance with regulations validating data collection that informs users of how their data will be used, many users, especially minors, simply scroll down to the bottom and tap to accept the terms and conditions. Simply put, procedural propriety, aligned with data ethics by asking that individuals must have the right to autonomously and meaningfully decide how their own information is used, does not necessarily elicit willful consent in the context of Chinese video game regulations.
Facial recognition relies on the storage of highly sensitive biometric features. The risks underpinning data misuse can be insurmountable compared to the conventional method where account verification is handled without involving such sensitivity. Real cases have emerged over the past years since the popularization of AI. The Electronic Arts (EA) Sports Game’s face biometric lawsuit is a typical example in the gaming industry. The company collected facial geometric data with the built-in scan feature in its FIFA and Madden games without obtaining written consent from players or disclosing the rules for data destruction, which violates the Biometric Information Privacy Act (BIPA; “Illinois Legal Investigation: EA Sports Game Face Feature May Violate Players’ Privacy”). Facial data, as unalterable sensitive information, can be easily exploited by cybercriminals for fraud, account cracking, and other illegal activities, causing irreversible harm to players' privacy rights and property. With over one million US dollar loss, the case not only exposes the compliance loopholes in the gaming industry regarding biometric information, but also asserts the unique risks of facial recognition data breaches for the insurmountable and irreversible damage compared to ordinary information leaks (“G.G., by and through Omar Guerra et al v. Roblox Corporation”). Moreover, in 2024 Texas, United States, the globally renowned gaming platform Roblox suffered from a security flaw in a third-party collaborated plugin, resulting in the leakage of facial recognition data collected from approximately 5.2 million users, among whom 31% were American teenagers aged 13 to 17 (Ahmed). These data were exploited by hackers to create highly accurate 3D facial models to validate facial-recognition payment, causing a nearly $2 million collective loss. Additionally, the facial features of some underage users were used to generate pornographic videos, which were later spread widely, leading to multiple cases of psychological trauma among teenagers and family lawsuits.
To resolve the contradictions derived by technological surveillance, it is necessary for the government, enterprises and society to form a multi-party governance model. While ensuring public safety, the bottom line of individual rights should also be firmly established. For the government, an independent third-party supervision mechanism should be devised–an independent committee comprising experts in law, technology and education to conduct assessments of data security and compliance of game companies on a regular basis, while also ensuring that the implementation of privacy protection measures is properly under close supervision. As for game companies, they are encouraged to take their own accountability by minimizing data collection with more lightweight verification methods, such as AI-assisted judgments based on behavioral patterns, so as to reduce their sole reliance on biometric data.
Works Cited
Ahmed, Deeba. “149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online.” HACKREAD, https://hackread.com/logins-roblox-tiktok-netflix-crypto-wallets-found/. Accessed 29 January 2026.
Delta Force. “Registered users across the platform have surpassed 40 million.” Douyin, 2024, https://v.douyin.com/Te7xIignlvA/ J@v.fo 03/17 xSy:/. Accessed 30 January 2026.
“G.G., by and through Omar Guerra et al v. Roblox Corporation.” Dockets & Filings, 21 Nov. 2025, https://dockets.justia.com/docket/california/candce/3:2025cv10137/460283. Accessed 29 January 2026.
“Illinois Legal Investigation: EA Sports Game Face Feature May Violate Players’ Privacy.” ClassAction, 28 Feb. 2024, https://www.classaction.org/electronic-arts-game-face-privacy-lawsuit. Accessed 31 January 2026.
“Notice of the National Press and Publication Administration on Further Strengthening Regulation to Effectively Prevent Minors from Becoming Addicted to Online Games.” The State Council The People’s Republic of China, 30 Aug. 2021, https://www.gov.cn/zhengce/zhengceku/2021-09/01/content_5634661.htm. Accessed 31 January 2026.