My sincerest apologies in advance to the moderators of /c/games if the below is not suitable for the community. This is extremely loosely related to gaming but concerns a significant player in the industry.
On the morning of Monday, 2024 11 25, I received a text message from my bank notifying me of a potentially fraudulent transaction of $0.00. This resembled some kind of a service test charge.
I was amused to see this was sufficient to trigger such a response from my bank. My account had been paused and my card transactions were halted as a result, though I’m grateful for their diligence.
Looking at the message, it appears to have been from Blizzard Entertainment:
The first time I dealt with them as a customer was around 2016 or 2017. Overwatch was on sale and my friends urged me to pick it up. It wasn’t my sort of thing and I quickly put it back down.
I was stupid enough to buy Destiny 2 later on in 2017. The long-timers (or most likely, former players) amongst you may recall that D2 was only available through BattleNet on PC. I think they moved away to Steam a couple years later after parting ways with Activision, and I linked my Steam account to complete the transfer around this time.
Fast-forward to October 2019 and the “Blitzchung controversy”. I don’t wish to expand on the topic here. I didn’t agree with Blizzard’s actions around that event, nor did I have any particular reason to retain my online account with them, so I decided to delete it in some extremely minor form of protest.
I can only presume they employed this tactic as some sort of deterrent, though I was fairly sure it couldn’t legally be enforced; what business did they have to ask this of me? They’ve never needed my drivers license or passport photo before?
After a lengthy back and forth with their support agents, I decided to send them a GDPR data erasure request instead. They immediately honoured my request and notified me that my account and all associated PII would be removed from their systems.
Just over five years later, and I’m randomly greeted with this fraud alert. Mondays are particularly busy for me, as I’m sure they are for many of you. I cursed as I glanced at phone that morning. I don’t need more stuff to deal with.
I immediately called my bank and rectified the situation, though I wanted to understand how this happened to begin with. Whilst I was still on the phone to them, I confirmed that:
My last payment to Blizzard Entertainment was in 2017 (2 years prior to my GDPR data erasure request)
The attempted transaction on Monday originated from Irvine, US (location of their HQ - it wasn’t someone using my card details)
I decided to write to Blizzard’s customer support. They appear to have a section dedicated to unauthorised payments. My endeavours were unsuccessful.
After explaining all of the above, I pressed them on several key points:
What is the purpose of this charge and why did this happen?
What data are you retaining on me?
Has another user attempted to use my payment information (at this point, I’ve no reason to suspect my payment info has been compromised)
What will you do to prevent this happening again?
I wasn’t satisfied with the first response, so I tried again later on.
Check if you have an active World of Warcraft subscription
Couldn’t you folks have done that?
Check your recent purchases in your Transaction History
(I had already explained that I had done this as part of my initial query to them)
Make sure that you are logged in to the correct Blizzard account
“An extensive research” to be sure
All of these questions were completely sidestepped. I began to suspect that these were bot generated or generic, canned responses.
If you are indeed real people, and you somehow stumble upon this post, please know that I’m sorry to call you out, and I know you’re dealing with my case using the resources you have available.
So why am I mentioning any of this here?
I would love to know if any of you took the same action as I did back in 2019:
Did you attempt to close your account following the HK tournament controversy?
Did you face the same level of resistance as I did?
Did you follow up with a data erasure request?
Do you have any reason to suspect that Blizzard are still retaining data on you in 2024?
An associate of mine has pointed out that they may have a legal obligation to retain some records despite my request for data erasure. The question is, why was this service test charge placed?
I think you’re going about this wrong. You need to represent this as a potential legal issue so they pass it off to the legal department, who will then do things to cover their ass
You don’t want to threaten, just make it legalese enough to make customer support get nervous. Something like citing GDPR sections and expressing your concerns that they have not properly complied with your legally mandated request, then officially requesting all data they still have on you and citing that section of law
Smart…well damn, if they’re that blasé about it I’d consider it a public service to escalate. You could contact Microsoft’s legal department, they might take it more seriously
You could also reach out to an organization like the ACLU in your country, they may or may not do anything with it, but they’ll probably make note of it at least. It could push them to take action in the future
FWIW, I respect you for going this far, and doing so intelligently. It might just be a little thing, but it’s fighting for your rights. Every inch matters, because they’ll take them all from us if they can
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]
Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.
I think you’re going about this wrong. You need to represent this as a potential legal issue so they pass it off to the legal department, who will then do things to cover their ass
You don’t want to threaten, just make it legalese enough to make customer support get nervous. Something like citing GDPR sections and expressing your concerns that they have not properly complied with your legally mandated request, then officially requesting all data they still have on you and citing that section of law
I did that in my communications to their support staff.
I’ve also attempted to contact their legal dept directly with no luck.
Smart…well damn, if they’re that blasé about it I’d consider it a public service to escalate. You could contact Microsoft’s legal department, they might take it more seriously
You could also reach out to an organization like the ACLU in your country, they may or may not do anything with it, but they’ll probably make note of it at least. It could push them to take action in the future
I’ve reached out to the ICO, hadn’t thought about it but I suppose I could try MS legal as well. Good idea
FWIW, I respect you for going this far, and doing so intelligently. It might just be a little thing, but it’s fighting for your rights. Every inch matters, because they’ll take them all from us if they can