Music Modernization Act, Artificial Intelligence, and Cryptocurrency

“Angel Pumping Gas” is not a song about copyright regulatory policy, artificial intelligence, or cryptocurrency. I’m going to use it to round up all three of those subjects in this blog post.

  1. Music Modernization Act: Not Enough Of a Good Thing

“Why won’t this moment last?”

A.

“Angel Pumping Gas” is a 1999 song by the band Lindsey Pool, the second track on the album Postal. The song was circulated around various music sharing sites and services—but it was erroneously attributed to the band The Postal Service. Even now, comments sections on YouTube express surprise concerning the song’s artist. Google’s first result for lyrics attributes the song to The Postal Service. This serves as a clear, simple example of how easily information spreads online, and how difficult it can be to correct information online. If early 2000’s music sharing used a single database held the information for every published song, such an error might have never happened. A new law requires the creation of such a database, but there’s a lot still up in the air.

The biggest open question from the Music Modernization Act is: Who is going to create and maintain the required database of songs and rights holders? The law mentions that a database will be made, presumably by the Mechanical Licensing Collective that the law also creates. This is only forces everyone to ask more questions: who will be on the board of the Mechanical Licensing Collective? What methods will this organization use to create this database?

B.

Measured by content, “Angel Pumping Gas” is little more than an unnecessarily detailed recounting of purchasing gasoline. In fact, the middle two-thirds of the song is an entirely banal description of an entirely ordinary and unremarkable transaction. Only the beginning and ending of the song (and chorus) frame the experience in terms of the romance and desire that the singer feels. It’s either beautiful post-modern appreciation of the beauty in the mundane encounters of our lives, or it’s just a little bit silly.

The Music Modernization Act is either a beautiful resolution of a pressing problem in the music industry, or it’s just a little bit too narrow to be worth caring about. The Music Modernization Act was passed unanimously by the House. Sound Exchange and the RIAA have praised it. It seems like everyone loves it, so I was surprised to learn how narrowly tailored the new law is. It is almost entirely focused on problems specific to digital streaming of music. Though there were issues that required resolution in this area, there remain enormous gaps between current copyright law and the daily use of media and technology. It is unsurprising that the problem that got addressed was one that concerned the rich and powerful (record labels, digital platforms), but they did take the opportunity to include studio professionals in the legislation—a group that has historically be neglected. Music Modernization Act is not as far behind the times as I expected: it’s not a response to Napster, it’s a response to Spotify… but I would still like a more satisfying response to Napster than the DMCA.

 

  1. Artificial Intelligence All Around Us– And We Don’t Know What It’s Doing

“You ask ‘What Can I do?’ I say ‘unleaded fuel.’ You open up my tank and start the pump.”

“Angel Pumping Gas” is a wistful ballad that describes a brief meeting with a filling station attendant, with whom the singer is immediately infatuated. Filling station attendants are rare in 48 of the 50 states (NJ and OR have laws against filling one’s own gas tank… as does the town of Huntington, NY).  The entire premise for the song is slightly alien to the tens of millions of Americans who have always pumped their own gasoline.

For most young Americans in the 90s, gas station attendants were a historical curiosity—something referenced in films in the 50s and 60s. However, for residents of NJ and OR, having someone else fuel your car was a commonplace occurrence. Today’s emerging technologies have the same impact: a device or service is either a commonplace part of your life, or it’s a foreign concept. Twitter, Facebook, Alexa, Smartphone GPS navigation, Netflix, Twitch, YouTube, AmazonPrime- all of these things are, for most Americans, either so commonplace as to be unremarkable, or are simply not part of your life. As technology becomes more integrated in our lives, the difference between so-called “haves” and “have-nots” becomes more pronounced. The very premise of the song creates a divide in the audience: there those who have encountered a filling station attendant, and those who have not.

Our relationship with technology is already creating visible divides in our population. We aren’t always sure who is a bot, though some of us are willing to pay a lot for their art. Even as AI becomes an essential tool for the largest companies that manage important aspects of our lives, the law has no idea how it will handle the legal aspects of a tool that is on a complicated trajectory. Artificial intelligence is steadily becoming more and more commonplace- but the majority of us can’t see how or where AI is being used, much less which systems use what kind of data. Like a teen in the 90’s listening to a song about a filling station attendant, most people who hear about bots and AI have to turn to movies and pop culture references to draw up a mental picture, rather than rely on our own experiences.

 

  1. Cryptocurrency’s Perpetual Hype

“You walk over my way, I didn’t know what to say… I think that I love you, or maybe it’s just the fumes.”

The song details the singer’s desire and longing, wallowing in the idea of feeling a romantic desire for someone he doesn’t know. The song juxtaposes the intensity of the singer’s amorous emotions with the brevity and shallowness of the interaction. Our popular culture mirrors this adolescent infatuation in our reactions to new technologies: sudden, intense waves of excited fervor for a world-changing device or platform that either never arrives or seems to evaporate into the past shortly after it appears. (I have written before about the hype surrounding the Internet of Things… )

Cryptocurrency prices are down, but it doesn’t feel like the hype has suffered at all. The estate of one of the Wu-Tang Clan is starting a cryptocurrency, to be named after the deceased: Dirty Coin. The strangest part of this is that I haven’t seen blockchain applied in the kinds of contexts I expected it to find more success: online games, a new kind of customer loyalty program, or other gimmicky, comparatively low-stakes settings. Perhaps the hype is fueled by risk-taking and gambling, and such settings aren’t thrilling enough. This is unfortunate, because turning down the hype would allow the technology to actually move forward in much more appropriate, smaller steps, rather than trying to change the world all at once.

Is the gas station attendant in the song the destined One True Love of the singer? It’s not impossible. Are there are a lot of fumes around gas stations? In my experience, yes- always, in fact. Will cryptocurrencies bring about a Utopian future? It’s not impossible. Do crowds tend to favor exciting hype over careful, substantive analysis? In my experience, yes- always, in fact.

Conclusion

“We share our precious moment in a glance…  and as I drive away, her memory’s here to stay—her deep blue eyes have left me in a trance.”

The singer bemoans that he needs to leave, as the road calls him away. His lack of control is an unstated axiom of the logic that he must follow. The singer is a passive pawn of forces around him: fate, the road, filling station attendant (her authority to invoke payment and her beauty), the transaction, his emotions. He begins the song by attributing the encounter to fate and concludes with the resigned acceptance that the separation is, perhaps, better for all involved. This is not a song about a person taking decisive actions; this is a song about a consumer making his way through a brief and common transaction in the life of a middle-American.

Society seems to display about as much mindfulness and self-possession in approaching technology. We owe it to ourselves to take more effort and more thought regarding our laws and our technology than an adolescent’s unapproached crush.

Advertisements

Elderwood Academy’s Dicey Trademark Application

Elderwood Academy (technically, Three Frog LLC) has filed an application for a trademark on one of its products. It’s an interesting trademark because it is for the design and shape of the product, rather than a word, mark, or image associated with a good or service. It is the kind of trademark that IP attorneys describe as “trade dress,” which has a special niche place in the world of intellectual property.

A fundamental role of trademarks is to prevent consumer confusion. I actually have two of these products. The first time I saw this product, I believed the manufacturer was Wyrmwood. I was confused about this for over a year—until I tried to buy one from  Wyrmwood’s booth at PAXUnplugged. This is the kind of anecdote that suggests a need for trademark protection.

How Competitors Can Respond to a Trademark Application

When a trademark is filed, it is reviewed by a Trademark Examiner. If there are no problems, the examiner publishes it for opposition from the public. If there are no filings in opposition, the trademark is granted. Wyrmwood is one company that might have an interest in this trademark application; if Wyrmwood wants to eventually make hexagonal dice vaults, this trademark would present a problem for them. Wyrmwood will likely have an internal meeting to decide how to respond to this, and select one of three actions: 1) do nothing and forfeit entry into the hexagonal dice container market, 2) file an opposition with the USPTO explaining why the trademark should not be granted to Elderwood Academy, 3) contact Elderwood Academy and negotiate a co-existence agreement.

The “do nothing” option always has the appeal of being the easiest. However, it is much more difficult to undo that choice later. Even if Wyrmwood has never before thought about making hexagonal dice vaults, and even if they currently have no plans or designs for future production of them, it is good business to imagine the possibility of one day getting in to that market.

The option to file a notice of opposition with the USPTO has some challenges. First, the application is pretty strong. I think there are some weaknesses that could reasonably be highlighted in an opposition filing, but I doubt the trademark would be denied on the basis of the problems I can see. Regardless of the result of the opposition filing, the act of fling it may create tension between Wyrmwood and Elderwood. Preserving positive business relations is important, even between competitors. (In my view, especially between competitors!)

The third option is to work together and negotiate a co-existence agreement. These kinds of agreements are contracts made by parties that have competing or potentially competing interests when a trademark is filed. Sometimes the agreement includes an acknowledgment that a trademark does not infringe or create a likelihood of confusion. Sometimes the agreement will effectively relinquish the use of a trademark in a certain area, or will include a promise to not attempt to enter a certain market or create a certain kind of product.

In this case, Wyrmwood might offer to promise to never make hexagonal dice vaults in exchange for Elderwood’s promise to never make dice towers or deck boxes. There are many promises and exchanges that the two companies might offer in order to avoid any opposition or conflict over the trademark. The two companies (or their attorneys) might create the agreement collaboratively, or they might enlist the services of a mediator to help them explore value-creating opportunities.

Cooperating Competitors

The products made by both Wyrmwood and Elderwood are used by tabletop game players- especially D&D players. The game D&D works best when everyone at the table cooperates, even when characters have conflicting goals/drives/motives. The Dungeon Master likes it when players and characters can work through their differences to cooperate. Otherwise, the DM has to make a ruling and that usually makes at least one player unhappy. In the same way, the Trademark Trial and Appeals Board (the authority that adjudicates trademark disputes) likes it when competitors can reach their own agreements and get along without needed a ruling.

Will Wyrmwood file an opposition? It depends a little on their business philosophy, their future plans, and their relationship with Elderwood. It’s certainly best if they work together.

 

 

The Scare of Abandonware

It’s nice to have law in a society to bring a sense of predictability. Clear and organized laws allow us to understand the consequences of our actions. Knowing the law lets us make choices based on the expected outcomes. However, there are a few areas of law where outcomes are not so obvious. Abandonware is an interesting case of 21st century law. Copyright law simply doesn’t outline what to do when a company publishes a game and then closes its doors. It’s scary for cautious lawyers to discuss because of that uncertainty. As always, this blog post is NOT legal advice– in fact, it’s mostly about why giving legal advice about abandonware is difficult.

How Games Get Abandoned

Abandonware isn’t entirely limited to software, but the differences in technology and industry norms and structure make it a far larger problem for software than any other media. It’s no surprise that book, radio, television, film, or music industries ever needed a statute on abandoned works.

When game studios close, they are often bought by other, larger studios- or at least their IP assets are. However, sometimes the IP of a studio doesn’t get purchased – it just gets abandoned. Copyrights in the US last at least 70 years. Although courts have ruled that not every work has a recognized owner at the time of creation, courts have not definitively addressed the issue of abandoned works. (It is possible to officially declare a work abandoned and part of the public domain, but this is not automatic for IP that is simply left behind by a defunct company.)

Who Would Have The Right To Sue?

There are a few fundamentals that have to be in place for a case to even get seriously looked at by a judge. There must be an allegation of a violation of a law, for one thing. Additionally, the plaintiff must have “standing.” This means the plaintiff was harmed by the breaking of the law. A case must also be “ripe” (the allegation cannot be speculated or predicted to occur sometime later), and the case cannot be “moot” (resolving the case must make an actual difference to the injured party).

In the case of abandonware, could these fundamentals be met? Sometimes revenue is still given to developers whose companies have closed shop, but it’s unclear how often this is the case.  In most cases, it seems that no one can claim to be damaged by the unauthorized distribution of the software, because no one can claim they lost money as a result. Further, any case would be moot because ceasing the distribution would not make any difference to a non-existent competitor.

Despite the unlikely odds of an abandonware suit even getting to trial, distributing abandonware still feels a little risky for two reasons. First, unlike trademarks, copyrights are not contingent on use in commerce, and unlike abandoned property there is no law describing how to treat abandoned works. Second, it’s an unexplored area of law, which means that there isn’t precedent either to argue in court or to consider when advising a client.

Who Gets the Loot of the IP License When a Company Dies in the Dungeons?

Despite the murkiness, some abandonware cases seem clearer than others. Some games from the 80s and 90s seem well and truly abandoned. However, if a copyright is assigned to a corporation and that corporation then goes defunct or is bought, it’s sometimes unclear who owns the copyright.  Other games may carry a sort of tangential active ownership that could complicate a case. For an example of both of these complications, let’s consider a game from 1991 that featured a licensed IP to a game developer and a publisher (who are now both defunct): Eye of the Beholder.

Dungeons and Dragons was owned by TSR, Inc until that company went out of business and sold most of its D&D intellectual property assets to Wizards of the Coast (a company owned by the toy company Hasbro, Inc). Eye of the Beholder was a game made by Westwood Associates (bought by Electronic Arts and defunct since 2003), though the title screen clearly identifies it as an Advanced Dungeons and Dragons game. The game was published by Strategic Simulations, Inc (bought by Mindscape and defunct since at least 2011), who worked with TSR on dozens of licensed D&D games.

With Westwood and SSI now out of the picture, can Wizards of the Coast claim ownership in the use of their D&D mark in 30 year old games?  Wizards of the Coast would probably not prevail on a claim of direct ownership of these games. As far as I can tell, courts have not addressed a case in which a party bases a claim on IP that is inside another product. The closest cases involve the use of a person’s likeness in a game, but the plaintiffs don’t try to claim ownership over the entire product. It may be that the original license agreement puts the “D&D” IP out of the reach of claims by TSR, and therefore out of the reach of WotC.

Ideally, the licensing contract between TSR, Inc and Westwood Associates has a paragraph for just this kind of question (this is why it pays to draft contracts with the worst possibilities in mind- like your company going out of business). If a court faced the claim that WotC has a claim on the distribution and sales of games featuring D&D settings and characters, I suspect* it would rather dismiss the claim on the basis of laches rather than address the tangled mess of IP licensing claims.

Conclusion: We Can Know The Risks, If Not the Outcomes

Abandonware seems to be technically illegal, but it also seems to be nearly unenforceable. That’s an uncomfortable place to be. It’s a strange state, and there are hardly any appropriate analogies that would help explain it. The best analogy might be a comparison to an old game that, despite being technically functional, won’t run on a current operating system. Abandonware’s legal challenge might be best described by its technical challenge.

 

*There is always a small risk of a surprise in court: A court could create the principle that when a party does not exist to protect a licensed IP, the licensor may step in and act as owner of that IP for some limited purpose. Some would call that “legislating from the bench.” The judge would call it “meeting the demands of justice in the face of technological development.”

The Race for Data: Consumer Privacy in a Red Shell

Mario Kart hasn’t outsold the standard Mario formula, but it has been the most successful adaptation of the characters. The lack of multiplayer wasn’t a big deal for games on the original 80’s Nintendo Entertainment System; just running to the right and jumping on boxes was good enough. As demand for multiplayer games grew, Mario Kart proved to be one of Nintendo’s best ideas. Racing games don’t need a lot of explanation, and getting to steer your favorite characters to the finish line made for hours of fun for family game night, birthday parties, and college dorms. Nintendo also made their fun additions to their racing game easy to understand: banana peels make your opponents lose control and crash, mushrooms provide a speed boost to help you catch up (especially useful after a crash), and getting hit by a turtle shell the size of your cart is never good. The weaponized shells come in a few colors, but the red shell was particularly powerful because it follows its targets movements, making it nearly impossible to dodge.

So, when the minds of marketing, data science, and software development came together to create a way to track gameplay data and correlate it to advertising for each unique player, a popular video game weapon that followed a target seemed like a good fit for the name of the product. Maybe a representative from customer relations or ethics would have raised a concern about naming a product after something aggressive and destructive. That kind of name raises a red flag for some people—and  it raises two red flags if it also shares the name with a known malicious virus. Unfortunately, it fell to the players to explain that secretly targeting customers to collect data is an unpopular choice.

 

Red Shell Discovered

Earlier this year, a few Steam users discovered a tracking program hidden inside some game software. The tracking program was called Red Shell. I have not found any indication that users were informed (at least explicitly) of the presence of this tracking software within the games that consumers purchased, downloaded, and installed. The stated purpose of Red Shell is to track user data that can be matched with marketing data to optimize marketing strategies. Despite the fact that the data collected from a user is called a “fingerprint,” developer Innervate is on record as believing that the clandestine program that does not allow opt-in (or even opt-out) decisions is GDPR compliant because it does not collect personally identifying information- just a broad mass of data associated with a user.

Software companies got a different kind of marketing feedback as outraged customers spoke out on forums and social media, attacked games with negative reviews, and called for boycotts against the offending games. I did not find any evidence that Red Shell is harmful or pernicious in any way, and most users seem to agree with that assessment. But actual, or even potential, harm does not seem to be the problem. Rather, the issue seems to be that the customers feel betrayed, deceived, and… well… played.

 

Lessons from the Wreckage

In Mario Kart, red shells cause your opponents to crash. In June of this year, the program Red Shell caused player trust to crash. Red Shell may be GDPR compliant, but the scandal now serves as an example of why mere technical compliance is not always enough.

I think Red Shell would have enjoyed reasonable success if players were given the choice to opt-in. Other companies use clear, voluntary methods to collect data from users—from surveys to system scans. I understand the appeal of “having all of the data,” and the appeal of letting computers do the bulk of the gathering and processing automatically. The efficiency and scale would be hard to match – computers often outperform humans in efficiency, speed, and scale. But computers don’t understand the values of trust, preferences, and autonomy.

Innervate lost sight of the real, ultimate reason for gathering player data in the first place: improve a developer’s bottom line through a better understanding of the player. By failing to connect empathy with the notion of “understanding,” they overlooked what they were losing in exchange for the increased efficiency and scale of their product. The effort to understand brand loyalty undermined the trust and loyalty to the brand. Data that is properly collected and carefully understood in the right context can be a powerful tool for better products and better service. But taking a shortcut around your goals to try to achieve them is just driving faster with no sense of direction.

 

Red Shell Takeaways:

ALWAYS remember that data is not an end in itself- think about WHY you want data.

Other things matter besides the data you think you need- consider the competing values.

Consider ways to get data that don’t interfere with other goals. Consider ways to get to your goals that don’t rely on the data you are chasing.

Don’t lose sight of your larger goals/objectives during your search for data; don’t let your race for data undermine your quest for success.

 

 

 

 

Popularizing Formats For Sitting At a Table and Having a Spirited Discussion

Mediation has a surprising amount in common with the tabletop game Dungeons and Dragons.

1) Most people know very little about either one.

2) People who have heard of it often think it’s a waste of time, and may deride those who support it.

3) Neither are promoted in mainstream culture.

4) The formats bear some similar appearance: Several people sit around a table. One person seems to be “in charge,” but really, that person is just helping the other people at the table actually make meaningful decisions by providing structure and clarity for the process.

5) Neither one has a final, decisive ending that declares a winner. Rather, the purpose for both activities is to have a mutually satisfying experience and outcome; everyone wants to walk away from the table feeling like it was a worthwhile investment of 3 hours (… or 5 hours… or 18 hours…).

6) The enemy that must be defeated is abstract in both cases. For D&D, it’s the… well, the Dungeons and Dragons that must be overcome (it’s extremely clear naming). In mediation, it’s the conflict itself that is the enemy– not the other person.

More people than ever are playing D&D- and even filling theaters to watch professionals play it. Can mediation find the same increased acceptance in our culture?

 

The Wizardry of Brand Management

D&D surged in popularity in the last few years. The owner of the game and the brand, Wizards of the Coast (WotC), has rebuilt and redesigned the rules and format several times since taking over the trademark in 1993. When launching the 5th edition of the game in 2014, WotC leveraged social media to demonstrate how the game worked. The 5th edition was easier to understand, easier to play, and easier to watch than any previous edition. These changes made it more inviting for new players and also made it much more of a spectator event, which fit with the use of streaming services like Twitch and YouTube. Enthusiasts started to publish their own gaming sessions online, effectively turning their gaming product into a TV show—sort of a strange inverse of how most children’s cartoons worked in the 80s and 90s to sell toys. Like so many video games that now comprise the esports corpus, D&D became a game that collected an avid fan base and consistent spectators to fill streams and theaters. Podcasts, streams, and live performances have introduced thousands of new players to the game, as well as rekindled the imaginations of those who have not rolled a twenty-sided die in decades.

Despite their broad similarities, mediation has not exactly kept pace with D&D’s surge in popularity. Despite the overwhelming difference in cost, time, end (arguably) effectiveness, litigation remains the gold standard for dispute resolution in matters of legal consequence in the US.

Courtroom drama television shows, (and “procedurals,” generally) have done well in the US. A regular program centered on mediation could easily do as well as any long-running legal procedural show. Wizards of the Coast brought D&D out of derision and obscurity (even dismissing alleged satanic affiliations) by making it comprehensible and accessible. They used every possible tool to present an alien an esoteric game structure in a way that was engaging and entertaining, while at the same time gently informing viewers who simply watched the process.

 

Two Obstacles To Mediation’s Popularity

There is a snag in the economics of promoting mediation:  Wizards of the Coast is financially incentivized to promote their D&D product. A lot of wealthy people and companies are not necessarily incentivized to promote mediation as a primary form of dispute resolution. Trials can be incredibly expensive, and their complexity and cost often favors the side with more money to hire more experienced attorneys. Those with advantages of any kind, in any setting, are typically unwilling to give up those advantages. If the US legal system creates any advantage for those with power or wealth, it is easy to see why power and wealth would not be used to promote an alternative method of dispute resolution.

The other primary obstacle is the lack of cohesive ownership over mediation. D&D is a gaming product owned by a single company, and so decisions surrounding its brand management are made by a single entity. Mediation is a broad structure of dispute resolution, not owned by any particular body. Indeed, it is not the kind of thing that is subject to trademark or patent protection. There are trade groups and individual specialists who would like to see mediation increase in popularity, but there is no single entity with resources and authority over mediation. It is not comparable to the relationship of a company with its product. The lack of a trademark or ownership makes branding extremely difficult. Wizards of the Coast is able to manage D&D carefully, shutting down counterfeit products and distinguishing itself in the gaming market. Mediation is not the kind of thing that is subject to trademark protection.

 

The Cultural Boost for Competitive over the Cooperative

If popularity is about brand management, mediation seems condemned to obscurity because that brand can’t be effectively managed.

But how did litigation get popular without a trademark and a livestream? Perhaps the adversarial attitudes in litigation fit naturally with a competitive culture. Litigation so often becomes about beating the other side, rather than beating the conflict itself. Mediation is most successful when each side sees the obstacle as the conflict itself, and everyone works together to defeat that problem—not to defeat each other.

Despite the epithet of “rules lawyer” to describe many D&D players, a society that played more cooperative tabletop games would probably be less litigious. Taking a few hours to learn to work with someone who has different personal objectives from your own is an unusual activity in our culture, but learning to listen and cooperate might have value in an increasingly interconnected and networked society.

Evil Vines Choking Out Unenumerated Protections (An Afterthought on Legislating for Changing Technologies)

Legislation always faces a problem of enforcement. That problem can take many shapes: lower courts or police may refuse to enforce the law, citizens may refuse to obey the law en masse, or crafty schemers may look for loopholes and technicalities so they effectively break the law without penalty. There are multiple laws, cases, opinions, and all other legal indications that children merit special and particular protection online and in digital interactions. However, there is no law specifically forbidding inflicting digital violence on a child’s avatar in a game until the child pays non-digital money— and I’m almost surprised it took so long for someone to find that opportunity. I think Penny Arcade misunderstands the problem. The problem is that all of those legal efforts to protect children could never cover every possible way that someone might try to exploit a child in a digital setting. When someone wants to exploit people for money, they only worry about the law in three ways: not getting caught, not getting tried, and not getting convicted.

This kind of example raises concerns not just in the video game industry, but across industries affected by the new General Data Protection Regulation. It would be unfairly cynical to even hypothesize that every company is nefarious, of course. A good many companies have a genuine desire to uphold the GDPR rights of their users, and their task is to work toward official compliance with the GDPR requirements– a few will even go beyond that minimum and take further measures for privacy and security. Notwithstanding, some controllers and processors still want to exploit their users, and their task is now to figure out how to sneak over, around, or through the GDPR.

 

In Both Overcooked And The GDPR, Execution Matters More Than Ingredients

I deliberately avoided playing Overcooked for a long time because so many review joked about the fights it causes with friends. Now that I’ve played it, I barely understand why it’s such a divisive experience for so many people. The game is charming and delightfully fun. Players work together in kitchens filled with obstacles (food and tables often move during the round, forcing players to adapt) to prepare ingredients and assemble meals for a hungry restaurant– though the diners are sometimes floating on lava floes and sometimes… the diners are penguins. The game is about coordinating and communicating as you adapt to changes within the kitchen. Maybe the reason so many people throw rage fits during this game is that they are not good at coordinating an effort and communicating effectively. In any case, the game isn’t about food so much as it’s about kitchens (especially in restaurants). So the game doesn’t focus so much on the ingredients as it teaches the importance of working together in chaotic situations.

People are focusing  a lot on the ingredients of the new EU data privacy law– particularly the consumer protection rights enumerated in it. However, there is very little talk about the bulk of the law, which is aimed at the effort to coordinate the enforcement and monitoring mechanisms that will try to secure those consumer rights. The rights listed in the GDPR are great ingredients– but as Overcooked teaches, it takes both execution and ingredients to make a good meal.

Supervisory Authority: How We Get From Ingredients to Meal

I’ve read a lot of articles about the General Data Protection Regulation, and I notice two common points in almost all of them: 1) the GDPR lists data privacy rights for consumers, 2) this is a positive thing for consumers. However, after reading the entire law, I think this is a gross oversimplification. The most obvious point that should be added is overwhelming portion of the statute that is devoted to discussing “Supervisory Authorities.” The GDPR may list a lot of consumer rights, but it also specifically details how these rights are to be enforced and maintained. This law prescribes a coordinated effort between controllers, processors, supervisory authorities, and the EU Board.

As described in Article 51, 1, a supervisory authority is a public authority “responsible for monitoring the application of this Regulation, in order to protect the fundamental rights and freedoms” that the GDPR lists. Each member of the EU is required to “provide for” such an authority. I can only speculate that this would look like a small, specialized government agency or board. This supervisory authority is required to work with the various companies that hold and process data (“controllers” and “processors” in the GDPR) to ensure compliance and security. The supervisory authority is responsible for certifications, codes of conduct, answering and investigating consumer complaints, monitoring data breaches, and other components of a comprehensive data privacy program. The supervisory authority must be constantly and actively ensuring that the rights in the GDPR are made real.

If the supervisory authority can’t coordinate the effort with the controllers and processors, the rights in the GDPR are just delicious ingredients that were forgotten about and burned up on the stove.