Caroline Elkin – Activision
- Written by: Neil Cote
- Produced by: Julianna Roche
- Est. reading time: 5 mins
The Barclays Center’s regular tenants, the NBA’s Nets and NHL’s Islanders, don’t always draw such a crowd. But last summer, the Brooklyn arena played host to the Overwatch League finals, drawing 20,000 zealous spectators to London Spitfire’s victory over Philadelphia Fusion in an action-packed video game competition where the best players in the world went head to head for the global championship; worldwide, millions more watched remotely.
A Baird analyst, Colin Sebastian, told MarketWatch that such interactive games could become the lion’s share of the media and entertainment sector, hitting $145 billion next year and making it a “must own” for investors. Likely too, a “must bet” for those wagering in a sports gambling industry that’s growing nationally and internationally.
That also means the need to be vigilant about data privacy and cybersecurity, as well as a host of other legal matters, is of utmost importance as volumes of personal information will be collected and processed.
“There was a time when we would not have even contemplated people watching other people playing video games, but it’s a new world out there,” says Caroline Elkin, the chief privacy officer and vice president of Activision in Santa Monica, California. “But this is just one of the many challenges that makes our work fun.”
A whole new ballgame
Yes, esports has shaken up the video game culture and for a company like Activision’s parent—Activision Blizzard—it would seem for the better. The benefits include expanded interest and revenue streams, as well as higher corporate value for one of the industry heavyweights.
But what used to be recreation becomes a most valuable commodity, and this industry—like so many others—has evolved ahead of lawmakers and regulatory agencies. For Elkin that means not just keeping a dynamic enterprise in compliance with existing rules and regulations, but anticipating what the next round might resemble.
It’s not unlike hitting a moving target in a video game.
“There are so many mediums and platforms through which people can pass information, share data, view programs and watch content,” Elkin explains. “All of these things are hard to corral into one compliance bucket.”
Rather than saying that a lot of people are playing and watching Activision’s games, Elkin prefers to say they are “engaging” with their audience. And when they’re engaged, Elkin must be engaged.
In her own state, the California Consumer Privacy Act will, starting in January, afford residents data protection similar to the stringent standards that went into effect last year in the European Union. Earlier this year the state of Washington stopped short of passing a sweeping privacy law, but expanded its requirements for public breach notifications, with Activision among the many companies taking notice.
Previously, a company doing business in Washington had to notify within 45 days if a hacker acquired a consumer’s name in combination with at least one other piece of sensitive data: Social Security number, driver’s license number, state ID number or financial account information. The new law expands the list to birth dates, health insurance ID, medical history, student ID, military ID, passport ID, username-password combination or biometric data.
With other states either in the process of tightening their privacy laws or having already done so, Elkin can’t help but wish there were a national standard. It may happen, but not as quickly as she would like.
“In the meantime, a number of states will make their own laws tailored to their own needs and we’ll take a conservative approach so as to be in compliance everywhere,” she says.
That said, some of those challenges seem dwarfed by the popularity of Activision’s product lineup, though that can lead to other matters of concern.
Candy Crush Saga has been sweet indeed for Activision Blizzard since the company acquired King Digital Entertainment in early 2016 for $5.9 billion.
When the first quarter of 2019 ended, Activision Blizzard beat expectations, with Candy Crush’s monthly active users having increased by 2 percent to 272 million. It marked the second consecutive quarter the company saw such growth, with Candy Crush Friends Saga bringing in new and lapsed players from the previous games—Candy Crush Saga, Candy Crush Soda Saga, and Candy Crush Jelly Saga. Players were said to be spending an average of 38 minutes per day playing the Candy Crush franchise’s “free-to-play” model, which carries no base fee but does charge for additional features.
Call of Duty: Mobile will be following suit with a free-to-play mobile game that brings together maps, modes, weapons and characters from across the Call of Duty franchise, and allows players to play in head-to-head competition against other players from around the world.
With more and more ways for the company to collect and process personal information, Elkin must ensure precautions are in place. She’ll be just as mindful about protecting the privacy of the players of other games whose tournaments fill esports arenas.
She’s enjoyed many aspects of the business since joining Activision in 2013 as director of legal, benefits and employment, and garnering multiple promotions. Employment law in private practice had been Elkin’s stock in trade, and she distinguished herself as an associate with three firms, the most recent being an eight-year stretch at Paul Hastings in Los Angeles where she was contracted to serve Activision.
“I became hooked on the nuances and complexities of following the regulations for marketing and sales, as well as privacy protections,” she explains.
Thus she seemed the logical choice when the company needed someone for the hybrid role of employment and privacy law. A mother of three small boys and a minority woman in a profession that’s largely male dominated, Elkin also relished the opportunity to be a role model.
She’s now in charge of a team of five, but can be said to have a second in-house team made up of her sons—an 11-year-old and 8-year-old twins—from whom she learns a lot about playing video games online and so much else about the industry at large.
“I started out by seeing how they log in and whether certain websites were consistent with COPPA,” she says of the Children’s Online Privacy Protection Act that imposes requirements on websites or online services directed to kids under 13 years of age.
“I can use my kids as test cases. They think it’s cool that I work for a video game company, though they don’t think I’m cool because I don’t make the games. I draft privacy policies and disclosures and that doesn’t sound like so much fun.”
In time they’ll learn that protecting the privacy of players is indeed cool.
Showcase your feature on your website with a custom “As Featured in Vanguard” badge that links directly to your article!
Copy and paste this script into your page coding (ideally right before the closing