The official websites of both League of Legends and Riot Games are encoded with a tracking technology that records the behavior of their visitors, a research group at Princeton University has discovered. This includes not only leagueoflegends.com and riotgames.com, but also other branches such as leagueoflegends.co.kr and lolesports.com.
According to the report, more than 1,200 prominent domains on the internet are currently tracking and analyzing their visitors. Other affected websites in the video games category include dota2.ru, nintendo.com, xbox.com, minecraft.net, wargaming.net, worldofwarships.eu, kinguin.net, g2a.com, csgolounge.com, dota2lounge.com, and gosugamers.net.
The research group has noted that there are two methods through which websites record everything a visitor does or may do, which includes putting in passwords and other sensitive information.
The first method is called session replay. These use scripts that “record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit.” The information is then sent to third-party servers for saving. The second method is labelled as “analytics scripts exist” and tracks what pages a user visits or searches made on their websites.
“This data can’t reasonably be expected to be kept anonymous,” the research group said. “In fact, some companies allow publishers to explicitly link recordings to a user’s real identity.”
While the notion of anyone spying on you is scary, most major companies tend to use recorded behaviors of their visitors to verify interests and habits for marketing purposes. In addition, the user-end details are supposed to be encrypted so that even internal employees are unable to read the information.