The concept of eDoping in eSports – cyber security as a safety measure, enforcement and sanctions in case of non-compliance

by Giulia Zappaterra, Ludovica Mosci & Deborah Paracchini 

How to limit the risk of eDoping and avoid potential sanctions and enforcements in eSports? What solutions shall be adopted in terms of cybersecurity?

The eSports market has grown at a tremendous pace over the past few years becoming a half billion dollar industry. Competition between players is at the highest levels and marginal gains can make the difference between winning and losing. Cheating is therefore a high temptation for many players.

Some of such players are going for “eDoping”. This is not the classic doping to strengthen physical and concentrations potential, but it refers to the fixing of the machines used for the tournaments.

eDoping is in fact the manipulation of either software or hardware to give the player a specific advantage within the game. During the last years in fact, not only game software have been modified, but also keyboards or mouse settings have been altered to perform a series of actions with a single click. However, there are also doping activities that do not require any form of modification. For instance the “stream sniping”, requires that players watch live broadcast of the match in which he/she is currently playing to get an insight into the opponent. As it this was not enough, eSports are also not exempted from cyber-attacks. There have even been distributed denial of service (DDoS) attacks in which a network or a specific player where players’ acts are so overwhelmed that they are forced to slow down or shut down.

And with technology constantly advancing, it’s a never-ending battle which require commitment on all fronts.

  • Prevention from eDoping: adoption of a cybersecurity system

One way to protect games and tournaments from eDoping is cybersecurity. In fact, it comes as no surprise, that the most effective weapon against technology threats is technology itself.

During the years, game publishers and tournament organizations have implemented technical measures to detect and prevent eDoping as well as to punish those who employ such means. For instance, some entities have developed tools to determine whether matches on their platforms are manipulated, while others have elaborated the anti-cheat system that detect any modification done to the game’s files. The same level of security is also applied to tournaments, where the game equipment is owned, controlled and provided by the tournament organizer or where the player is authorized to use its own peripherals, the latter are controlled on the functionality of such devices.

In this context, it is essential for companies within the eSports industry to build cyber resilience systems together with incident response schemes able to remediate adverse impacts on the business and to protect the brand reputation, as well as post-incident remediation plan which can mitigate the impact from any claim or other liabilities.

But cybersecurity is not only a technical issue. If there are no organizational measures aimed at reducing the risk of cyber-attacks, no technical measure would be sufficient. Human errors are the main source of cyber-attacks, but the lack of internal organizational controls enable such human errors to actually become a risk of the eSports industry.

  • Persecution of eDoping activities: enforcement and sanctions

When a cybersecurity system is not adopted or does not work properly, eDoping can result in numerous consequences for both the accused player as well as the team for which the player operates for.

In fact, eDoping activities can result in the ban of players (or even the team) from a tournament or from the relevant league, with heavy consequences from an economic standpoint. Sponsorship contracts can therefore be immediately terminated with an economic loss not only for the sponsor, but also for tournament organizations and players team companies.

At the same time, in case eDoping is considered as a criminal offence (for instance a cybercrime), the issue could be brought in front of criminal courts with consequences also from a reputational point of view. It comes as no surprise that bans and fines – known to be considered as a way to discourage illicit behavior – might also apply.

With this regard, it is interesting to consider that no specific independent authority/regulator has been identified, so that eSports tournaments are usually self-regulating. For instance, FIFA – for its e-football events and tournaments – developed a single global regulatory body in order to ensure the quality of tournaments and the competition in the play and the consistency in rules and code of conducts across different games.

In light of the above, every day the need for a regulation on eSports and consequently against eDoping activities is more pressing. With this regard some experts are pushing towards a global eSports regulation which would require the identification of sanctions applicable on players across all games and countries in order to prevent the cheating player from participating in other tournaments.

It is therefore clear that eSports tournaments have major potentials, but need to deal with considerable attention from the security standpoint also in order to avoid the results deriving from eDoping.

If you would like to know more about this topic, please contact giulia.zappaterra@dlapiper.com, ludovica.mosci@dlapiper.com and deborah.paracchini@dlapiper.com.