PlayStation automatically collects detailed data every time you use a console or app, including your location, every game action you take, how long you use each feature, your device IDs, and even screenshots if error reporting is enabled.
Consumer impact (what this means for users)
Every move you make in a PlayStation game, every app you open, and your physical location may be automatically recorded and stored by Sony, creating a comprehensive profile of your gaming and device habits without requiring any active input from you.
What you can do
⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
Delete Your Data
Within 45 days
Navigate to the privacy rights request portal linked in PlayStation's Privacy Policy page, select 'Delete My Data,' and complete the identity verification steps. Requests are processed within 45 days under CCPA.
Cross-platform context
See how other platforms handle Broad Automatic Data Collection from Consoles and Devices and similar clauses.
The breadth of automatic collection — spanning real-time location, granular in-game behavior, and crash screenshots — goes well beyond basic service functionality and creates a detailed behavioral profile of every user.
View original clause language
Each time you use a PlayStation console or a PlayStation app on a PlayStation console or other devices (such as a mobile phone or PC), we may automatically collect information about your use of that device and app. The information that we collect from devices may include: Device identifiers such as your PlayStation console ID, mobile device IDs, cookie IDs, or serial numbers; Network identifiers such as your IP address and MAC address; Your current and recent locations (e.g. on PS Vita); Information about how you use the software installed on your device (which may include information about the use of the software offline), such as date and time of use, what games or music you play, what content you browse, share or download, what services you access and for how long, including how often you use chat and other communication applications; The actions you take within games or apps published by SIE (e.g. what obstacle you jump over and what levels you reach); Software errors and load times details, and if you have the 'Report System Software Errors Automatically' setting turned on, detailed information about the crash, including screenshots and video captured before the crash.
1) REGULATORY FRAMEWORK: This provision implicates CCPA/CPRA (Cal. Civ. Code §1798.100, §1798.140) for California residents, requiring disclosure of data categories collected and honoring deletion requests. It also engages COPPA (16 C.F.R. Part 312) for child users, where collection of geolocation data requires verifiable parental consent. FTC Act Section 5 applies to any deceptive or unfair data collection practices. The Virginia VCDPA (§59.1-578), Colorado CPA (C.R.S. §6-1-1308), and Connecticut CTDPA also impose data minimization obligations.
2)
🔒
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Applicable agencies
FTC
The FTC has jurisdiction over unfair or deceptive data collection practices under FTC Act Section 5, including over-collection and inadequate disclosure of automatic device tracking.