To play certain Riot games like VALORANT, you must install Vanguard, which runs deep inside your computer's operating system (kernel level) and is active whenever your computer is on.
By agreeing to play VALORANT or other Vanguard-protected titles, users grant Riot Games software with the deepest level of operating system access, which continuously collects system telemetry and creates a potential attack surface for malicious actors if the kernel driver is ever compromised.
Cross-platform context
See how other platforms handle Kernel-Level Anti-Cheat (Vanguard) Requirement and similar clauses.
Compare across platforms →Kernel-level software has the highest possible access privileges on your computer — it can monitor and interact with everything on your system, creating significant privacy and security exposure if the software is ever compromised.
1) REGULATORY FRAMEWORK: This provision directly implicates GDPR Art. 5(1)(c) (data minimization), Art. 6 (lawful basis for processing — consent or legitimate interests), Art. 25 (privacy by design), and Art. 35 (requirement for Data Protection Impact Assessment for high-risk processing). The UK GDPR (UK GDPR Art. 35) imposes equivalent DPIA requirements. CCPA §1798.100 requires disclosure of categories of personal information collected, which must encompass system-level telemetry gathered by Vanguard. The FTC Act Section 5 applies to material omissions about the scope of software surveillance capabilities. EU enforcement authority: national DPAs (e.g., CNIL, BfDI); US: FTC. 2)
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.