Steam · Steam Privacy Policy

Minors' Data and Age Restrictions

High severity
Share 𝕏 Share in Share 🔒 PDF

What it is

Steam assigns every user a permanent Steam ID at account creation but does not require real name verification, meaning minors can create accounts without triggering age-specific data protections unless Steam implements separate age-verification measures.

Consumer impact (what this means for users)

Because Steam does not require real name or age verification at account setup, minors may be using the platform without triggering COPPA protections — meaning their game statistics, device identifiers, and behavioral data may be collected and shared with third parties without parental consent.

Cross-platform context

See how other platforms handle Minors' Data and Age Restrictions and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Steam's lack of real name or age verification at account creation, combined with its collection of behavioral data, payment information, and communications from all account holders, creates significant COPPA compliance risk if minors under 13 are using the platform.

View original clause language
When setting up an Account, Valve will collect your email address and country of residence. You are also required to choose a user name and a password. The provision of this information is necessary to register a Steam User Account. During setup of your account, the account is automatically assigned a number (the "Steam ID") that is later used to reference your user account without directly exposing Personally Identifying Information about you. We do not require you to provide or use your real name for the setup of a Steam User Account.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: COPPA (15 U.S.C. §6501 et seq.) requires verifiable parental consent before collecting personal information from children under 13 in the US. GDPR Art. 8 requires member state minimum age for digital service consent (typically 13-16 depending on jurisdiction). UK Age Appropriate Design Code (Children's Code) requires age-appropriate data protection for users likely to be under 18. FTC enforces COPPA; ICO enforces UK Children's Code; EU DPAs enforce GDPR Art. 8.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    The FTC is the primary enforcement authority for COPPA violations on digital platforms used by children, and has established significant enforcement precedent in gaming (Epic Games, 2023).
    File a complaint →
  • State AG
    State Attorneys General in California, Connecticut, and Texas have enforcement authority under state children's privacy laws applicable to gaming platforms.
    File a complaint →

Provision details

Document information
Document
Steam Privacy Policy
Entity
Steam
Document last updated
April 29, 2026
Tracking information
First tracked
April 18, 2026
Last verified
April 18, 2026
Record ID
CA-P-002936
Document ID
CA-D-00182
Evidence Provenance
Source URL
https://store.steampowered.com/privacy_agreement/
Wayback Machine
View archived versions →
SHA-256
63210b28892392d9dae07097221e6ab8458f850d4edd68ce4be0bc540f120bb5
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Steam | Document: Steam Privacy Policy | Record: CA-P-002936
Captured: 2026-04-18 10:57:26 UTC | SHA-256: 63210b28892392d9…
URL: https://conductatlas.com/platform/steam/steam-privacy-policy/minors-data-and-age-restrictions/
Accessed: May 2, 2026
Classification
Severity
High
Categories
Unknown

Other provisions in this document