Kinding Law Firm
China Game Law
Anime-style GamesGacha Pool BugDark PatternsAnti-Corruption

【Weekly Gaming Law】Illegal Sale of Love and Deepspace Accounts Leads to Criminal Sentencing; Two Blizzard Games Under Investigation in Italy

【每周游戏法】非法售卖《恋与深空》账号获刑;暴雪两款游戏被意大利调查

January 29, 2026
17 views

Summary

This weekly column reviews recent legal developments in the game industry, covering operational liability arising from gacha system bugs, criminal liability for account resale involving personal information crimes, corruption risks within game companies, and intensified European regulatory scrutiny over misleading monetization and interface design in free-to-play games.

(I) A Major Publisher Compensates All Players After a Gacha Pool Bug in a “Anime-style Games” Game

On January 20, a serious bug occurred in the latest gacha pool of the mainland China server of a “Anime-style Games” mobile game published by a major Shanghai-based company. Due to the bug, the gacha pool was unable to produce any 4-star or 5-star characters, and players could only obtain characters through the pity mechanism.

In response, the game was taken offline for emergency maintenance. In the subsequent apology announcement, the operator announced that all players on the server would be granted the three featured characters from the current recruitment banner and that all gacha resources consumed during the bug period would be refunded.

Nuocheng Commentary:
Operational incidents are a challenge that most game companies will inevitably face. If handled improperly, such incidents can easily escalate into large-scale public opinion crises or user complaints. In this case, the operator promptly suspended services, issued an apology announcement, and adopted remedial measures, including granting specific characters to all players and refunding gacha resources consumed during the bug period. These measures constitute concrete performance of contractual liability.

Such measures not only compensated players for virtual property losses caused by the bug (including gacha resources and expected character entitlements), but also effectively prevented the escalation of disputes. This approach aligns with judicial practice, which generally holds that “game operators shall bear remedial and compensatory liability for service defects.” Moreover, since the operator had already taken timely remedial measures and fully compensated players for their reasonable losses, courts typically do not support further monetary compensation claims where players fail to provide evidence of actual damages exceeding virtual property losses.

(II) Two Individuals Sentenced for Illegally Obtaining Personal Information and Selling Love and Deepspace Accounts

Lin operated an online store providing game boosting services. For the purpose of illegal profit, Lin commissioned Xie, who was proficient in programming, to develop an automated script targeting the popular mobile game Love and Deepspace. The script enabled automated login, daily check-ins, and completion of routine in-game tasks.

To maximize the script’s commercial value, Lin obtained more than three million pieces of citizens’ personal information through illegal channels, including names and ID card numbers. Lin then organized personnel to use virtual email accounts to batch-register game accounts and complete real-name authentication. The two used the script to operate a large number of accounts simultaneously for “account farming,” and subsequently sold the accounts through the online store at different prices based on the amount of virtual currency and rare items contained in each account.

In September 2024, the game developer detected anomalies and reported the matter to the police. Investigation revealed that the script written by Xie, without authorization, obtained player login token data sent by the game server and directly transmitted data packets to the server, thereby interfering with the normal operation of the server. The script was identified as a destructive program. As of the time of the offense, the two had generated illegal profits of more than RMB 1.6 million through the sale of game accounts.

After trial, the court held that Lin and Xie had violated state regulations by intruding into computer information systems to obtain data, and had illegally obtained and provided citizens’ personal information under particularly serious circumstances. Their conduct constituted both the crime of illegally obtaining computer information system data and the crime of infringing upon citizens’ personal information, and they were subject to combined punishment for multiple offenses.

Given that both defendants had compensated the victim company for economic losses and obtained forgiveness, lighter punishment was warranted. Ultimately, the court accepted all charges and sentencing recommendations proposed by the procuratorate and sentenced Lin and Xie each to four years and five months of fixed-term imprisonment, along with a fine of RMB 80,000.

In addition, the court supported the criminal incidental civil public interest litigation initiated by the procuratorate, ordering the two to delete the illegally collected and stored citizens’ personal information and to issue a public apology to society through national-level media.

Nuocheng Commentary:
The real-name registration system for online game accounts provides strong legal support for game companies in combating black and grey market activities such as bulk account registration and account resale.

On the one hand, by requiring the submission of real identity information as a prerequisite for account registration, the real-name system effectively filters out some individuals intending to engage in illegal activities, thereby compressing the operational space of black and grey industries at the source and reducing the phenomenon of mass account registration.

On the other hand, even where illegal actors obtain large amounts of citizens’ identity information through unlawful channels for account registration, the nature of their conduct fundamentally changes—from a civil dispute affecting a game company’s service order to a criminal offense infringing upon the personal information security of a large number of citizens.

This transformation not only significantly increases the cost of illegality, but also enables game companies to work more effectively with public security and judicial authorities to take stronger enforcement measures, precisely curb account resale black-market activities, and safeguard the healthy and orderly development of the game industry.

(III) Art Department Executives at a Major Game Company Criminally Detained for Alleged Corruption

Recently, Perfect World released an announcement disclosing multiple cases of internal and external collusion and corruption involving employees and suppliers uncovered in 2025. Investigations revealed that Diao, the art department team leader of the Qingyun Studio’s New Zhuxian World project, abused his position during his tenure to collude with suppliers, inflate procurement prices, solicit and accept bribes, and embezzle company property.

Song, the former animation team leader of the Lingxiao Studio’s Perfect New World project, abused his position and influence to inflate procurement prices, illegally subcontract business to closely related parties, and solicit and accept bribes. Wang, the former art director of the same project, illegally introduced unqualified suppliers, instigated and cooperated with suppliers to falsify prices, and long-term solicited and accepted large sums of bribes.

The company determined that the above conduct was suspected of constituting criminal offenses and reported the matter to public security authorities.

At present, the police have lawfully placed Diao, Song, and Wang under criminal detention. Perfect World has dismissed Diao and permanently barred him from re-employment. The announcement stated that the company maintains a zero-tolerance policy toward corruption and fraud, has previously reported relevant leads to the police, and will continue to keep reporting channels open to safeguard corporate interests.

Nuocheng Commentary:
This anti-corruption announcement by Perfect World focuses on art-related positions, with all involved personnel colluding with external suppliers to seek personal gain through bribery and inflated procurement prices. In fact, anti-corruption efforts have long been a key focus for major game companies in standardizing internal management and protecting corporate interests.

In conducting anti-corruption work, enterprises should pay attention to the following:

  1. Clue acquisition: Continuously keep reporting channels open, actively encourage employees, suppliers, and relevant parties to report misconduct under real names, and strengthen special audits and routine inspections of core business areas such as procurement and outsourcing to proactively identify early warning signs and tendencies.

  2. Handling corruption: In addition to investigating and dealing with corrupt personnel in accordance with the law or internal management rules, companies may also publicly disclose typical cases to create strong deterrence, while simultaneously analyzing institutional loopholes revealed by such cases and improving supplier management and approval processes to build a solid anti-corruption defense.

(IV) Italy Investigates Two Blizzard Games for “Misleading and Aggressive Sales Practices”

Recently, the Italian Competition Authority (AGCM) announced the launch of formal investigations into two popular mobile games under Activision Blizzard (Microsoft Group): Diablo Immortal and Call of Duty Mobile.

The regulator stated that although these games are labeled as “free-to-play,” their in-game purchase mechanisms and interaction design may violate the Italian Consumer Code and pose additional risks to minors.

According to reports, the AGCM alleges that these games employ misleading and aggressive interface designs, push mechanisms, and default settings that induce players to repeatedly engage in gameplay and spending, and may even lead to minors making payments without adequate informed consent.

The AGCM emphasized that the investigation does not target the game content itself, but rather focuses on whether the commercialization models and interface design materially affect consumers’ rational decision-making. This enforcement action also signals the continued strengthening of regulatory oversight in the digital consumer sector by European authorities.

Nuocheng Commentary:
The AGCM’s investigation into Diablo Immortal and Call of Duty Mobile is not an isolated action targeting Microsoft Group’s mobile game business, but rather reflects a growing compliance risk across the EU, where in-game purchase transparency and “dark patterns” have become key regulatory priorities.

This case demonstrates that game companies’ compliance obligations are no longer limited to content compliance, but extend to the form and logic of product design. Companies urgently need to move beyond traditional compliance perspectives and expand their review scope to encompass business strategies, user interface (UI) design, and decision-guiding pathways.

Under the increasingly stringent EU regulatory framework, the mainstream “free-to-play + in-app monetization” business model is facing comprehensive scrutiny. This requires companies to reassess compliance across critical areas such as virtual currency system design, promotional activity planning, and consumer protection mechanisms—particularly protections for minors—in order to respond to an increasingly complex regulatory environment.

中文原文

(一)大厂代理二游因卡池BUG,补偿全服玩家新角色

1月20日,上海大厂代理发行的某二游国服最新卡池出现严重bug,卡池无法抽出任何4星、5星角色,只能保底获得。

针对此事,游戏进行了紧急停服维修。在随后的道歉公告中,官方宣布将为全服玩家赠送本期招募Up的三个角色,并返还bug期间的抽卡资源消耗。

诺诚评论:

游戏运营事故是大部分游戏厂商都会面临的考验,一旦处理不当很有可能引发大规模的舆情乃至客诉问题。

此次事故中,游戏运营商紧急停服维修、发布道歉公告,并采取全服赠送指定角色、返还bug期间抽卡资源的措施,是承担违约责任的具体表现。

该措施既弥补了玩家因bug遭受的虚拟财产损失(抽卡资源、预期角色权益),也避免了纠纷升级,与司法实践中“游戏运营商需对服务瑕疵承担补救、补偿责任”的裁判思路一致。

而且,游戏运营商已及时采取补救措施,充分弥补了玩家的合理损失。结合同类因游戏bug而产生客诉纠纷的案例,若玩家在获得相应补偿后,再主张额外的金钱赔偿,因未提供证据证明存在超出虚拟财产损失的实际损害,法院通常不予支持。

(二)非法获取个人信息,二人售卖《恋与深空》账号获刑

林某经营一家提供游戏代练服务的网店。为牟取非法利益,林某委托精通编程的谢某编写针对热门手游《恋与深空》的自动化脚本,该脚本可实现自动登录、签到及完成日常任务。

为最大化发挥脚本价值,林某利用从非法渠道获取的300余万条公民个人信息(包含姓名和身份证号码),组织人员使用虚拟邮箱批量注册游戏账号并完成实名认证。二人利用脚本同时运行大量账号进行“养号”,随后根据账号内虚拟货币及稀有道具的差异,通过网店对外出售。

2024年9月,游戏开发公司发现异常并报案。经查,谢某编写的脚本未经授权获取游戏服务器发送的玩家登录令牌数据,并直接向服务器发送数据包,干扰了服务器正常运行,被鉴定为破坏性程序。截至案发,二人出售游戏账号共计获利人民币160余万元。

法院经审理认为,林某、谢某违反国家规定,侵入计算机信息系统获取数据,且非法获取、提供公民个人信息,情节特别严重,其行为均已构成非法获取计算机信息系统数据罪及侵犯公民个人信息罪,依法应予以数罪并罚。鉴于二人已向被害单位赔偿经济损失并获得谅解,依法可从轻处罚。

最终,法院采纳检察机关的全部指控意见和量刑建议,分别判处林某、谢某有期徒刑四年五个月,并处罚金人民币八万元。此外,法院还支持了检察机关提起的刑事附带民事公益诉讼,判决二人删除非法收集并存储的公民个人信息,并在国家级媒体公开向社会公众赔礼道歉。

诺诚评论:

网络游戏账号实名制,为游戏公司打击批量注册账号、倒卖账号等黑灰产行为提供了强有力的法律支撑。

一方面,账号实名制以提交真实身份信息作为注册门槛,能够有效过滤部分意图从事不法行为的人员,从源头压缩黑灰产的操作空间,减少批量注册账号的乱象;

另一方面,即便有不法分子通过非法渠道获取大量公民身份信息用于游戏账号注册,其行为性质也将发生根本转变,即从原本针对游戏公司服务秩序的民事纠纷,升级为侵害广大公民个人信息安全的刑事违法行为。

这一转变不仅提升了违法成本,更有助于游戏公司协同公检法等相关部门,依法采取更具力度的打击措施,精准遏制账号倒卖黑灰产,维护游戏行业健康有序的发展环境。

(三)游戏大厂美术相关负责人涉嫌贪腐被刑拘

近日,完美世界发布公告,披露了2025年查处的多起员工与供应商内外勾结、营私舞弊案件。

经查,青云工作室新诛仙世界项目美术部组长刁某某,在职期间利用职务便利,伙同供应商抬高采购价格,索取、收受供应商贿赂并侵占公司财物;

凌霄工作室完美新世界项目美术部原任动作组长宋某某,利用职务便利及职权影响,抬高采购价格,违规将业务发包给密切关系人,并索取、收受贿赂;

凌霄工作室完美新世界项目原任美术总监王某某,违规引入不合格供应商,唆使、配合供应商虚报价格,长期索取、收受大额贿赂。

公司认为上述人员行为已涉嫌违法犯罪,遂向公安机关报案。

目前,公安机关已依法对刁某某、宋某某、王某某三人实行刑事拘留。完美世界对刁某某作出辞退处理,并永不录用。公告显示,公司对贪腐舞弊行为持零容忍态度,此前已根据相关线索向公安机关报案,并将持续畅通举报渠道,维护公司利益。

诺诚评论:

本次完美世界的反腐通告聚焦于美术岗位,涉案人员均通过与外部供应商相互勾结,以收受贿赂、抬高采购价格等方式谋取私利。事实上,反腐工作一直是各大游戏厂商规范内部管理、守护企业利益的重点着力点。

企业反腐工作需注意:

1、线索获取上,需持续畅通举报渠道,积极鼓励员工、供应商及相关方实名举报,同时强化核心业务(采购、外包等)的专项审计与常态化核查,主动挖掘各类苗头性、倾向性问题。

2、反腐处理上,除了依法或依公司管理制度查办相关贪腐人员之外,还可以通过公开通报典型案例形成强力震慑,同步深入剖析案件背后的制度漏洞,完善供应商管控、审批流程等相关规则,筑牢企业反腐防线。

(四)意大利调查暴雪两款游戏,称其存在 “误导性和侵扰性销售行为”

近日,意大利竞争管理局(AGCM)宣布,对动视暴雪(微软集团)旗下的两款热门手游《暗黑破坏神:不朽》(Diablo Immortal)和《使命召唤手游》(Call of Duty Mobile)启动正式调查。

监管机构指出,这些被标注为“免费游玩”的游戏,其内购机制和交互设计可能违反意大利《消费者法典》,并对未成年人构成额外风险。

据报道,AGCM指控这些游戏提供误导性和侵扰性的界面设计、推送机制和默认设置,引导玩家反复游玩消费,甚至导致未成年人在不充分知情下的付费行为。

AGCM强调,本行动并非针对游戏内容本身展开,而是直指游戏商业化与界面设计是否在实质上影响了消费者的理性决策。这一执法动向也是欧洲监管机构持续强化数字消费领域监管的重要信号。

诺诚评论:

意大利竞争管理局(AGCM)此次针对《暗黑破坏神:不朽》与《使命召唤手游》的调查,并非孤立地指向微软集团旗下的移动游戏业务,而是深刻反映了欧盟地区日益凸显的合规风险,即游戏内购透明度及“暗黑模式”成为监管重点。

这一案例表明,游戏企业的合规义务已不再局限于内容层面,更延伸至产品设计的形式与交互逻辑。

企业亟需超越传统的合规视角,将审查范围拓展至商业策略、用户界面(UI)设计以及引导用户决策的路径上。在欧盟日趋严格的监管框架下,“免费游玩+内购变现”这一主流商业模式正面临全方位的审视。

这要求企业必须重新评估其在虚拟货币体系构建、促销活动策划以及消费者权益保障(特别是针对未成年人的保护机制)等关键环节的合规性,以应对日益复杂的监管环境。

分享文章
Read original article on Zhihu

相关文章

General

【Weekly Gaming Law】Lawyers Comment on miHoYo’s Anti-Fraud Actions; Infringing “Reskinned” Game Ordered to Pay RMB 5 Million

【每周游戏法】律师评米哈游反舞弊;侵权游卡被判赔500万

This weekly update examines three recent legal developments in the gaming industry: miHoYo’s anti-fraud enforcement and supplier blacklist measures; a “reskin” infringement case involving a Three Kingdoms-themed card game resulting in a RMB 5 million damages award based on unfair competition; and Roblox’s launch of AI-powered interactive content generation tools. The article outlines the legal considerations arising from supply chain compliance, the boundary between public domain materials and protectable game design, and the intellectual property and compliance implications of AI-generated interactive content within UGC platforms.

0 views
General

How to Build Official Game Payment Systems in a Compliant Manner (Part II): Overseas

游戏官方支付如何合规搭建(二)海外篇

Against the backdrop of a global economic slowdown and evolving regulatory scrutiny over major app distribution platforms, an increasing number of overseas-oriented game companies are exploring the establishment of official website top-up platforms to reduce reliance on channel commissions. Building on the prior discussion of platform policies regarding payment redirection and third-party payment access, this article reviews practical cases of official website payment models adopted by several game companies, including their login mechanisms, purchasable content, regional availability, and qualification disclosures. Based on these practices, it outlines compliance considerations that overseas game companies should focus on when constructing official website payment systems, particularly in relation to account management, price display, promotional methods, and refund policy design across different jurisdictions.

5 views
General

EU’s DMA Enforcement Push: Apple and Epic Games Reach Temporary Truce

欧盟DMA强监管,苹果与Epic Games暂时握手言和

Since 2020, Apple and Epic Games have been locked in a global antitrust dispute over App Store policies. While Epic lost its U.S. lawsuit, it continued its resistance through noncompliance, resulting in a developer account ban. However, the dynamics shifted with the EU Digital Markets Act (DMA) coming into force on March 6, 2024. Epic reported that Apple, under pressure from the European Commission, agreed to reinstate its developer account in the EU. The DMA’s provisions, especially Article 5(3) and Article 6(4), require gatekeepers like Apple to allow third-party app stores and payment systems on iOS. Apple’s attempt to ban Epic amid DMA implementation triggered regulatory attention, leading to rapid Commission intervention. This incident not only highlights the DMA’s enforcement teeth but also signals a broader shift in platform governance within the EU. For global developers and digital exporters, especially those dependent on app store distribution, DMA compliance represents a strategic inflection point. Non-compliance risks include fines of up to 10–20% of global turnover, exemplified by the €1.84 billion fine Apple recently faced. As more third-party app stores (e.g., Mobivention, MacPaw) emerge, the EU’s digital market is poised for structural transformation.

4 views