The Definitive Guide to Gaming in Private (GiP)

Not all privacy folk are gamers, and not all gamers are privacy folk. It's understandable that there have been no definitive guides when it comes to privacy in online gaming, but that changes now. I am here to share how I try to maintain privacy in my definitely real career as a professional offline and singleplayer gamer. While technically you can't remove all of them this guide will pretty much cover nearly everything I do in order to minimize the number of eyes on me while I play Stardew Valley or something.

Disclaimer: As I have never owned a console or a Mac before this will only cover gaming on desktop, notably Linux and Windows. Also T&A means Telemetry and Analytics.

Another Disclaimer: I also am not affiliated with any of the 3rd parties I mention or link.

Chapter I: Setting Up Base

The first step is to choose an operating system for daily gamer use. In this manner I would mainly suggest using Linux as gaming on Linux has become a lot easier now thanks to Proton and Wine. A lot of video games, AAA or indie, are usually playable out of the box thanks to these two software many would call "magic". That being said there will be a few hiccups here and there so to be sure, check ProtonDB to see if your game is compatible on Linux (only lists games available on Steam). Furthermore nearly all Linux distributions (distros) have low to no bloatware and zero Microsoft telemetry, although some do have their own telemetry which is usually opt in by default and by no means sold to advertisers. What that basically means is that in most cases, any Linux distro is way more private than a Windows device. Now Linux has a lot of distros which may leave the average joe confused so if you want to make things short, choose between these three:

• Nobara OS - based on Fedora


• Pop!_OS - based on Ubuntu


• SteamOS - based on Arch but preconfigured by Valve for ease of use. While not exactly a distro I recommend highly, it's at least a good stepping stone into Linux.

If you don't mind tinkering around your distro a bit to optimize it for gaming, then here are some of the more popular general purpose ones:

• Fedora Workstation - Most popular Fedora distro. Run by Red Hat Enterprises and the Fedora community. Personal recommendation if you want to switch over to Team Penguin.


• Ubuntu - Another popular option. Note that the company that develops it, Canonical, have been under fire in the past for anti-privacy reasons so I'd advise caution.


• OpenSuse Tumbleweed - A popular option that gets tossed around every now and then. Don't know much about this but I've heard it's good.


• Linux Mint - One of the more lighter ones and more user friendly ones out there. Hard to recommend due to the fact that Mint doesn't support X11 or Wayland DEs and instead uses its own one called Cinnamon (read: might have problems with gaming and privacy). Based on Ubuntu.


• Arch Linux - The most customizable distro out there, but also the hardest to maintain. Only recommended if you hate yourself and don't value your time.

Tip: General rule when setting up Linux is to encrypt your OS partition and any partitions you will put sensitive or personal data in. While you could do this for your games partition, it's gonna be a hassle to input a password or two every time you want to play a game so I wouldn't recommend it.

Now probably the only reason you wouldn't want to game on Linux these days is if you play the following games:

• Destiny 2
• Fortnite
• Lost Ark
• PUBG
• Valorant
• Any game with an anticheat excluding VAC and some titles with EAC (check ProtonDB for Linux compatibility)

due to the fact that the Anti-Cheat found in these games dig themselves deep in the kernel to try and monitor all processes in the background (to make sure you're not running a background cheating service). While this is by every means invasive of your privacy these rootkit-like "anti-cheats" fortunately can't do this on Linux. In that case, the best advice I can give you is to either give up those titles or proceed to the next section.

Chapter I.a: Private Gaming on Windows

I'm just gonna say it right here: private gaming on windows is a myth. But it's no secret that Windows is inherently more secure than Linux. And some may need to prioritize security over privacy in places where cyberattacks are more rampant. And with such, there are a couple steps you can take to maximize your privacy on a Windows device.

• Use Windows Enterprise/Education Edition

Many people have said that Enterprise/Education are the only Windows Editions where all telemetry can be turned off. While I'm skeptical of this, you can look up a guide and try it for yourself to see if it works.

• Use Windows 10

Personal preference as Windows 11 has way too much bloatware and telemetry compared to Windows 10 so I mainly suggest the latter. I can only foresee more bloat and telemetry in future versions of Windows so I'm gonna politely ask you again to reconsider Linux.

• Use a local account

Never, ever log in with a Microsoft account as all actions you do can and will be traced back to you. While that watermark on the bottom right might be annoying you'll have to live with that if you want as much privacy on a Windows device as possible.

• Debloat your device post install

This step is best done manually with winget as 3rd party tools may be compromised and could potentially damage your device if you're not careful. This is best done immediately after installation to reduce the programs that need to be removed.

• Set up a blocklist that blocks connections to Microsoft T&A

A customizable DNS resolver like NextDNS or a DNS sinkhole like Pi-Hole should do the trick. NextDNS has a built in Microsoft telemetry blocklist, but is generally less of a firewall solution as it can only block connections on a DNS level (read: most, but not all). Pi-hole has stronger connection blocking but is tedious to set up apart from requiring a second device, not to mention manually looking for a blocklist yourself (lots of them on Github, ironic). It's all up to personal preference on which you want to go with if you ask me. Do note that some Microsoft game titles (Halo, Microsoft Flight Simulator, etc.) rely on some Microsoft telemetry servers for achievements so if you play those titles, be careful not to choose a blocklist that blocks the relevant servers.

Another option would be to just run a Windows Virtual Machine (VM) and play those games there. Do remember that setting up a VM for gaming takes a lot of time and your device would need at least 2 different GPUs or one GPU and one iGPU. Guides for that are available online. With all that being said just remember: the most private Windows device is one that doesn't connect to the internet at all.

P.S. This guide might help!

Chapter II: The Providers

While pretty much every commercial video game provider out there makes it impossible for you to be completely anonymous when gaming, you can always create a new account and put as little data in it as possible. Using different email aliases and different passwords for each one can increase the chance of advertising companies not being able to correlate between your actions. Avoid that one GOG feature that links all your gaming accounts together to centralize your library, as all your data from different sites is now in one place for GOG to share with third parties (yes they do that). If you're like me who already spent too much on video game purchases to give up your old accounts then I can only suggest limiting your game library to only one provider to limit all your data to one entity. For desktop there are multiple choices, although some are software I would avoid for varying reasons. Here I've ranked them from how much I'd recommend them and try to explain each one.

1. Steam

• Owner: Valve Corporation
• Based in: USA
• SPT: 25

Steam is the most popular video game distributor in the world and nearly everyone who call themselves gamers have an account. However the service isn't exactly what I'd call "privacy-centric" and having a low score on the SPT should be a huge red flag for anyone wanting privacy in gaming, but it does score higher than the competition. Might say something about the video game industry in general. But I digress, Steam's main downside is the soft requirement of having a phone number to use many of its features. Some of which include the Steam Store and Steam Marketplace. If you don't want to give away your phone number it's completely understandable, just note that the other option I recommend also has a specific downside you may not like.

2. GOG.com

• Owner: CD Projekt Red
• Based in: Poland
• SPT: -35

While it may have been overtaken by Steam in terms of Linux popularity, GOG was the first major video game distributor to ever support it in any capacity. It's DRM-free titles coupled with its generous sale prices have made it a staple in the video game distribution industry. Although the official GOG Galaxy client is closed source and unavailable on Linux, many cross platform 3rd party FOSS clients exist like Heroic or MiniGalaxy, which is how I'd prefer to use it if I would. The major downside to settling with GOG would be the T&A which they share with 3rd parties and you can't opt out of. If that doesn't sit right with you then I can only recommend you to use Steam, as the recommendation line ends here.

3. Epic Games

• Owner: Epic Games, Inc.
• Based in: USA
• SPT: -75

Ah yes, the black sheep of the video game distribution family. Many loathe its name while many others praise it as well. Epic, just like Steam, started out developing and selling its own games before branching out to include 3rd party software. Epic's main gimmick is that it gives away free games every week. While that may sound tempting, do remember the old adage: "If you are not buying the product, then you are the product". I believe this applies to the aforementioned free games and all. I personally wouldn't recommend this as it has the lowest SPT score of the 3 when I tested it. Also the Epic Games Launcher sucks.

4. Piracy

• Owner: Blackbeard, maybe
• Based in: The Seven Seas, probably
• SPT: 100, I think

While pirating is illegal and could get you in some boiling hot water, I have to mention the fact that this is technically the most private option when playing video games. Nearly all of them have been modified to be completely offline in order to not alert the devs that their game is being pirated. To top it off, most of them have managed to deactivate the embedded DRM so absolutely no one knows you're playing the game. I would most certainly advise against using this method, but some providers just do not care about your privacy at all (See Rockstar SPT). Another fact is that some games are just way too overpriced and the devs are usually scummy companies that don't deserve even a cent of your money. If that seems to be the case then you could consider this an option, but you have been warned of the consequences. Otherwise, I'd just avoid this option as much as possible.

General practices on gaming more privately:

• Encrypt the partition which holds your OS but not your game drives. Additionally encrypt any partitions which will contain sensitive and/or personal information. Both Linux and Windows have this feature built in (LUKS and Bitlocker respectively). Take note that Bitlocker can't be used to encrypt other partitions, you'd need a 3rd party app like VeraCrypt in order to get the job done.
• Input as little data as possible. Don't review anything and limit interactions with community forums and such.
• Try your best to use gift cards when purchasing from the platforms. Might be more expensive but it's better than using trackable methods of payment like Paypal or a credit card.
• If on Linux and available, install in a Flatpak. Some sandboxing is better than none at least. If you have the technical know how you can set up Steam with bubblewrap, preferably with gvisor.
• Avoid games that require linking to a 3rd party account, notably recent Ubisoft titles and EA titles. They've been in a steady decline of quality anyways.
• Never open the store unless you're gonna buy something. Set your default homepage to your library to help.
• Never use the in game browser. Set your game to borderless windowed and use your usual instead.
• Never input sensitive information or PII on the in house chat feature. Always assume no E2EE = your messages will be read. Use a 3rd party chat app with E2EE like Element if you wanna say something embarrassing.
• Block 3rd party connections as much as possible. I'd only suggest unblocking them when they're essential to gameplay (i.e. game servers) or store CDNs when purchasing.
• Additionally you can use an open source 3rd party client like Heroic if you don't want to use the official closed source clients.
• You can use a VPN, but I'd advise using a server that's hosted in a neighbouring country to reduce latency as much as possible. Can't believe I'm saying this but never game over TOR.

While they fit under the category of game providers, I have not included the following due to reasons including but not limited to: only selling their own games, having a separate launcher and requiring said launcher to run in the background when playing a game on another client (all of them being closed source meaning we don't know what kind of T&A they're doing behind the scenes), and I do not recommend them in the slightest, whether they are your main launcher or just installed in case.

• 2K Launcher
• Battle.net (Blizzard)
• Origin (EA)
• Riot Launcher
• Rockstar Games Launcher
• Ubisoft Connect

Chapter II.a: Lutris

While technically not a game provider of sorts, I feel like the champion of Linux gaming should at least be mentioned. Lutris is an open source game manager that is highly regarded in the open source gaming community as the best video game launcher for Linux. Lutris mainly uses Wine to run games but supports Proton as well. It also has different options such as using DXVK or VKD3D rendering, having patches towards usability among anti-cheat games, running games in a window, and so on and so forth. Lutris can additionally run the aforementioned clients to download games from that platform should you choose not to use a 3rd party client. I would only recommend using Lutris to launch games though. Those who choose GoG as their game provider would be wise to use Lutris to launch the games they get from there. Regardless, any Linux gamer with a sound mind will always have Lutris installed.

"The smart Linux gamer will always have Lutris in his arsenal"

- Sun Tzu

Chapter III: Who's Watching Who?

Now that you've chosen your OS and your game provider/s, you're ready to game in private! (yay!) But wait, there's more (ahw..). Some games may have embedded trackers in them which may collect information that's probably unnecessary. These may either be first party (by the game developers themselves or your client), or 3rd party (usually partners of the 1st party). Why they collect information like this is beyond me but regardless, it's spying and should not be condoned. In order to completely stop the unnecessary telemetry we'd need access to the source code, something most of us do not have. So we settle for the second best solution: A firewall. To recap, a firewall is something that either blocks or allows connections through the internet. While there are many 3rd party Windows ones I am not familiar with any of them and don't have any personal recommendations, although I've heard people could use SimpleWall, TinyWall, or even manually configure the local Windows firewall to block said connections. For Linux there are tons, albeit most of them not exactly user friendly. My personal recommendations would be OpenSnitch and Safing Portmaster due to both of them having interactive GUIs which make this entire process a lot easier to be honest. Do note that some will give an alarming notification which could potentially disrupt your gaming zen; So run and play an exhibition match to determine what connections are needed and what aren't, then review and add to your blacklist or whitelist. An easier way to do this approach is to just install KodoPengin's blocklist below as it already blocks a ton of telemetry/spyware domains and start playing.

Note: you may also use the aforementioned NextDNS or Pi-hole to accomplish this. What flips your pancakes I guess.

Below is a list that compiles every game tracker I am currently aware of:

• InAUGral's game trackers - possibly the only list one of the few lists out there that actually documents known game trackers (even if it is pretty small).
• GameIndustry hosts template - a really comprehensive list by KodoPengin that you can use to block multiple telemetry and spyware domains from both the games themselves and their respective clients. Even comes with instructions on how to use it, very neat.

While both lists already have a lot of domains, I'm constantly scouring the internet for known video game trackers. If you do find a couple I suggest adding them as an issue in KodoPengin's blocklist linked above.

Chapter IV: Avoidance

Now let's be clear. I'm not here to judge you for your taste in video games. Play what you enjoy playing is what I say. But there are just a few titles I'd explicitly recommend against due to them being anti-privacy in general. These may include the video games themselves or video games that require linking to 3rd party accounts. The following list is one I hope will never expand:

• Kerbal Space Program - Collects a ton of information and sells it to advertisers. While the SPT may take a while, I'd like to redirect you to Spyware Watchdog's article about it to show just how bad it is for privacy.
• Games that require a Rockstar Account - Includes GTA V and Red Dead Redemption 2. While those two are by no means bad games (they're masterpieces really), the company behind them is a pretty scummy one. For starters, Rockstar somehow managed to legally search the homes of known cheat developers for the sake of shutting them down. While this may seem like a victory on the anti cheat front, it is also a huge loss on the privacy front as well. Furthermore, the Rockstar games privacy policy is a lot more invasive compared to the usual and any games requiring a Rockstar account should be generally avoided as well (See Rockstar SPT).
• Games that require an Ubisoft Account - Bad company with bad product and bad history of being in bed with Facebook.
• Games that require your phone number - Notable examples are Rainbow Six Seige and Overwatch 2. As I've stated in my SPT, giving away your phone number is a general no-no not just in privacy but also in cybersecurity as well.
• Minecraft - I believe everyone has heard of the 19.84 update in which every single Minecraft server now has employees from Mojang/Microsoft actively watching all chat messages sent. Panopticism at its finest folks.

Chapter V: Keeping The Blade Sharp

Technology, and life in general, is all about change. In the olden days video games were only available in 2D and a limited number of pixels. Now games have x, y, and z directions while displaying all of that in 4k. And as ever evolving the state of video games are now, so are their respective legal documents on what information they collect. Terms of Service and Privacy Policies could change in an instant (okay maybe not an instant, but it feels like it) and what you once deemed a stronghold for all your private gaming needs could end up as a den of data collection the very next day (more like month really). In that regard you must remember to never falter and continuously be informed of the states of the games you're playing constantly. You never know which title could get the Minecraft 1984 treatment. Luckily most services tend to inform their userbase about changes in the privacy policy beforehand, in case anyone wants to jump ship when they deem it too invasive. The tides of the internet are always changing hands to favor one party or another, so you need to watch the mood of the sea to see if the odds are either with you or against you.

In the words of Kenny Rogers: know when to hold em, know when to fold em, know when to walk away, and know when to run.