I do not think D&D Beyond is a place to discuss politics, but I am seeing a lot of posts essentially dismissing the nexus between D&D Beyond and the recent global legislations. Without commenting on the actual efficacy or my personal beliefs on the laws, or any of the political nature of the laws themselves, I did want to provide a different, factual background that folks should at least keep in the back of their mind. To be clear, the goal of this post is not to start any political discussion - and I am not going to engage in any, even if baited - but merely inform individuals about an issue that is flying under the radar and directly implicates D&D Beyond in a way I do not believe most realize.
I do a lot of work on cases involving child trafficking and abuse, and probably deal with things on a daily basis more horrifying than most folks on D&D Beyond are capable of imagining. In the field of human trafficking, the largest rise we are seeing used by individuals seeking to exploit children, for anything ranging from inappropriate conversations and pictures to actual trafficking, is on gaming websites, forums, and MMOs - pretty much any gaming related site with a social component.
Why is that? Parents have been warned about the dangers of places like Facebook for years and years, but many of them - even ones who are otherwise pretty savvy about their internet usage, do not think about the social component of a place like Discord, D&D Beyond, etc. These are often sites where the primary purpose is something other than the social component, so parents might not fully register the same exact dangers from places like Facebook can exist. Gaming sites also tend to have a fairly high density of individuals that are a bit socially awkward, lonely, or otherwise vulnerable - not that the perception of all gamers as shut-ins are accurate, but that subsection of our community does exist. To an individual who preys on children, that makes gaming sites a perfect hunting ground - relatively low parental oversight and a higher rate of potential victims.
I would love to say that D&D Beyond is different from major social media sites. Would love to believe there is no need for protections on this fun little site about playing D&D. But I cannot. And, from professional experience, I look at places like Adohand's Kitchen - an insular community, skewing underage, where individuals regularly post about their insecurities and desire to make human connections - as (due to no fault of Wizards) an extremely likely target for predators.
So, maybe before we be a bit dismissive of the nexus between these kinds of laws and D&D Beyond, we should at least consider there are other perspectives and risks - and that the reasoning of "D&D Beyond is probably not a threat" dismissal is a significant part of the reason D&D Beyond is the exact kind of site predators would be inclined to target.
The information is not being collected by D&D Beyond. It is being collected by our partner k-ID.
To add to this, k‑ID doesn't store the info it collects either. It only stores the verification result, whether you passed or failed. From their privacy policy:
k-ID does NOT store the information that you provide to prove your age and/or parent/guardian status. All we store is the result of the validation process (i.e., whether you passed or failed). In the case of Facial Age Estimation (“FAE”) technology provided by Privately, the facial image you provide is processed solely on your device – we don’t actually see any faces that are processed via this solution.
And all D&D Beyond gets is the verification result. No PII is stored or shared.
Rollback Post to RevisionRollBack
How I'm posting based on text formatting: Mod Hat On - Mod Hat Off
I am relieved to hear that the K-ID service at least pay lip service to data privacy.
I am not relieved overall, because it is still murky to me what features could be locked behind this system. Could my age or location be used to lock me out of my purchased content? Could it be used to restrict what I say on the forum? Could it be used to prevent me from playing a barbarian on Maps because the local law says so?
The information is not being collected by D&D Beyond. It is being collected by our partner k-ID.
To add to this, k‑ID doesn't store the info it collects either. It only stores the verification result, whether you passed or failed. From their privacy policy:
k-ID does NOT store the information that you provide to prove your age and/or parent/guardian status. All we store is the result of the validation process (i.e., whether you passed or failed). In the case of Facial Age Estimation (“FAE”) technology provided by Privately, the facial image you provide is processed solely on your device – we don’t actually see any faces that are processed via this solution.
And all D&D Beyond gets is the verification result. No PII is stored or shared.
It might be a good idea to include this on the page that asks for this personal information. It currently provides no clarification on what is done with the collected data.
I am not relieved overall, because it is still murky to me what features could be locked behind this system. Could my age or location be used to lock me out of my purchased content? Could it be used to restrict what I say on the forum? Could it be used to prevent me from playing a barbarian on Maps because the local law says so?
It's not all that useful to ask what 'could' be done. In theory, just about anything on the site could be age-gated. In practice, D&D Beyond wants to do the minimum possible amount of work, so the question I would ask is what their current intent is. Given that D&D Beyond has never been a site that publishes adult content, my guess would be (already existing) shop restrictions and possibly restrictions on the more social media-y aspects of the site such as forums and DMs.
I am not relieved overall, because it is still murky to me what features could be locked behind this system. Could my age or location be used to lock me out of my purchased content? Could it be used to restrict what I say on the forum? Could it be used to prevent me from playing a barbarian on Maps because the local law says so?
It's not all that useful to ask what 'could' be done. In theory, just about anything on the site could be age-gated. In practice, D&D Beyond wants to do the minimum possible amount of work, so the question I would ask is what their current intent is. Given that D&D Beyond has never been a site that publishes adult content, my guess would be (already existing) shop restrictions and possibly restrictions on the more social media-y aspects of the site such as forums and DMs.
Well sure. I wasn't so much alluding to WotC's agency here. If a law is passed that says 43-year-old Michiganders are not permitted to use the spell "Silvery Barbs", WotC has very little to say about it. I am just curious to know what levers are available and in place for WotC to respond to these laws, so as to work out why this was all deemed necessary in the first place.
Because from my point of view, if WotC wants to do the minimum required to follow the law, then there must be some reason that the minimum requires even this measure. You know what I mean?
Just to reiterate, I am not angry or concerned with WotC's behavior here insofar as we live by laws that must be followed.
The consequences are you don't get to use your account until it is provided. This email was sent yesterday. I am sure that anyone with email communication turned on got it.
so many people crying the sky is falling on this thread. there is nothing shady or nefarious happening, WotC is jsut covering their butts with all the new regulations and laws countries are passing.
if you took the time to read what K-ID is instead of running straight here to cry foul, you would know that the only thing being stored is your country and weather or not your a minor, your birthdate is not stored. and evehn if it was it will take a small amount of time for anyone to find your birthdate online anyway. everyone's birthdate is somewhere online.
Definitely was better ways of doing this, such a shame wizbro chooses the most difficult path for every journey.
Difficult, it litterly took me less then 10 seconds to do. its only difficult if you cant remember what your birthday is and what country you live in, and at that point you have bigger problems.
Definitely were better ways of doing this, such a shame wizbro chooses the most difficult path for every journey.
Is there a better way though? They are going through a third-party that (a) already has the infrastructure set up, (b) only stores verification data, and (c) purges the actual PII once verification is complete. So, at the end of the day, Wizards does not need to make up their own system (which, judging from tech issues Beyond has consistently had, likely would have its own host of problems), and the PII is not stored anywhere and thus is not available for access.
We live in a new era of the internet where age verification is becoming the norm. It is not Wizards' fault they have to comply with changing internet policies - and I would much rather they outsource this to an entity with actual experience and who deletes the data than try to build something of their own. As, I think, would anyone who actually thinks about the reality of the situation.
Definitely were better ways of doing this, such a shame wizbro chooses the most difficult path for every journey.
Is there a better way though? They are going through a third-party that (a) already has the infrastructure set up, (b) only stores verification data, and (c) purges the actual PII once verification is complete. So, at the end of the day, Wizards does not need to make up their own system (which, judging from tech issues Beyond has consistently had, likely would have its own host of problems), and the PII is not stored anywhere and thus is not available for access.
We live in a new era of the internet where age verification is becoming the norm. It is not Wizards' fault they have to comply with changing internet policies - and I would much rather they outsource this to an entity with actual experience and who deletes the data than try to build something of their own. As, I think, would anyone who actually thinks about the reality of the situation.
it ammuses me that all these WotC haters are still here and participating in WotC products. Why are they still here if they hate the company? when i dislike something I dont participate with it and make it part of my personality.
Maybe we're still here because we have sunk costs, and no way to sell them and leave?
If I could recoup some of my money by selling my account and go I would, as it is I can lose all of my money and go, or use what I paid for and complain when they do dumb things like this that do not apply to me but it is easy for them rather than them coming up with a solution that works without making people that are not in the effected group have to verify they aren't. Labeling the dissenters as wotc haters is a classic attack on this site, yet when wizbro caves and does what the dissenters ask it is crickets like say the 5.5e toggle that was never going to be on the character generator tool, 🙄.
Looking back on some of the recent blunders by wizbro on this site, I would wager January 27th is going to be a customer service nightmare.
Definitely were better ways of doing this, such a shame wizbro chooses the most difficult path for every journey.
What do you think those better ways were? I will say that they should probably have had the above message written and published before they triggered the script for asking us to verify IDs, which isn't the best of internal communications, but other than that... they're mostly adding a small amount of enforcement to existing rules (see section 1.3 of the TOS), it's generally stuff that's required by their biggest markets (COPPA in the US, GDPR article 8 in the EU, UK Children's Code, ...), and developing their own system in-house would not be more secure than contracting with a third-party specialist.
dumb things like this that do not apply to me but it is easy for them rather than them coming up with a solution that works without making people that are not in the effected group have to verify they aren't.
The number of people who are actually not in the affected group is rather small.
-
View User Profile
-
View Posts
-
Send Message
ModeratorFolk, please try to remember our rules on avoiding political discussion and don't get drawn into personal call outs of each other.
D&D Beyond ToS || D&D Beyond Support
-
View User Profile
-
View Posts
-
Send Message
ModeratorThe information is not being collected by D&D Beyond. It is being collected by our partner k-ID.
// I am Arenlor
Developers should read This Changelog
Moderator for D&D Beyond's YouTube, Twitch, and Discord.
I do not think D&D Beyond is a place to discuss politics, but I am seeing a lot of posts essentially dismissing the nexus between D&D Beyond and the recent global legislations. Without commenting on the actual efficacy or my personal beliefs on the laws, or any of the political nature of the laws themselves, I did want to provide a different, factual background that folks should at least keep in the back of their mind. To be clear, the goal of this post is not to start any political discussion - and I am not going to engage in any, even if baited - but merely inform individuals about an issue that is flying under the radar and directly implicates D&D Beyond in a way I do not believe most realize.
I do a lot of work on cases involving child trafficking and abuse, and probably deal with things on a daily basis more horrifying than most folks on D&D Beyond are capable of imagining. In the field of human trafficking, the largest rise we are seeing used by individuals seeking to exploit children, for anything ranging from inappropriate conversations and pictures to actual trafficking, is on gaming websites, forums, and MMOs - pretty much any gaming related site with a social component.
Why is that? Parents have been warned about the dangers of places like Facebook for years and years, but many of them - even ones who are otherwise pretty savvy about their internet usage, do not think about the social component of a place like Discord, D&D Beyond, etc. These are often sites where the primary purpose is something other than the social component, so parents might not fully register the same exact dangers from places like Facebook can exist. Gaming sites also tend to have a fairly high density of individuals that are a bit socially awkward, lonely, or otherwise vulnerable - not that the perception of all gamers as shut-ins are accurate, but that subsection of our community does exist. To an individual who preys on children, that makes gaming sites a perfect hunting ground - relatively low parental oversight and a higher rate of potential victims.
I would love to say that D&D Beyond is different from major social media sites. Would love to believe there is no need for protections on this fun little site about playing D&D. But I cannot. And, from professional experience, I look at places like Adohand's Kitchen - an insular community, skewing underage, where individuals regularly post about their insecurities and desire to make human connections - as (due to no fault of Wizards) an extremely likely target for predators.
So, maybe before we be a bit dismissive of the nexus between these kinds of laws and D&D Beyond, we should at least consider there are other perspectives and risks - and that the reasoning of "D&D Beyond is probably not a threat" dismissal is a significant part of the reason D&D Beyond is the exact kind of site predators would be inclined to target.
-
View User Profile
-
View Posts
-
Send Message
ModeratorTo add to this, k‑ID doesn't store the info it collects either. It only stores the verification result, whether you passed or failed. From their privacy policy:
And all D&D Beyond gets is the verification result. No PII is stored or shared.
Homebrew Rules || Homebrew FAQ || Snippet Codes || Tooltips
DDB Guides & FAQs, Class Guides, Character Builds, Game Guides, Useful Websites, and WOTC Resources
Are you referring even to the bday / region? Or just the additional info K-ID would need?
This is a signature. It was a simple signature. But it has been upgraded.
Belolonandalogalo, Sunny
Eggo Lass, Bone and Oblivion | Tendilius Mondhaven Paxaramus, Drakkenheim
Karl Erikson, No Guts No Glory | Chipper, Curse of Strahd
Silverwood Group 1 | Silverwood Group 2
Get rickrolled here. Awesome music here. Track 51, 10/23/25, Viva La Vida
I am relieved to hear that the K-ID service at least pay lip service to data privacy.
I am not relieved overall, because it is still murky to me what features could be locked behind this system. Could my age or location be used to lock me out of my purchased content? Could it be used to restrict what I say on the forum? Could it be used to prevent me from playing a barbarian on Maps because the local law says so?
It might be a good idea to include this on the page that asks for this personal information. It currently provides no clarification on what is done with the collected data.
It's not all that useful to ask what 'could' be done. In theory, just about anything on the site could be age-gated. In practice, D&D Beyond wants to do the minimum possible amount of work, so the question I would ask is what their current intent is. Given that D&D Beyond has never been a site that publishes adult content, my guess would be (already existing) shop restrictions and possibly restrictions on the more social media-y aspects of the site such as forums and DMs.
Well sure. I wasn't so much alluding to WotC's agency here. If a law is passed that says 43-year-old Michiganders are not permitted to use the spell "Silvery Barbs", WotC has very little to say about it. I am just curious to know what levers are available and in place for WotC to respond to these laws, so as to work out why this was all deemed necessary in the first place.
Because from my point of view, if WotC wants to do the minimum required to follow the law, then there must be some reason that the minimum requires even this measure. You know what I mean?
Just to reiterate, I am not angry or concerned with WotC's behavior here insofar as we live by laws that must be followed.
Still no update on what the alleged consequences will be for refusing to provide more PII.
The consequences are you don't get to use your account until it is provided. This email was sent yesterday. I am sure that anyone with email communication turned on got it.
DM mostly, Player occasionally | Session 0 form | He/Him/They/Them
EXTENDED SIGNATURE!
Doctor/Published Scholar/Science and Healthcare Advocate/Critter/Trekkie/Gandalf with a Glock
Try DDB free: Free Rules (2024), premade PCs, adventures, one shots, encounters, SC, homebrew, more
Answers: physical books, purchases, and subbing.
Check out my life-changing
Oh, this is going to go over like the proverbial ton of bricks.
Definitely were better ways of doing this, such a shame wizbro chooses the most difficult path for every journey.
so many people crying the sky is falling on this thread. there is nothing shady or nefarious happening, WotC is jsut covering their butts with all the new regulations and laws countries are passing.
if you took the time to read what K-ID is instead of running straight here to cry foul, you would know that the only thing being stored is your country and weather or not your a minor, your birthdate is not stored. and evehn if it was it will take a small amount of time for anyone to find your birthdate online anyway. everyone's birthdate is somewhere online.
Difficult, it litterly took me less then 10 seconds to do. its only difficult if you cant remember what your birthday is and what country you live in, and at that point you have bigger problems.
Is there a better way though? They are going through a third-party that (a) already has the infrastructure set up, (b) only stores verification data, and (c) purges the actual PII once verification is complete. So, at the end of the day, Wizards does not need to make up their own system (which, judging from tech issues Beyond has consistently had, likely would have its own host of problems), and the PII is not stored anywhere and thus is not available for access.
We live in a new era of the internet where age verification is becoming the norm. It is not Wizards' fault they have to comply with changing internet policies - and I would much rather they outsource this to an entity with actual experience and who deletes the data than try to build something of their own. As, I think, would anyone who actually thinks about the reality of the situation.
it ammuses me that all these WotC haters are still here and participating in WotC products. Why are they still here if they hate the company? when i dislike something I dont participate with it and make it part of my personality.
Maybe we're still here because we have sunk costs, and no way to sell them and leave?
If I could recoup some of my money by selling my account and go I would, as it is I can lose all of my money and go, or use what I paid for and complain when they do dumb things like this that do not apply to me but it is easy for them rather than them coming up with a solution that works without making people that are not in the effected group have to verify they aren't. Labeling the dissenters as wotc haters is a classic attack on this site, yet when wizbro caves and does what the dissenters ask it is crickets like say the 5.5e toggle that was never going to be on the character generator tool, 🙄.
Looking back on some of the recent blunders by wizbro on this site, I would wager January 27th is going to be a customer service nightmare.
What do you think those better ways were? I will say that they should probably have had the above message written and published before they triggered the script for asking us to verify IDs, which isn't the best of internal communications, but other than that... they're mostly adding a small amount of enforcement to existing rules (see section 1.3 of the TOS), it's generally stuff that's required by their biggest markets (COPPA in the US, GDPR article 8 in the EU, UK Children's Code, ...), and developing their own system in-house would not be more secure than contracting with a third-party specialist.
The number of people who are actually not in the affected group is rather small.
You have access to those numbers?