The access control double bind: How everyday interfaces regulate access and privacy, enable surveillance, and enforce identity

Abstract

Access controls are an inescapable and deceptively mundane requirement for accessing digital applications and platforms. These systems enable and enforce practices related to access, ownership, privacy, and surveillance. Companies use access controls to dictate and enforce terms of use for digital media, platforms, and technologies. The technical implementation of these systems is well understood. However, this paper instead uses digital game software and platforms as a case study to analyze the broader socio-technical, and often inequitable, interactions these elements regulate across software systems. Our sample includes 200 digital games and seven major digital gaming platforms. We combine close reading and content analysis to examine the processes of authentication and authorization within our samples. While the ubiquity of these systems is a given in much academic and popular discourse, our data help empirically ground this understanding and examine how these systems support user legibility and surveillance, and police identities in under-examined ways. We suggest changes to the policies and practices that shape these systems to drive more transparent and equitable design.