According to a site called Game Watcher, it's possible that Bethesda is in violation of the European Union's "General Data Protection Regulation", or GDPR. When creating a new account, the option is presented to see Zenimax ads on other websites. The default response is "yes" which authorizes the sharing of personal data. According to a now-removed Reddit post, there is no way to toggle the answer to "no" until after account creation and that it is difficult to find it buried in several menus.
All of the above appears to be in violation of the EU's GDPR consent section which reads:
Consent must be freely given, specific, informed and unambiguous. In order to obtain freely given consent, it must be given on a voluntary basis. The element “free” implies a real choice by the data subject.
Without the ability to opt out at the time of account creation, it is possible that Bethesda could face some stiff fines from the EU, though no announcement has been made or actions filed with court to date.
We'll be keeping eyes on the story and will keep you posted.
