Kernel-level anti-cheat software (Riot Vanguard, FACEIT AC) runs with rootkit-equivalent OS privileges on 100M+ PCs, even when players are not gaming

Games like League of Legends, Valorant, and Fortnite require kernel-level anti-cheat drivers (Riot Vanguard, Easy Anti-Cheat, BattlEye) that operate at Ring 0 -- the same privilege level as the operating system kernel itself -- on over 100 million PCs worldwide. These drivers load at system boot and remain active continuously, not just during gameplay, giving game publishers persistent deep-system access equivalent to what security researchers classify as rootkit behavior. Why it matters: Hundreds of millions of PC gamers are running software with the highest possible system privilege level at all times, so any vulnerability in these anti-cheat drivers becomes a catastrophic attack surface for malware and nation-state actors, so players face privacy exposure with no audit transparency since developers refuse to disclose how the software works to maintain anti-cheat effectiveness, so gamers must choose between playing popular competitive titles or maintaining system security hygiene, so an entire generation of PC users is being conditioned to accept always-on kernel-level surveillance as a normal cost of entertainment. The structural root cause is that cheat developers operate at kernel level, forcing anti-cheat developers into an arms race at the same privilege level -- but unlike security software that undergoes independent audits, anti-cheat vendors have no regulatory obligation to submit to third-party security reviews, creating an unauditable trust asymmetry where players must blindly trust closed-source kernel drivers from game companies.