Online gambling business – ICO taking a look at user tracking. #DataProtection #GDPR

ImagecourtesyofGualberto107atFreeDigitalPhotos.net

ImagecourtesyofGualberto107atFreeDigitalPhotos.net

The UK Information Commissioners Office (ICO) is taking a look at lovation tracking software installed without users knowledge who log into online betting services.

 

The use of this software may be contravening the Data Protection Act (1998) as this Act requires data subjects to be aware if their personal information is collected and give permission for it to be used in ways they agree to and nothing more.

The timing of this investigation is crucial as GDPR will enter law next May and fines of up to 4% of global turnover will come into force for serious data protection breaches.

If you want to read more about the story click here.

If you want to learn more about Data Protection and GDPR click here.

Watch out gambling guys, the ICO is watching

Gambling affiliates be warned that the Information Commissioner’s Office (ICO) is watching for what it considers to be unacceptable levels of ‘spam’ texts to users. A new code of practice is also being introduced with strict requirements for how customer data is used. This is inline with the current Data Protection Act (1998) and ahead of the EU GDPR (new regulation on Data Protection for any data processors using EU citizens’ data) that will be implemented in May 2018. If you want more detail or support on GDPR, please visit our website.

You can read more about it here. 

GDPR and the Gambling Industry

The EU’s General Data Protection Regulation (GDPR) is going to affect all businesses trading in or through the EU and the UK gambling market will also feel it’s impact.

The UK has its own Data Protection Act and the EU Data Protection Directive has been in place since 1995.  But developments in technology and business models have left the rules out of date in many ways and so an overhaul was overdue.

For Gambling, there will be a lot of things to think about and we can’t cover everything in a blog post. But here is some food for thought or a starter at least. You know where we are if you need us.

GDPR will impact all Gambling providers and non-EU providers need to be extra vigilant and take care not to breach these regulations. Most of the regulations are not new but the requirement for compliance will be enforced and a fine of up to 4% of the previous year’s global turnover (or €20,000,000 which is the new, greatly increased, ceiling) for a serious data breach.

Data subjects must be clearly notified their information is being collected and or processed and for what specific purpose. There must be a clearly defined reason for collecting the data that the subject is completely aware of.

Once you have the subjects data, you can only hold and use it for the purpose you collected it for and for no longer than it is required for that purpose. The data subject also needs to to totally clear on who they have lent their data to.

If any ‘data profiling’ takes place, the subject should be informed and of any of the consequences that may arise from it. There should also be a mechanism for the data subjects to withdraw their consent to use their data.

Operators will also be required to notify data subjects within 72 hours of a breach of un-encrypted data.

Stack of Chips

You can get us at http://www.advent-im.co.uk

0121 559 6699 / 0207 100 1124

bestpractice@advent-im.co.uk