The UK privacy and data regulator has supported the legal basis for one of the main aspects of the proposals seeking to introduce stricter checks and evaluation of punters’ financial risk.
The Information Commissioner’s Office (ICO) has noted that, currently, data protection legislation does not prevent gambling operators from carrying out financial risk checks. On the other hand, banks are allowed to share their customers’ personal information as long as it is done in a proportionate and transparent manner.
So-called “background checks” would take place whenever a player reaches a £125 net loss threshold within a month or a £500 net loss threshold within a year. A second enhanced round of “background checks” would take place whenever a player reaches a net loss threshold of £1,000 within 24 hours or a £2,000 net loss threshold within 90 days. As explained by ministers, the affordability checks would be “frictionless” and they would be held through open banking or credit reference agencies (CRAs), with requests for such documents seen as a last-ditch effort.
Stephen Almond, the executive director of regulatory risk at the Information Commissioner’s Office, noted that problem gambling could inflict serious harm on people’s lives, jobs, relationships, finances, and physical and mental health. That is why the UK privacy and data watchdog is now willing to encourage the financial sector to share data in an effort to protect people from gambling losses that they cannot really afford and the spiralling debt that is usually associated with such losses.
The news was welcomed by the UK Gambling Commission (UKGC), describing the measure as an “important step” forward in the protection of British people from gambling-related harm.
Credit Risk Data Could Be Shared between CRAs and Gambling Operators
The Information Commissioner’s Office revealed that it had been collaborating with the country’s major gambling regulator on the design of privacy safeguard measures regarding financial risk checks. The watchdog further noted that gambling companies will be allowed to use the personal data they receive only for the purpose of affordability checks. Apart from that, customers will have to be informed in advance that financial risk checks might take place in case they generate massive losses while gambling.
Earlier this week, Mr Almond responded to a UK Finance request for more information regarding the sharing of credit risk data between CRAs and gambling companies. At the time, the executive director of ICO’s regulatory risk unit shared that General Data Protection Regulation (GDPR) does not allow the sharing of such information when it comes to financial risk evaluations and checks, but the information must be limited to what is necessary in every case.
Mr Almond further noted that British gambling operators are required to keep any additional personal information they receive from local credit reference agencies safe and use it only for the purposes of financial risk checks when needed. He explained that only the personal data of people willing to gamble should be processed, and not one of their “financial associates”. In addition, gambling companies would not be permitted to use such data for commercial gain.
The ICO has also supported plans for gambling operators to share some customer data – or so-called single customer view (SCV) – when it comes to individuals identified as high-risk players who are gambling across a number of online gambling platforms. Trials of an SCV solution have already been carried out under the patronage of the Betting and Gaming Council (BGC).
So far, British gamblers have been somehow suspicious of the SCV concept, as some of them have feared that it might result in further restrictions on their accounts. In its White Paper on gambling, the Government, however, has noted that it did not believe that the creation of a wider customer database was justified, considering the privacy implications for people who gamble safely.
- Author