On Wednesday, September 11, 2024, the launch event for GamProtect provided an in-depth look at the latest advancements in data protection within the gambling sector. Moderated by Steph Wong, Head of Policy at the Betting and Gaming Council (BGC), the panel featured key figures involved in the development and implementation of the GamProtect scheme. The panelists included Andreas Klug, Chief Protection Officer at Entain; Jacqueline Gazey, Interim Data Protection Officer for UK & Ireland at Entain; and Joseph Gaunt, Data Protection Officer at Evoke Group.
The launch event followed the recent appointment of Grainne Hurst as CEO of the BGC, who has been instrumental in facilitating the GamProtect initiative. The day’s events also included two other panels covered by Gambling Insider, led by Kane Purdy, Chair of the GamProtect Board and Managing Director of Gamesys Operations, and Tim Miller, Executive Director of Research and Policy at the Gambling Commission.
Historical Context and Expectations
Steph Wong began the panel by revisiting the challenge of creating a single-customer view, first presented in Birmingham in early 2020. Andreas Klug reflected on the initial expectations and challenges faced by the industry. “It was a very cold February day, just ahead of Covid,” Klug recalled. The challenge was embraced by the BGC and major operators, who quickly realized the necessity of involving financial services and data experts to begin the process.
Despite the complexity of financial technology developments, such as open banking, GamProtect was launched in under five years—a notable achievement according to Klug. He emphasized the importance of developing a “proportionate” system, noting that the goal was not to include sensitive data unnecessarily. Instead, the focus was on sharing minimal data necessary to protect users, which led to the innovative solution of using flags instead of sensitive data.
Key Developments and Innovations
Klug discussed the specific segment of legislation that allowed GamProtect to function within data protection laws. Initially, the Information Commissioner’s Office (ICO) viewed the scheme as involving sensitive data. However, the creation of a sandbox environment enabled the development of a framework that met legal requirements without exposing sensitive information. This approach allowed the trial phase of GamProtect to commence in 2023, focusing on sharing only essential flags rather than sensitive details.
The Role of Collaboration
Joseph Gaunt highlighted the importance of collaboration in the development of GamProtect. He compared the process to assembling a 1,000-piece puzzle with friends and family, emphasizing the need to bring together various pieces to complete the picture. Gaunt stressed that the collaborative effort was crucial, given the vulnerability of the individuals involved in the scheme. “We knew what we were doing was so important,” Gaunt said, expressing pride in the collective achievements of the team.
Data Retention and Management
One of the significant aspects of GamProtect is its data retention policy. Data is stored for a total of 47 years, divided into an initial five-year exclusion period, a 35-year residual exclusion period, and an additional seven-year archival period. Gaunt explained that this extensive retention period was designed to address potential lifetime issues related to gambling addiction. The decision to retain data for 35 years for vulnerable individuals was based on the understanding that it provides a robust framework for managing data related to problem gambling.
Redress Process and Orphan Data
Jacqueline Gazey addressed the redress process for individuals registered under GamProtect. While there have not been significant complaints so far, Gazey acknowledged the potential for an increase as the scheme expands. Individuals have the right to contest their inclusion in the scheme within the five-year exclusion period, though this right can be overridden if the individual demonstrates genuine problem gambling behaviors.
Klug also discussed the concept of orphan data, which involves removing or disconnecting data to enhance security. By avoiding the sharing of sensitive customer data, GamProtect aims to protect vulnerable individuals’ information from potential breaches. The orphaning of data ensures that sensitive information is managed with the utmost integrity.
Future Developments and Use Cases
As GamProtect continues to evolve, additional use cases are anticipated. Gazey noted that future developments will require revisiting the data-sharing processes and retention times. The experience gained from the current implementation will inform future adjustments, highlighting the scheme’s adaptive nature as it responds to emerging needs and challenges.
The GamProtect launch event provided valuable insights into the challenges and innovations involved in protecting sensitive data in the gambling industry. The collaboration between various stakeholders, the careful consideration of data retention and management, and the ongoing development of the scheme reflect a commitment to safeguarding vulnerable individuals while ensuring compliance with data protection laws. As GamProtect continues to grow and evolve, its ability to adapt and address new use cases will be crucial in maintaining its effectiveness and integrity.
This event marks a significant milestone in the efforts to enhance data protection within the gambling sector, setting a precedent for future initiatives aimed at safeguarding sensitive information and promoting responsible gambling practices.