ICO confirm Sky Bet brands acted unlawfully

Following consideration of submissions by Clean Up Gambling, the ICO has today confirmed that Sky Betting and Gaming brands breached the data protection regime.

Background

Today (17 September 2024), the ICO has confirmed that Sky Bet’s parent company, who are ultimately part of the Flutter group of companies, breached the UK GDPR. That breach included deployment of surveillance technology on devices without giving users a chance or say.

The ICO found that “a pixel embedded within Sky Bet to facilitate the setting of approximately 40 third-party” surveillance tools. Those tools allowed for the profiling and behavioural analysis of visitors to the website. The ICO has taken the rare step of issuing a reprimand against the company for this unlawful conduct.

The ICO enforcement action resulted from a report commissioned by Clean Up Gambling. That report, by the investigative team at Cracked Labs, showed the vast scale of the broadcast of the data, as well as detailing the intimacy of the data involved.

That data is then used by gambling platforms to create a profile of digital behaviour, from which knowledge of individual behaviour can be understood. This includes details such as whether individuals are positively or negatively influenced by adverts, what time they play, what their favourite games are and what ‘life stage’ they are in. Clean Up Gambling then commissioned a legal analysis of that report from AWO, the leading data protection agency, which led to the submissions to the ICO.

Quotes

Matt Zarb-Cousin, Director of Clean Up Gambling, said “Gambling is a unique sector in that operators win when their customers lose. This adversarial relationship means gambling companies need guardrails to ensure consumers are protected rather than exploited. We have been vindicated by an historic ruling that puts operators on notice to clean up their act, as the rules are going to be enforced. Reform is clearly needed to ensure this sector is adequately controlled.”

Ravi Naik, Legal Director of AWO, said: “Our clients are pleased to see the ICO take enforcement action by this reprimand. The legal submissions we prepared for our client were unequivocal: the tracking technology was deployed without a proper basis. We are pleased to see the ICO not only agree with those submissions but to take action as a result. This is not the end of the story. There is further action to come, including our clients seeking remedies for the consequences of these acts which the ICO has found to breach the UK GDPR.”

Notes

1. Clean Up Gambling's report by Cracked Labs is available here 

2. Clean Up Gambling's legal submissions by AWO are here

3. ICO's press releases on the investigation is here

4. ICO's Reprimand is here

Copyright © 2020 Clean Up Gambling.