A High Court judge ruled that Bonne Terre Ltd, which operates as SBG, did not have a lawful basis to collect the anonymised claimant’s personal data through cookies. Nor should it have then profiled the player for the purposes of serving direct marketing online. Justice Collins Rice described the profiling practices used between 2017 and 2019 as “parasitic”.
The court heard that the claimant lost more than £45,000 over 10 years with SBG, while intricate details of how their data was collected and used was presented. The claimant argued that the Flutter Entertainment-owned brand ought to have known he was a problem gambler and should not have shared his data with third parties.
Justice Rice noted that the ruling was confined to the particular circumstances of the case andthe industry’s policies and practices have evolved since the period in question.
SBG, in a statement said it is considering an appeal.
“We fundamentally disagree with this judgment,” SBG said. “We have made significant changes to our controls and processes over the past six years as part of our ongoing investment behind safer gambling and will continue to do so.”
While SBG was adjudged to be legally liable for the claimant’s data breach, Justice Rice has not yet made a decision on remedy, including financial compensation. SBG was fined £1.17m in 2022 for sending promotional emails to customers who had self-excluded or opted out of receiving marketing.
Last year, it was reprimanded by the Information Commissioner’s Office (ICO) for unlawfully processing users’ data.
Landmark moment for gambling sites’ customer interactions
The claimant found out how their data was collected and used after making data subject access requests (DSARs) to a number of gambling operators and other third parties.
Evidence presented in the case showed that at any one time, each individual is assigned around 500 data points that are continuously updated by real-time data.
These are in addition to tens of thousands of data points received from third parties. It was claimed that these data points are then used by the business, in particular its marketing arm, to segment its customer base for marketing campaigns and to build “propensity models”, algorithmic models that predict users’ future behaviours online.
Data rights agency AWO, who represented the claimant in court, said the ruling was a landmark moment for how gambling companies interact with consumers.
“The groundbreaking ruling is a legal first for online marketing and the related legal principles, and could have major implications for the multi-billion-pound online gambling sector in the UK and the online advertising industry as a whole,” AWO wrote in a statement.
“It raises the prospect that not only SBG, but also other gambling companies, have been illegally profiling thousands – if not tens of thousands – of their vulnerable customers for years.”
Earlier this week, ICO, the UK’s information regulator, announced a crackdown on online customer tracking. The country’s most popular websites, including gambling platforms, face automated monitoring efforts to ensure compliance with data protection laws.
Original article: https://igamingbusiness.com/legal-compliance/legal/high-court-sbg-breached-data-laws/
