You say the scheme is for the most vulnerable players, people that have shown demonstrable harm. What makes someone 'the most vulnerable?'
I keep referring to the tortuous development of this scheme. The DPOs had some pretty animated debates about what the reasonable and proportionate use of this information is. So we evolved this and we've got to a position with the DPOs; there's a uniformity of agreement: that this is information we can and should use based on public interest and health information. That was signed off by the ICO.
You can go onto the GamProtect website, you can look at our privacy policy and the use cases are on there. The specificity that's on there, I don't need to go into that today, but we've got five user cases that say, ‘if this, the participating operator will add you into the scheme.’ Like I said, it's an easy sales pitch. If you go on the website and have a look at those use cases, it's demonstrable. We can evidence, we can log it. It's on the chat. It's on the call. This is what customers are saying to us.
You said the information you're holding is name, last name, date of birth, etc. But the length of time that information is being held for is 47 years. Is that fairly standard for self-exclusion or any similar system? If not, how did you decide that this is a good amount of time?
From our view, that seems an incredible amount of time to be holding onto this information, I 100% agree. But, this is where we got to in the discussions between our data protection officers, highly skilled, talented subject matter experts, and the ICO and KPMG. This was what we thought was the appropriate placement of the scheme. It's all justifiable. There were reasons for it. I'm not a Data Protection Officer here. I operate in their orbit, but I take their advice.
For more coverage of the GamProtect launch event, check out our summaries of talks by Purdy and Gambling Commission Executive Director of Research and Policy Tim Miller.