Gambling Data Breaches: Did gambling companies sell your data?

In an industry already beset by scandals and numerous investigations into exploitative practices, it is perhaps no surprise that gambling companies have come under further scrutiny: this time, for the way they handle their users’ data and personal information.

Several UK media outlets have reported that gambling companies have secretly shared data collected from visitors to their websites with Meta. The ICO has confirmed that some companies acted unlawfully and issued warnings to them.

Collecting and sharing user data without consent would constitute a serious breach of data protection laws. If you have been affected, there is something you can do about it.

How gambling companies sell their customers’ data

The protection of personal data is enshrined in UK law – with GDPR stipulating strict protocols for any company’s duty of care for any sensitive details and personal data it holds.

However, in a data-driven world, the financial incentive for companies to harvest and sell their users data to third parties means that there is a lot of unlawful data sharing going on.

A number of investigations by UK-based journalists have found some potential evidence that hidden tracking tools were embedded in UK gambling websites in order to extract visitors’ data – including details of any webpages they viewed and buttons they clicked. If this was the case, anyone profiled by these sites would have been flooded with ads for online casinos and betting sites when on Facebook, Instagram or any other site owned by Meta.

The seriousness of this, and the mental health consequences for problem gamblers, cannot be overstated.

Gambling companies have already come under scrutiny for the predatory profiling of problem gamblers: identifying targets for aggressive and highly personalised marketing strategies that pile on the pressure to make more bets.

The fact that some companies may also be secretly selling the data they hold to other companies without permission only adds to the emerging picture of industry-wide disregard for the well-being and free will of their customers.

Did gambling companies breach GDPR?

By law, data should only be used and shared for marketing purposes, with explicit permission obtained from users on the websites in which the tools are embedded.

The ICO has issued warnings to companies who they have confirmed did act unlawfully by collecting and sharing user data with third parties without permission.

There are calls for stricter regulation on the data gambling companies’ hold. But for those who have already had their personal information compromised by these companies, it can feel like too little too late.

But there is something you can do.

Make a claim

People struggling with their gambling habits need far more support. Part of this should be holding gambling companies accountable when they fail to protect, or actively exploit, their customers.

This year we’ve been raising awareness about data breach claims – which can help individuals whose data has not been properly protected to get some redress from the companies that mishandled it.

If you had your data compromised by a gambling company you can make a claim to hold them accountable.

Our recommended provider, Barings Law, is also helping people bring claims for compensation following major data breaches at the gambling companies mentioned above.

Claiming, rather than just complaining or going to court by yourself, will save you time and energy. You should also be protected from legal costs later on – paying a fee only if you are awarded compensation.

Make a Data Breach claim

If you have any thoughts on this topic, or any other consumer issues you would like us to cover, feel free to get in touch with us at support@resolver.co.uk.