Recent Posts

Copyright Giulio Coraggio 2018

Gaming companies ready for EU Privacy Regulation?


Gaming companies ready for EU Privacy Regulation?

Gaming companies might speed up to get ready for the EU privacy regulation, its new obligations and massive fines.

The EU privacy regulation might be a “revolution” for the gaming sector, forcing both operators and suppliers to considerably change their model of business.

The gaming sector has exponentially relying on big data and the monitoring of the players’ experience in order to improve the players’ experience, reduce the number of potential frauds and avoid gambling addictive conducts. Also, the development of technologies enabling players to gamble with their Internet of Things and mobile devices further increased the amount of data collected and used in the gaming sector. Data has always been seen as a major resource.

However, such major resource might end up being a potential “ticking bomb” as it might trigger fines up to 4% of the global turnover of the breaching entity while up until now one of the largest fines issued in Europe was issued against Google and its value was ONLY EUR 1 million! And this is happening when new liabilities are introduced also on gaming suppliers and the business might considerably change also for gaming affiliates.

Too early to move?

The coming into force of the EU Privacy Regulation will occur in May 2018. However, such timing does not have to be misleading. I have been talking to companies which believe that, given the required developing time, such timeframe might be too tight for them.

If gaming operators/suppliers want to exploit all the potentials of wearable technologies, analytics, big data etc., such technologies might be considered for instance to place considerable risks to individuals’ privacy. This means that a “privacy impact assessment” might be necessary and this process which might require more than a year of work.

Likewise, a privacy by design approach will not only be required under the terms of the EU Privacy Regulation, but represents the sole tool able to reduce the potential risk exposure to fines and liabilities.

Gaming will no longer be the same?

My personal experience is that the operators/suppliers are extremely careful when it comes to gaming regulatory obligations. However, privacy compliance has always been considered as a “nice to have” as opposed to a “must have“.

With the increase of potential fines, a cultural shift is taking place. Data protection has come to the top of the list of priorities for gaming operators/suppliers.

Also, the gaming market is per se international and in order to benefit from the changes introduced by the EU privacy regulation, a reorganization of an operator/supplier’s group might be necessary.

You may find also interesting my series of blog posts on the most relevant issues addressed by the GDPR

#1 Which companies shall care about it?

#2 Will fines be really massive?

#3 Did you run a privacy impact assessment?

#4 New risks for tech suppliers

#5 What changes with the one stop shop rule?

#6 How the new privacy data portability right impacts your industry

#7 What issues for Artificial Intelligence?

#8 How to get the best out of data?

#9 Are you able to monitor your suppliers, agents and shops?

#10 What liabilities for the data protection officer?

#11 Are you able to handle a data breach?

#12 Privacy by design, how to do it?

#13 How data on criminal convictions of employees become a privacy risk

#14 Red flag from privacy authorities on technologies at work

#15 Need a GDPR compliant data processing agreement?

#16 Is your customers’ data protected from your employees?

#18 Data retention periods, an intrigued rebus under the GDPR

#19 Legitimate interest and privacy consent, how to use them?

#20 How privacy consent changes with the GDPR?

As usual, if you found this article interesting please share it on your favourite social media.


Follow me on LinkedIn – Facebook Page – Twitter – Telegram – YouTube  Google+

Giulio Coraggio
[email protected]

I am the head of the Italian Technology sector and the global head of the IoT and Gaming and Gambling groups at the world leading law firm DLA Piper. Top global IoT influencer and FinTech lover, finding solutions to what's next for our clients' success.