JK: What about from a data protection point of view? Jonathan, are there concerns about the amount of real time data on players activities that are being collected? On the one hand that’s a benefit, particularly to share with regulators. But on the other hand, is it a bit big brother, where the player doesn’t appreciate that every movement they make in a casino or outside of casinos is being tracked? JVD: There definitely are concerns with the GDPR. We have to make sure that if a duty of care is implemented, or something similar, that it’s clearly stipulated in the law, that they only keep the exact data points that are mentioned in the law, and that they’re only processed for these purposes. They also anonymize the data as much as possible. But we’ve run into these issues before. Most of the time when it comes to processing players data, if you justify it well, in a law or in a memorandum, then you can, in terms of the GDPR do it because it is a public health concern. So there’s kind of a counterweight to the right to privacy there. AL: May I add also that the player should give consent to the use of data for that purpose and if you’re clear on the purpose, it’s possible both within operators, and also to exchange information with regulators. So there are legal ways to handle the data protection issue. I have mentioned the biometric data, the fingerprint and we were really surprised by how much the players use it and like it. It’s somehow counterintuitive to give your fingerprint to a gaming operator. But it works. We now have 40,000 gaming machines, 3000 betting terminals and 1300 cash desks connected to our Novovision system, and also, of course, upwards to the online. So it works and players are learning. They like the easy applications and if it helps to know the players and implement player protection measures easily so I think it’s worth focusing more on that technology. JK: Gabrielle any concerns from a US perspective on data protection and the amount of data that’s being collected? GA: I think we’re not where Europe is yet. You know, we don’t have a federal GDPR policy. It’s certainly being talked about. There are some states that are proposing stricter privacy protections, especially from a marketing perspective. I would say in terms of regulatory compliance, what I’ve seen in some of the states that have proposed legislation or rules, they’re kind of carving out the compliance aspects. There’s data that you need to collect from a regulatory compliance perspective, because of the state and federal laws that are in place for gaming, and especially for online gaming. But you’re seeing this a lot more from the consumer protection lobby. They don’t want consumers to be targeted, and they especially don’t want companies that sell data to third parties. That happens a lot in the US. So I think there’s certainly a concern with omnichannel, because if we’re combining marketing with betting and the compliance aspects go there too, where you have to collect that data, there’s probably going to be a discussion as to how do we carve it out? How do we separate it? And what are the risks? JK: Let’s talk for a minute about the applications for KYC and AML. If a multichannel product is being used to KYC customers, particularly in a casino, obviously, there’s huge benefits. In our experience in the US, there’s virtually no AML / KYC checks done. For customers using cash in a casino, they go up to a roulette table, drop $100, gamble and nobody knows who they are, unless, they hit certain thresholds. But with low stakes, they are completely anonymous, there’s no source of funds checks or anything like that. If omnichannel is used in a casino, and the only way to deposit money is through the app or through the omnichannel or multichannel product, you’re obviously being KYCd. So from a from an operator’s perspective, I would think that this is a tool that would significantly enhance KYC and AML. AL: If we look, for example, at the Austrian situation where registration is mandatory. When we do registration in our arcades, persons have to show ID to be registered, they give the fingerprint, for example. And behind that, and during the registration process, KYC is actually running through so we have the name, we have the birth date, and behind we are checking through other systems to see if there is a ban or something. So when we make that KYC, the desk gets notice that it’s okay and you get the player card or you can register your biometric data and so on. So, as registration is mandatory, AML and KYC is a normal thing. JVD: As a regulator, we see the KYC part as a primary responsibility of the operators themselves. But that said, our law does have some KYC measures built in. Like in Austria, you have to register each player that enters not only the
52
Made with FlippingBook flipbook maker