Overview of Data Protection status in European Lotteries and Recommendations towards a Better Practice
Master thesis
Permanent lenke
https://hdl.handle.net/11250/2781216Utgivelsesdato
2021Metadata
Vis full innførselSamlinger
Sammendrag
Denne masteroppgaven presenterer en omfattende studie av personvern i europeiske spillselskaper.
Oppgaven bruker eksisterende teori og datamateriale for å foreslå hvordan åpenhet mht. personvern for både registrerte personer og behandlere av persondata kan forbedres. Viktige problemstillinger som vil bli analysert, er hvordan GDPR-rammeverket forstås og er implementert i Europa samt identifisering av mulige kulturelle/sosiale forskjeller. Grunnlag for studien vil være både forståelse og presentasjon av viktige lover/rammeverk for personvern og innsamlede data
Gjennom bruk av spørreskjemaer, automatisert datainnsamling og fokusgruppe intervjuer vil vi samle inn et omfattende datagrunnlag knyttet til fundamentale personvernrettigheter i Europa
Dette datagrunnlaget vil så bli analysert for å foreslå forbedringer og anbefalinger for personvern og åpenhet mht. behandling av personopplysninger. In this master thesis we present a comprehensive study of practice related to privacy andhandling of personal data in European lotteries. The study aims to document how the GDPRframework is understood and implemented across lotteries in Europe and identify differencesbetween status and expectations in important laws and standards.
In addition to GDPR, Important Information Security Standards like the ISO 27000 serieswill be presented together with important EU regulations, lottery specific security standardsand privacy concepts.
Using questionnaires, inspection of web sites and automated analysis we collect a substantialamount of data related to important fundamental data protection rights in European lotteries.
By analysing the collected material important techniques for data protection and data transparencyis identified. Presented research material documents how they are implemented inEuropean lotteries and shows significant variations between the different Lotteries. The thesisdiscuss the findings in the collected material and suggests how the described techniquescan be implemented to be both GDPR compliant and support a healthy company reputation.
Anonymous gambling products will not be a part of this study, and I will not make any attemptto investigate identification of anonymous ticket holders or prize winners. From a securityand compliance perspective this could be very interesting since these products are knownto be closely related to money laundry and criminal activity, but the scope of this thesis isrelated to data protection and use of personal data and the understanding of GDPR.