Camelot UK Lotteries Limited Decision Notice
Gambling Commission investigation in respect of Camelot UK Lotteries Limited – failing to comply with licence requirements under the National Lottery etc. Act 1993 (as amended) (the Act).
The Gambling Commission (“the Commission”) notified Camelot UK Lotteries Limited (“the Licensee”) on 23 March 2021 that it was conducting an investigation into three incidents (collectively, “the Issues”). Following conclusion of the investigation by Officials, and after consideration by The Commission’s National Lottery Committee (“the Committee”) it was concluded that the following breaches had occurred:
- breach of conditions 5.1, 5.13G(c)(ii), 7.42 (a), and 14.7(a) (relating to QR Scanner)
- breach of conditions 5.1, and 14.7(a) (in relation to Push notifications)
- breach of conditions 5.1, 5.13G(c)(iv) and 14.7(a) (in relation to Duplicate wagers).
In considering what sanction (if any) was appropriate in respect of the breaches found, the Committee considered:
- outcomes for the National Lottery – the Committee agreed that the breaches had placed the statutory objectives at risk and considered that the potential impact on the reputation of the National Lottery could be significant. The Committee noted the representations made with regards to notification of issues, corrective action, and reparations to players
- outcomes for the players involved – the Committee agreed that there was evidence to show that players had been disadvantaged, misled and/or treated unfairly as a result of the breaches. In respect of the duplicate wagers, Committee noted the restorative measures taken
- outcomes for Good Causes – the Committee agreed that there was no evidence of any impact on the return to good causes
- operator’s financial gain from non-compliance - the Committee agreed that there was no evidence of any financial gain to the operator from non-compliance
- operator’s governance and controls – the Committee agreed there had been recurrence of issues, and evidence of similar matters or root cause problems in the past, and of issues in effectiveness in managing contractors. There was no evidence of reckless or negligent behaviour presented and nor was there any attempt to conceal.
The Committee concluded that an appropriate response to the breaches of conditions, having regard to section 10A(2) of the Act, the former Director General of the National Lottery’s publication Financial Penalties: Principles and Procedures (2 September 2016) and the Commission’s Enforcement Policy dated January 2018 (“the Enforcement Policy”) is to impose a financial penalty in the sum of £3,150,000.
Details of the Breaches
The Licensee’s National Lottery mobile application (“the App”) was a key component in each of the issues - even if the precise failures in mechanics, source, or controls in each case were not identical. The Commission’s National Lottery Committee (“the Committee”) concluded that in each case the information presented in the App was incorrect, inappropriate, or harmful at the point of delivery to the player.
The following three elements of the app were considered:
1. QR Code ticket scanner
The QR scanner is a function within the App which enables players to scan individual Lottery ticket QR codes using a device such as a mobile telephone. The scan allows the player to instantly identify if the ticket is a prize winner or not.
On 23 September 2020, the Licensee informed the Commission that it had disabled the QR scanner after the identification of an issue with the QR-code scanning functionality of the App (within the iOS version only, not Android) in that some of the customer scans were incorrectly displaying a non-winning message. The QR-code ticket scanner function is intended for use by retail players and, as such, players are not required to log in to a ‘National Lottery’ account to use it. The identity of retail players using the QR-code scanner service in these circumstances are not known to the Licensee.
The Licensee was unable to identify how many customers were affected by this issue however, it estimated that there was a potential that up to 20,000 scans may have produced incorrect ‘non-winning’ messages to players between November 2016 to September 2020. The Licensee estimated the detriment to players as being between £48,000 - £68,000 however it was unable to ratify this figure.
The Committee concluded that conditions 5.1, 5.13G(c)(ii), 7.42(a) and 14.7(a) had been breached.
2. Duplicate draw-based game ticket purchases
Duplicate wagers are defined as a player who inadvertently duplicates a ticket purchase, resulting in players purchasing an additional ticket for the same draw(s) with the same number of lines because they believed the original purchase had not succeeded. It is to note that some players intentionally purchase the same ticket more than once.
This issue occurred in October 2020 and was evident when in certain circumstances a player signed into the App and followed the usual process to purchase a draw-based game ticket. Upon clicking the “Buy Now” button the purchase completed successfully, but due to an error occurring, instead of seeing the ticket confirmation page, the player was logged out of the App. When the player logged back in, they were presented with the “Buy Now” page again, which led some players to believe the purchase had not been completed, and hence they bought the ticket again. Between 13 October and 23 October 2020, 22,210 players were affected by this during two incidents. All those players have been identified and either refunded for the duplicated wager or where duplicate wagers were winners, these were honoured as such on a duplicate basis.
The Committee concluded that conditions 5.1, 5.13G(c) and 14.7 had been breached.
3. Push notifications disregarding suppression flags
The Licensee informed the Commission, that when a player first installs the App on their chosen device, the player will nominate to either receive or block notifications (this is managed in the player’s iOS and Android settings). Unless a player has ‘opted-in’ (i.e., has agreed to accept notifications), no notifications, whether sent by the Licensee or a third-party partner to the Licensee, will be delivered to that player’s device.
In addition, the Licensee has a facility to place ‘suppression flags’ on players accounts to prevent notifications/marketing being sent to players that the Licensee has identified as a player who may be at risk of harm or showing signs of gambling related issues. This would include players who have registered with GamStop self-exclusion. Player ‘suppression flags’ can vary in duration and scope and are generated by the Licensee, reflecting the various categories of suppressions.
A data transmission problem was caused by a delayed trigger event in the player’s journey. This delayed trigger event could occur if a player was moving between multiple applications whilst the Licensee’s App remained open. The delay could, in certain circumstances, result in the player’s ID being classed as ‘anonymous’ due to the App not automatically identifying the player during its initial session. It is agreed that the Licensee produced accurate player suppression lists to third party suppliers, however the data sync issue prevented those players on its suppression list being correctly linked with their known player account ID.
The circumstances led to some in App marketing push notifications being sent to some of the players on the suppressed list. The Licensee explained that if a player re-launched the App, it would reset the player status and the player ID would be updated and aligned to the suppression list.
The issue affected circa 65,400 players between February 2018 and January 2021.
The Committee concluded that conditions 5.1 and 14.7 had been breached.
Last updated: 22 March 2022
Show updates to this content
No changes to show.