top of page
Writer's pictureVeterans League

Veterans League breaches Data Protection Act

Veterans League


This week the Veterans League leaked personal details of over 2,000 bowlers registered with them which includes the dates of birth of those bowlers. This is a blatant breach of the Data Protection Act.


Last week they sent out emails to all its clubs listing all registered bowlers' details for all the 10-man teams and all the 6-man teams. That saw a total of 2,058 bowlers details widely circulated including their dates of birth.


With people's awareness of their rights It is increasingly difficult to get bowlers to reveal their dates of birth and this slapdash disregard for personal data will only make that more difficult. Clearly the Veterans League is not a safe custodian of personal data and this latest act will only make it more difficult to get bowlers to share personal information which they now know will not be treated responsibly.


This is a subject I know a lot about as I was on a working party brought together to advise the government when the original Data Protection Act was introduced. I have subsequently been responsible for compliance with that Act, and others, in many large hospitals up and down the country. This is not a law you can afford to ignore.


The Data Protection Act is now called the General Data Protection Regulation (GDPR) and this extract from the guidance illustrates how the Veterans League has breached the law of the land.

'A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data. This includes breaches that are the result of both accidental and deliberate causes.'


The League retains this data on their Bowlsnet system. Do not blame the system as access is password controlled and any club accessing that system can only see the personal details of bowlers registered with their own club. However the League has gone to great lengths to by-pass that security measure to send out by email to all its clubs all the details of all the 2,058 bowlers registered with them.


It is not unreasonable to ask bowlers for their dates of birth before joining an age-restricted League. It is not unreasonable for bowlers to expect that this information is treated with respect and not circulated to all the clubs in the League. The League has not informed people what they do with the data that they collect which is a legal requirement.


The League knows that some bowlers have been registered with them before their 60th birthday and there will always be a minority who will seek to take advantage of this requirement by providing false information. However the League has never asked for proof of the dates of birth of its registered bowlers. So any bowler can provide any date they care to dream up and this will not be checked or proof of accuracy required.


The GDPR stipulates that the data custodian, the Veterans League in this instance, can only collect and retain any data which is accurate. At present the League has no idea how many of those dates of births are correct as they never ask for proof of accuracy.


So all those clubs that are now being told by the League that they must provide all bowler's date of birth by the end of April have been left in a difficult situation. Many bowlers have misgivings about sharing personal information especially where there is such a cavalier attitude to the security of this information. This latest disregard of this legal requirement could even lead to a fine to the League of several thousands of pounds such is the power of the Court in such instances.


The League has given clubs until the end of April to submit all their bowler's personal details. Any club unsure how to respond to this latest demand for personal data in the face of their members' concerns could just provide any old date to satisfy this new mandate in the sure knowledge that the League has no means or intent of ever checking it.


This latest debacle comes on the back of other bad decisions (or 'gremlins getting in the system' as the League prefers to call them) from the League this year including the chaotic reorganisation of the 10-Man League Divisions, the cash bribe touted by a team to influence the reorganisation plans, the publication of at least three different fixture programmes and the withdrawal of a new team handicap system four days after it had been introduced. And the season hasn't even started yet.


Just to be clear in the expectation that the League will again make false claims of a campaign of misinformation:

FACT: The League emailed two lists to clubs last week which included the dates of birth of 2,058 bowlers.

FACT: No bowler was told that their personal information would be shared with anyone else which is a breach of the General Data Protection Regulation (GDPR).

201 views2 comments

Recent Posts

See All

2件のコメント

5つ星のうち0と評価されています。
まだ評価がありません

評価を追加
paw4647
paw4647
2023年4月02日

Presumably the League has done things in good faith and are not experts in such issues.

Is there a way forward for the League to minimise/ avoid any action? Or does the League just keep quiet and fully comply in future?

I am sure any advice would be welcome.

( I am assuming this isn’t another April fools day gag)

Philip of Lindley

いいね!
Jeff Jacklin
Jeff Jacklin
2023年4月03日
返信先

Ignorance of any law is never regarded as a strong defence. Knowledge of the law is not a substitute for a lack of commonsense.

いいね!
bottom of page