The nature of daily fantasy sports likely means that the industry fundamentally requires some form of external oversight to function sustainably.
That’s the conclusion I kept returning to as I talked to players, industry stakeholders, and the media this weekend about the recent data leak at DraftKings.
But after seeing the official reactions from DraftKings and FanDuel this morning, I realized that the industry doesn’t just require oversight as an academic matter. Rather, it is in desperate and immediate need of said oversight.
Why?
Operators aren’t providing any answers
Nowhere in the statements from FanDuel or DraftKings do we find a single concrete detail regarding:
- Company policy regarding employee access to data. How many employees have access? How often is it queried? How long does the company keep the logs of such queries?
- The breach that led to this conversation. While DraftKings co-founder Matt Kalish appears to have provided some secondhand details to RotoGrinders about Ethan Haskell’s inadvertent release of DK lineup data, neither statement offers any insight or clarity into what data Haskell had access to, when he had the data, to or how he was able to circumvent the internal policies referenced by the statements.
- The landscape leading up to this event. How many investigations has each site undertaken in the past year regarding the potential for fraud? What was the resolution of those investigations? How have the investigatory approach and the resources dedicated to said investigations evolved as the industry has grown into one where billions are wagered annually in the space of two years?
The data leak occurred over a week ago. So it’s not as if the companies need time to formulate a complete response. They’ve had that time.
In a regulated environment, the answers to all of the above questions would be available.
Would all the information be made available publicly, all the time? Not necessarily. But regulators would have the access, the resources, and the mandate to produce comprehensive, objective answers in situations where such answers were needed.
Self-policing is undermining operator credibility
Prior to the statements, the general attitude expressed on social media and discussion forums was that DFS operators are generally in a poor position to police themselves, for myriad reasons.
Anecdotally, that attitude has only hardened following the statements.
A self-regulatory environment is only tenable within the context of high transparency or high trust. Today’s statements appear to engender neither, strengthening the argument for immediate regulatory intervention.
What about the operators that didn’t issue statements?
DraftKings and FanDuel are the largest DFS operators by a significant margin. But that doesn’t mean that they are the only operators of significant size or volume.
There are dozens of other DFS operators, including platforms backed by Amaya, CBS, and Yahoo.
What is their policy on data protection? On employees playing at other sites? On fraud prevention?
We don’t know. And the reason we don’t know is because there’s no central force articulating and enforcing minimum standards, no one entity that can credibly describe the state of the industry on these key issues.
Instead what we get is a delayed, ad hoc response from the industry to an existential threat. Worryingly, such a response strongly suggests that the industry also takes an ad hoc approach to self-policing.
That is simply an unacceptable status quo when millions of players will risk billions of dollars this year on games they’ve been told – but can’t be shown – are fair.