Impact case study database

In effort to reduce gambling harms, all UK gambling providers are legally obliged to offer customers a self-exclusion option as one of preventative measures. City’s research has directly impacted BetBuddy's ability to provide operators with an effective predictor for self-exclusion and other signals that indicate problem gambling. This enables gambling operators, the main beneficiary of the BetBuddy system, to identify problem gambling early, which in turn currently enables approximately 3 million registered gamblers worldwide [5.1] to use online gambling platforms more securely and responsibly.

Practical contribution to responsible gambling efforts

City’s research directly led to the development of PowerCrunch, BetBuddy’s core data mining and machine learning platform. It is available either as Software as a Service (SaaS) or as a product that can be seamlessly integrated with player account management systems, content management systems, and eCRM systems.

BetBuddy’s CEO, Simo Dragicevic, explains, “ Together, we developed a system capable of identifying harmful play and assisting in reducing at-risk gambling” [5.1]. “ City has enabled us to build more robust and accurate prediction models and apply new, creative algorithms to gambling data. By applying their expertise in knowledge extraction techniques to 'black box' prediction models, clinicians, regulators, and industry can better understand how these models can predict behaviour and better protect consumers at risk of harm.” [5.2]

Since 2014, 300 000 registered users of the Ontario Lottery and Gaming Corporation (OLG), a holder of a government mandate to work towards a ‘Gold Standard’ in Responsible Gambling (RG), have been monitored using the BetBuddy system. Since partnering with BetBuddy, OLG has twice received the World Lottery Associations’ Best Overall Responsible Gambling Program award, most recently in 2018.

In qualitative research based on interviews with 150 OLG players, 9 out of 10 identified the BetBuddy play management tool as helpful in managing their personal gambling behaviours [5.3]. The tool is part of the OLG online gambling platform and it interacts with the players via targeted messaging and banners. John Wisternoff, OLG’s Vice President of iGaming, said: “ *It’s very clear that we do not diagnose players, but we can respond to the activity that occurs on our website (…) The Bet Buddy engine in the background is analyzing play, and our marketing department has created a series of banners that talk about our tools, player protections and other items.*” The website delivers those banners (messages) based on the information provided by the BetBuddy algorithms [5.4].

In 2017, BetBuddy was acquired by Playtech – the world’s largest provider of online gambling and sports betting software – for a total amount of €2.2 million [5.6]. In a move to affirm their continued commitment to responsible gambling, Playtech integrated BetBuddy into 9 platforms, including the Ontario Lottery and Gaming Operation (OLG) and BuzzBingo, and its solutions currently reach approximately 3 million registered gamblers [5.1].

Ian Ince, Head of Regulatory Affairs and Compliance at Playtech, explains [6]: “ BetBuddy is the leading company in this field and has a team that has focused exclusively on developing an industry-leading Responsible Gambling solution…This acquisition demonstrates our commitment to producing solutions and games that will enable Playtech to be the most responsive and responsible businesses in the industry."

BetBuddy won RegTech supplier of the year at the Gambling Compliance Awards 2018 [5.5], in recognition of its contribution to industry regulation and compliance, and was shortlisted at the Lloyds Bank National Business Awards 2019 for the IA solutions, and a runner up to the winner Darktrace [5.1]

BetBuddy’s technology effectively keeps Playtech at the forefront of the industry when it comes to promoting safer play. In 2020, Playtech’s BetBuddy team was selected to lead the UK Gambling Commission collaboration group working on developing the first Industry Code for Product Design [5.7]. “ The use of BetBuddy technology and expertise, resulting from the fundamental research at City, gave BetBuddy and Playtech the trust required to lead this important regulatory industry initiative.” [5.1]

Contributing to parliamentary debate & setting industry standards

In a 2013 parliamentary debate of the Gambling Bill, MP Clive Efford read evidence from Dr Sally Gainsbury, Director of the National Problem Gambling Clinic, in which she cited BetBuddy as an example of technology which can assist in reducing problem gambling [5.8].

The Responsible Gambling Strategy Board has also cited BetBuddy in their progress report as an example of a product used to identify harmful play [5.9].

The Gambling Commission’s Licencing Conditions and Codes of Practice require operators to identify “at risk customers”. Operators are also now choosing to reveal responsible gambling Key Performance Indicators in their annual reports. In 2018 the former Sports Minister Tracey Crouch said the Government welcomed steps taken by some operators to incorporate behavioural analytics, into their responsible gambling systems, while at the 2018 Gambling Commission’s Raising Standards Keynote Speech, Sarah Harrison, the UK's former regulator, commended the strategic importance of Playtech's acquisition of BetBuddy in meeting these obligations [5.10].

In a 2018 European Commission report evaluating exiting tools for enforcing online gambling rules and channelling demand towards controlled offers, Playtech’s acquisition of BetBuddy serves as an example of regulators and industry being proactive and investing in technologies that enable the identification of players at risk. [5.11]

Raising awareness and helping industry comply with standards

City's research has attracted widespread media attention and members of the team regularly contribute to debate on the role of technology in RG.

In 2016, City and BetBuddy delivered a Responsible Gambling Algorithms Roundtable with 15 participants drawn from industry, treatment providers and regulators. The importance of explainable AI models for RG, such as the BetBuddy system, was widely acknowledged: “ *Interpretability can be an advantage when providing treatment as the counsellor has specific and relevant behavioural indicators to discuss.*” said Dirk Hansen, CEO Gamcare.

BetBuddy’s CEO Dragecivic is also a board member of the Responsible Gambling Council, an independent non-profit organization that has led on the prevention of problem gambling around the world for over 35 years. Dragecivic has been invited to lead and contribute to several international events for raising standards in compliance with the current regulations.

Wider impact

City and BetBuddy have recently partnered with Kindred Plc to explore the use of AI to strengthen anti-money laundering decision-processes. They have produced an industry whitepaper of recommendations, as well as presenting early analytical research at the 2018 European Association for the Study of Gambling (EASG) conference. [5.12]

GenderMag allows ordinary practitioners, with no background in gender research, to identify which aspects of their software have gender-inclusiveness issues, in order to resolve them. The GenderMag methods are research-based, empirically shown to work, and freely available to the public. Their implementation has been leading to improved products and process in commercial and public organisations. GenderMag method helps to shape industry standards and has been shaping attitudes and rising awareness of gender inclusion issues via series of training workshops and via inclusion of GenderMag in 23 HE programmes worldwide.

Improved products and processes in commercial and public organisations

Since 2015, the GenderMag (GM) methods have been implemented into the design and development processes by Microsoft (US) [5.2], [5.3], (text removed for publication) (UK) [5.4], Greenstone Digital Library (NZ) [5.6], HazAdapt (US) [E5], and at least 4 other organisations [5.1] to improve gender-inclusiveness of products and services used by millions of end-users worldwide.

Twelve teams at Microsoft have implemented the GM methods and using GM successfully improved the inclusiveness of Microsoft software [5.2]. Issues identified using GM mirrored findings involving real users. Kat Holmes, a former Principal Director of Inclusive Design at Microsoft, emphasises the unique value of the method [5.3]: “A product leader was concerned that there were far fewer women using their product than they expected. [GenderMag] helped the Microsoft research team reframe the problem and ensure that the product did not favor a particular learning style. They restructured their research to recruit people by learning style and interviewed people from multiple genders, including transgender participants.”

(text removed for publication)

HazAdapt (Oregon, US), whose customers include Oregon State University Emergency Management and local emergency authorities in Oregon (US), integrated GM into the development of the emergency platform that compliments calling the emergency line number to communicate with authorities. Ginny Katz, CEO, explains that “in the initial design process of our HazAdapt app, we placed a great deal of focus on the first few minutes and hours of an emergency (…) GenderMag was an essential tool for us to get this critical user story right” [5.5].

Greenstone Digital Library (GDL) is a suite of open-source, multi-lingual software for building and distributing digital library collections, produced by the University of Waikato, and developed and distributed in cooperation with UNESCO. GDL is currently used in over 70 different countries worldwide, with downloads of 4,500 times a month. An evaluation of the GDL interface using GenderMag uncovered three major gender barriers that could hinder GDL uptake [5.6].

As of 20 December 2020, the GM toolkit has been downloaded 1185 times by 353 unique organisations [5.7].

Shaping industry standards

GenderMag research has made a significant contribution to the development of the “Microsoft Inclusive Design Toolkit”, a resource that sets standards for designers and developers of digital products [5.8]. Further, the GM method has been included in recommendations for “tools for making human-computer interaction research gender aware and gender inclusive” in a report from the EU Gender Equality in Engineering through Communication and Commitment (GEECCO) project [5.9].

In addition, GenderMag can be used to get the award of the iGIANT Seal of Approval (https://www.igiant.org/sea\) to demonstrate that a company has integrated gender inclusivity into their operations. Virginia Katz, CEO at HazAdapt, explains “in September 2019, GenderMag also helped us to get awarded the iGIANT Seal of Approval. (…) Our goal is to continually lead in the field of emergency communication technology as the first and highest rated inclusive option as we are now. Being certified inclusive is an attractive aspect that helps public safety and emergency management entities showcase their initiatives to become more inclusive and engaging with their diverse public.” [5.5]

Shaping attitudes and rising awareness of gender inclusion issues

Through a series of workshops, Dr Stumpf and Professor Burnett have reached out to software professionals worldwide. A GenderMag webinar delivered by Dr Stumpf in May 2020 was attended by professionals from 20 UK-based companies and 2 companies in the US. The post-event feedback showed that attendees’ awareness of gender inclusion issues has improved. This session led to establishing a partnership with the (text removed for publication) [5.4].

Incorporation of GM into higher education teaching programs has wider impact on raising awareness among future STEM professionals. GenderMag has been taught in 23 HE programmes worldwide, including Cornell University, USA; Harvard University, USA and University of Edinburgh, UK (https://sites.google.com/site/gendermagteach/home/where\-is\-gendermag\-taught\). GM has become a desirable specialism for user researchers. Competence in GM was included in the person specification for a post of Senior User Researcher at Bloomberg, New York, US [5.10].

Failure of critical computer systems could result in death, injury, financial loss and damage to the environment. “Assurance cases”, well-structured set of documents, to demonstrate that the risk posed by a critical system is acceptably low, have been widely adopted by industry and regulators, in the U.K. and worldwide. Assurance cases require explicit arguments linking evidence to the claims made (or goals pursued) about e.g., safety and security. The approach to assurance via assurance cases was developed over many years with essential contributions from City staff, Prof. Robin Bloomfield and Prof. Peter Bishop, both part-time professors at City, University of London and leading personnel at Adelard LLPFootnote:

Robin Bloomfield is a founding partner at Adelard LLP. Peter Bishop is the Chief Scientist at Adelard LLP. .

This impact case is about a specific form of assurance cases with the following distinct characteristics developed at City, University of London:

• Assurance cases are built using CAE, recently extended with CAE blocks [5.4];

• Assurance cases rely not only on informal reasoning, e.g., based on expert judgement, but also on the rigour of models suitable for quantitative risk assessment.

The CAE blocks make the construction of assurance cases easier for practitioners, leading to a wider adoption, and the assurance cases themselves become more expressive and clearer.

Quantitative models help an assessor to decide on the claims or serve as evidence supporting or refuting the claim, especially in those cases where direct empirical evidence is difficult to obtain. Some claims may be ruled out based on results obtained with models. An example of such a claim is “failures of the versions in multi-version software are independent”, which City academics’ probabilistic models have demonstrated not to be credible.

The quantitative models the research team has used range in complexity: from simplified probabilistic models, suitable as a risk-communication tool to high fidelity - typically a hybrid of probabilistic and deterministic - models of complex cyber-physical system such as models of critical infrastructures. The simplified models are useful to make the stakeholders’ engagement easier by hiding the overwhelming system complexity. High fidelity models, instead, enhance the ability of experts to make well-informed decisions in cases where the expert judgements about how good the system is are hard due to system complexity.

Impact includes:

• Reduced risk of harm from malfunctioning or intentional subversion of critical systems (e.g., nuclear, transportation, power supply, defence, medical) through application of a well-structured evidence-based argument aided by models.

• Improved confidence in assurance: rather than depending on expert judgement or informal reasoning, with attendant significant uncertainty, by using modelling we can narrow this uncertainty or articulate its causes and implications.

• Better understanding of future widely deployed systems, e.g., connected and autonomous systems. We discover that in this era of ubiquitous use of machine learning and artificial intelligence, our approach typically leads to significant savings not only in research and development but also in setting directions for the development of such systems. This advantage comes from rigour in modelling new technical systems, and thus ability to clearly articulate doubts about unsubstantiated claims, (due to lack of awareness by newcomers dealing with assurance).

Major impact is achieved through the long-term collaboration with Adelard LLP.

• The CAE Blocks framework is a way of structuring arguments:

• It is a core part of the “IAEA Software Dependability Assessment guideline” [5.3], released in 2018, affecting nuclear safety worldwide.

• The UK CPNI is expected to publish later in 2021 examples of security informed safety cases based on CAE Blocks.

• The CAE approach is supported by Adelard’s commercial tool ASCE. According to the vendor, over 300 organisations are using ASCE worldwide, at least 50% of them use the CAE approach.

• CAE has been used in Adelard LLP on their projects on assessing security informed safety of industrial systems and in the development of codes of practice for security informed safety:

• For the rail industry and for connected autonomous vehicles [5.4].

• In developing a regulatory cyber-maturity model for air traffic management for the Civil Aviation Authority (CAA).

• In research conducted by Adelard funded by Assuring Autonomy International Programme (AAIP), a partnership between the Lloyd’s Register Foundation and the University of York, and the UK Department for Transport (DfT) on projects on autonomous systems and in the TIGARS project. This has led to “Safety case Templates for Autonomous systems” [5.6], and a new approach to assurance dubbed “Assurance 2.0 Manifesto” [5.7]. Assurance 2.0 is the basis for a project within the DARPA ARCOS program on automated certification ( https://www.darpa.mil/program/automated-rapid-certification-of-software).

• City's stochastic modelling approach and tool, PIA-FARA, supporting the application of CAE to complex systems, such as critical infrastructures, has informed the work of Adelard with the National Cyber-Security Centre (NCSC) on software tools.

• From 2019 Adelard have been training a multi-disciplinary team of managers, engineers from chemical process Control and Instrumentation (C&I) from a major hazards site in using CAE Blocks and elements of Assurance 2.0, with over 100 completing the course to date. Adelard have a long-term project to follow up and support.

Impact was also achieved via other partnerships, e.g.:

• Our case is endorsed by Radiy, a major supplier of C&I for the nuclear industry, with more than 70 installations worldwide including safety protection systems for nuclear plants. The LoS, by senior executives of the company, acknowledges the impact of City's work, especially the modelling work, on Radiy’s operation, including on the strategic decision to adopt design diversity in their portfolio of FPGA based products [5.1].

• The approach to rigorous assurance supported by quantitative models has been adopted by new actors (companies/regulators): Railway, Energy, Autonomous Vehicles. The City team was invited to join the Intel Collaborative Research Institute on Safety Assurance of Autonomous Cars (ICRI – SAVe), a recognition of the impact of the prior research conducted by the City team. A statement from the Co-Director of ICRI - SAVe, from Intel-Labs, Germany, acknowledges the impact of our work on assurance cases enhanced with rigorous modelling work on the current global effort on safety assurance of autonomous vehicles [5.2].

• Impact has been achieved in informing policies, e.g., of how models can be used to increase confidence in assuring resilience of complex interconnected critical infrastructures. The work we published [3.3] has informed to some extent the recent report by the Royal Academy of Engineering [5.5], especially in the part related to interdependencies. Bloomfield was a reviewer of [5.5].

• Finally, impact has been achieved via inclusion of outputs from our research in new standard/guidance documents, both international and national:

• Dependability Assessment of Software for Safety Instrumentation and Control Systems at Nuclear Power Plant, IAEA Nuclear Energy Series [5.3]. This document impacts the nuclear industry worldwide setting guidelines for risk limitation based on the CAE blocks;

• PAS 11281: 2018 ("Connected automotive ecosystems – Impact of security on safety – Code of practice", sponsored by CPNI, 2018) [5.4]. This guidance document impacts the UK industry working on connected automotive systems.

• Code of Practice: Cyber Security and Safety, IET No. 211014, sponsored by the National Cyber Security Centre (NCSC), [5.8]. This cross-sector code of practice primarily targets the UK industry, but the actual impact may be broader.

FINEX software was introduced to the DNA Unit of the UK Forensic Science Service (UK FSS) in 2006 and was used regularly in criminal casework. Following the closure of the Forensic Science Service in 2012/3 the software was licenced to VidaVia Media SL which has collaborated in a further re-branding of the application as GPS-ibd, a trademark of Gene Pool Systems (a trading name of VidaVia Media SL). “ibd” signifies “Identical By Descent”. The software has been licenced to three users in this REF period: United States Department of Defence, LGC Forensics, and ForGenetica Consultants Ltd which has carried out further functional and casework testing and support for commercial purchases of GPS-ibd. [5.1], [5.2]

GPS-ibd provides fast throughput of cases and decisions and is used in standard relationship forensic casework for use in routine civil and court ordered paternity tests, relationship analysis for criminal casework (including rape and incest cases), coronial work, missing persons and mass fatality cases, and commercial contract relationship analysis for European and Middle Eastern clients. In addition, an advanced processing functionality of GPS-ibd allows the application to be used for Familial Searching of the Police/National DNA database. [5.3]

LGC plc, the largest player in UK’s forensics market since the closure of UK-FSS reported that the product was “ successful” and “ Ground breaking”. LGC plc has used the software continuously on “ some of the most high-profile cases in the past 2 years (including cases that have been highly publicised, highly political and deeply tragic)”. [5.4]

In March 2016, LGC was successful in gaining IS0/IEC17025:2005 accreditation through the United Kingdom Accreditation Service, under schedule no. 0003 for Relationship Analysis Services using GPS-ibd software, effective from 12 February 2016. ISO/IEC 17025:2005 specifies the general requirements for the competence to carry out tests and/or calibrations, including sampling. It covers testing and calibration performed using standard methods, non-standard methods, and laboratory-developed methods [5.5]. ISO accreditation is an important milestone in product development. It gives assurance to potential clients and makes the results less open to challenge by the courts.

Commenting on the introduction of the new GPS-ibd service following its accreditation, Dr Tim Clayton, said “ The GPS-ibd software has significantly increased our capabilities to deal with the more complex pedigrees that can be encountered in forensic casework and allows us to provide a more comprehensive service to our customers. In addition, as the software does not require expensive servers or any other system architecture, it can be deployed on a desktop and runs calculations within seconds. The automation of complex calculations means that computation is less error prone and far more efficient.” [5.5]

Cases where GPS-ibd was used:

In 2017, pharma and life sciences company Eurofins Scientific acquired the forensics division of LGC, the largest player in UK’s forensics market. Along with the transfer of the trade of that division, 706 employees and the licence for GPS-ibd were transferred to Eurofins Scientific. According to a Senior Reporting Scientist – DNA Science Lead at Eurofins Forensic Services the software “ is used almost every day” and that it “ has been used in hundreds of criminal cases involving kinship issues, most commonly rape”. [5.6]

Immigration DNA testing is now used by the Home Office to confirm disputed relationships, and GPS-ibd is used to process samples in immigration DNA tests that involve kinship disputes, for example, where an unaccompanied child refugee has applied to be reunited with family members already in the country. The software has also been used in immigration cases by various border and home security authorities in several other countries including Norway and the State of Kuwait [5.7].

Eurofins also uses the software to routinely carry out DNA identification of bodies for Coronial purposes. Coroners are tasked to not only determine the cause of death but to investigate or confirm the identity of unknown person(s) who has been found dead within their jurisdiction [6]

News media often focus on new DNA-based techniques that are helping authorities pursue investigations that defy conventional approaches, or even reopen investigations that were suspended long ago. Advances in the field of forensic DNA testing are helping to solve a broadening range of difficult cases, including unidentified persons, sexual assaults, and homicides. GPS-ibd software is included in these new techniques and have enabled forensic cold case reviews. A specific case from 2019, North Yorkshire Police confirmed the identity of a south-east Asian woman whose body was discovered in a remote location on the Pennine Way, between Pen-y-ghent and Horton in Ribblesdale, on 20 September 2004. GPS-ibd was used to assist with her identification. [5.8]

Over the course of Troubles in Northern Ireland there were 16 people who “disappeared”. The Provisional IRA admitted to being involved in the forced disappearance of nine of the sixteen victims, mostly in a statement issued in 1999. One victim was admitted to by the INLA. No attribution has been given to the others. The Independent Commission for the Location of Victims' Remains (ICLVR) was established under The Good Friday Agreement between the UK and Irish Governments in connection with the affairs of Northern Ireland, in order to locate 16 missing Irish and British people presumed murdered during The Troubles. To date, the remains of twelve of ‘the disappeared’ have been recovered, ten of whom have been recovered through the ICLVR’s efforts. The GPS-ibd software has been used extensively in this REF period to assist the ICLVR in identifying the ‘disappeared’ [5.7], [5.9].

Familial DNA analysis is not only helpful in the identification of the criminal, but also for the identification of the deceased in case of mass disaster victim’s identification or in other cases, such as plane crash etc. In this REF period the software has been used in identifying bodies following disasters, perhaps the highest profile case was to assist in identifying the victims of the Grenfell Tower fire in 2017 which caused 72 deaths and was the worst UK residential fire since the Second World War [5.6]. The choice of GPS-ibd for this work was in part due to its success in the DNA identification of victims of the South-East Asia tsunami in Thailand and the Air France flight 447 air crash investigation in earlier times.

There are few more impactful roles for science/statistics than its application to crime. The impact on the public is direct and palpable. There are few projects (perhaps with the exception of medicine) where the public benefit is so obviously there.