Have protection methods in online casinos changed?

online casino
(© Rawf8 – stock.adobe.com)

The online casino industry may not be part of the financial industry, but it does handle billions of dollars annually. As such, a lot of laws encompass the casino industry, most especially in the aspect of data protection. For one, a casino must be able to encrypt the credit card information of any user. The online casino’s systems must be strong enough to prevent breaches and subsequently, data theft.

So, how have the personal protection methods in online casinos improved over the past decade? Let us go back in time and see what happened in the past years.

2003 – The CAN-SPAM Act

The CAN-SPAM Act came into existence to prevent marketers from assaulting people online if they did not want to receive spam emails. The acronym stands for Controlling the Assault of Non-Solicited Pornography and Marketing.

This spawned because, at that time, people were bombarded with ads and pornographic materials no matter where they go. The major hit to the casino industry at this time was that they could no longer send marketing emails to random people. They could only do so if the prospect client chose to receive marketing materials.

There are three main things that this law covers. These are:

  • Unsubscribe Compliance
  • Content Compliance
  • Sending Behavior Compliance

Let us take a look at the expectations of each of these.

Unsubscribe Compliance

  • Users must see a visible link or button for them to unsubscribe
  • The customer’s request to be taken off the mailing list must be honoured within 10 business days

Content Compliance

  • The source of the email must be shown in the From field or box
  • The subject lines must be clear; they should not be misleading
  • The publisher or sender of the email must have a physical address
  • There must be a proper label on the email if the content of the material is for adults

Sending Behavior Compliance

  • All messages must always have the option to unsubscribe
  • The publishers of the email must not send emails to people who did not opt-in
  • The email body must not have misleading or a false header
  • The body of the email must have at least one sentence; what this means is that it is illegal to send just photos

The problem with the CAN-SPAM Act is that it does not prevent companies from spamming you if you are their customer already. What does this mean? If you are a subscriber to a company’s services, they are legally allowed to send you email marketing materials.

It will take another 13 years before new laws are enacted to protect the personal information of the public. This major change comes in the form of the GDPR.

2016 – General Data Protection Act

Commonly referred to as GDPR, the law was first passed in 2016, but it was not until 2018 when this law was enacted. It was first implemented across Europe, and this law attempts to protect people from data breaches, including situations where their information is shared between companies without tier knowledge.

The GDPR law also mandates all companies to delete the data of their users if the user requested to have it done. What does this mean? Let us say that you have played in a casino for a year, and you want to erase all data pertaining to you such as your email associated with the account, your username, password, gambling activities, etc.

To get this done, you have to tell the company to delete all your records. The company must oblige, or they will be heavily fined by the government.

GDPR was meant to replace the existing laws across Europe because they were already two decades old. In the 1990s, we were not so liberal in sharing our personal information online. In the time of Facebook and social media, we routinely share our information such as our names.

As a society, there was also a massive increase in online purchases, along with casino gaming that various governments decided to act and update the existing laws.

Add to that the scandals like the 2016 election in the United States. In that scandal, people were able to prove that political entities were able to harvest the personal information of over 50 million people from Facebook.

If hackers succeed in harvesting information from casinos, there will be millions of people whose information will be at stake.

How to Protect Yourself

Online casinos do what they can to comply with these laws. As you can see, you cannot receive any marketing spam from casinos. Also, online casinos use SSL technology and different levels of encryption to protect their members.

However, all of these are not enough if you, the user, will not protect yourself. Here are some tips on how you can protect yourself from hacking, and how you can ensure that your personal information is protected if you ever gamble online.

  • License – before you share your information with an online casino, make sure that this casino has a license. The best way to get hacked is by doing business with illegitimate online casinos. A legit casino has its license number displayed at the bottom of its website.

Once you have this number, go to the website of the licensing body and validate if the license is active or not. If you cannot find it, then it means that the casino may have a fake license, or their license was already revoked.

  • Knowledge – always read about tips to keep yourself safe. Knowledge is the key to protecting our personal information. You must read about the latest strategies of hackers, or tips how you can spot a fake email from legitimate ones. This knowledge is priceless, and it only takes a few minutes of your time per week to be in the know.
  • Security – do not skip on security systems for your computer and your phones. There are many apps and security software programs out there that you can install on your PC. These things detect malware and isolate the malware, so you can stay protected.

Many times, hacking happens because you accessed a malicious website, or you clicked an email link or downloaded a button. If this happens, the hacker would have installed software in your device that gathers information. By the time you find out about it, it is already too late.

  • Passwords – never share your password to anybody, and make sure that you also use the right password combination for a strong password. Your password must at least have eight characters. It has to be a combination of letters, numbers, special character, and capital and small letters. Never write your password on a paper, much less save it on a notepad.

Many victims of identity theft use passwords that are easy to hack, such as passwords like “12345” or “password”. Use passwords that are easy for you to remember, but difficult to hack.

  • Encryption – whenever you are accessing a website, make sure that the website is secure. To find out, go to your browser and check if there is a padlock icon before the URL. A padlock indicates that the website is secure and that it encrypts all the data you type in the website.

Encryption means that the information you input is jumbled. The only computer that can decrypt or unjumble the data is one that has the encryption key. Even if a hacker intercepts the data, he cannot unencrypt it because he has no key.

You should also only visit online casino sites that start with HTTPS. The letter “S” means that the casinos are secure and that it has been issued an SSL certificate.

  • Privacy – never overshare your personal information in social media channels or online. Hackers use these to pretend to be you. Once they have enough information about you, they can call your bank and try to access your financial information. If they get enough info about you, they can even write your emails and pretend that they are your bank.

If you fall for this trap, you will give them the information they want, believing that they are your legit banking company. In some cases, they can lure you into “resetting your password”. Once you do this, they can steal your personal and financial information, such as credit card numbers, and make purchases online.


The protection of user information has come a long way. Today, you will not get spammed even if you play free online slots. You are not even required to register or to provide your credit card information if you play the demo versions of casino games.

The exception, of course, is if you want to be notified of promotions. In this case, you must opt-in and agree to receive promotional materials from the online casino. You can always unsubscribe if you want.

Despite all these laws, you must do your part in protecting yourself. Do not provide your email address to shady websites. Before you do, investigate if the casino is a trusted brand. Find out if the casino has a license. If it does, validate from the license provider if this license is not expired.

augusta free press news