What about your Privacy & Security?

**aodat2** · 4th March 2008, 10:54 PM

I've recently played at a casino and after a few deposits, I was locked out of my account. Then they requested a few documents from me which they said that it's for their security purpose.

As usual, I tried to provide all the information that they need in a timely manner. After they got the information, I waited for about 24 hours for them to check and since I didn't get a reply after that I immediately contacted the casino in question on live chat.

During our chat, I found out that since I didn't directly use a credit card but went through another company (something like Entropay but it's not) they were contacted by that company to ask for my details (ID and etc) to be sent them. Now thinking that they will be a little smart and asked it from me directly instead of asking it from the casino, they didn't ask me at all.

Since they have already asked the casino about this, the casino provided my details (including my ID and etc) freely to the "third party" company without my consent or even a notice to me at all.

Would this be considered something which is against their own policy? Wouldn't this mean that the casino is actually sharing information of myself to a "third party"? Why did the casino which is an accredited casino here do such a thing without my consent?

How could such a casino actually be even remotely considered for an accreditation if such an incident were to happen?

Would you guys actually play at such a casino?

**Casinomeister** · 4th March 2008, 11:24 PM

You should know by now that casinos have business relationships with their ecash providers and or banks that require them to do due diligence against player fraud. This includes providing these companies with your personal details such as names, addresses, etc.

I wouldn't really consider this a "third party" since this is within their business environment. I would guess that they have an obligation to provide this information.

I remember you have had some issues in the past having your account mixed up with your mom's or your son's. I guess I'm a bit mixed up since I can't remember who you were/are supposed to be

**thisisvegas** · 4th March 2008, 11:34 PM

A casino asking for security documents is standard procedure and I almost find it rare that a place wouldn't ask for it. Things the operator has to worry about if the player is underage or more important if it is the real player in question. It is a standard procedure and I do test the waters at other gaming companies and they do the same for me as well.

Last I would probably list the name of the place because some players here might have positive or negative things to say about them but hopefully positive.

John

**winbig** · 4th March 2008, 11:54 PM

If the casino is providing information to your bank/ewallet/credit card company, then it's not really a violation of your privacy.

On the other hand, there have been casinos in the past that have actually opened a new ewallet account on behalf of the player, without their permission. To me, this is crossing the line and definitely a breach of privacy.

**aodat2** · 4th March 2008, 11:57 PM

Originally Posted by Casinomeister

I remember you have had some issues in the past having your account mixed up with your mom's or your son's. I guess I'm a bit mixed up since I can't remember who you were/are supposed to be

Yeah, that happened between me and Bet365. But then again, Kate told me that my real issue was with Entropay and I took it up with them and even the FSA got involved.

After a long line of emails, the FSA finally said... "we do not regulate that company". We merely issue the license for them. We wash our hands off your problem and if you would like to go on, bring it to court which I am too reluctant to do over $5k+. Not really worth my time and efford. By the time I reach court, it would have cost me about that amount already if not more. So I just let it go!

But just a WARNING to those people out there.

Entropay is NOT REGULATED by the FSA or UK Government. They merely issue the license for Entropay. If Entropay screws you, they may go out of a license at most but there's nothing the FSA will do to help. You'll have to take it to court yourself.

Originally Posted by thisisvegas

A casino asking for security documents is standard procedure and I almost find it rare that a place wouldn't ask for it. Things the operator has to worry about if the player is underage or more important if it is the real player in question. It is a standard procedure and I do test the waters at other gaming companies and they do the same for me as well.

Last I would probably list the name of the place because some players here might have positive or negative things to say about them but hopefully positive.

John

Well John, I don't think it has come to the point where I am going to name the casino. Sending in verification documents is not a problem. The problem is when they say that they have SENT your documents to the processor because the processor requested for it too.

Now, in my books... if I sent you my ID, I expect you to keep my ID and not share it no matter who the other person is. If the processor wants my ID, they should have requested it from me instead of requesting it from you. If they request it from you, then it would mean that the processor is totally OUT OF LINE as it's none of your business to furnish them with my ID. In fact, it's quite against the "privacy act" for you to furnish my ID to them. My details perhaps but totally NOT my ID.

That's what this casino did (or at least from what I understand through the chat) send my ID to the processor as well which is a total NO NO in my books!

**winbig** · 5th March 2008, 12:02 AM

Isn't it possible that they're required by law/regulated to provide identification documents as requested by the ewallet/bank/whatever? I'm sure they're regulated, and can't make up the rules as they go...and could probably get in trouble themselves by not sending the requested information.

Think of it as if a law enforcement agency were to contact them with a warrant, asking for any and all information they have about you. If they didn't comply, they would definitely be in hot water. I was reading somewhere about this same situation regarding Google. They specifically state that if they are contacted by LE for your records, then they will immediately comply - and are not required to even contact you letting you know that these documents were requested.

At least in this case, they let you know, and didn't keep you in the dark about it. They could have simply not told you and you would have never known.

**GrandMaster** · 5th March 2008, 12:26 AM

Originally Posted by aodat2

Entropay is NOT REGULATED by the FSA or UK Government. They merely issue the license for Entropay.

Ixaris Systems Ltd which operates Entropay is not licensed in any shape or form. It has been granted a small e-money issuer certificate which certifies that it is not subject to regulation as an e-money issuer.

**GrandMaster** · 5th March 2008, 01:16 AM

Originally Posted by thisisvegas

A casino asking for security documents is standard procedure and I almost find it rare that a place wouldn't ask for it.

The issue is that the casino passed on this information to a third party.

Originally Posted by winbig

If the casino is providing information to your bank/ewallet/credit card company, then it's not really a violation of your privacy.

Yes it is, if they are doing it without my permission.

Originally Posted by winbig

Isn't it possible that they're required by law/regulated to provide identification documents as requested by the ewallet/bank/whatever? I'm sure they're regulated, and can't make up the rules as they go...and could probably get in trouble themselves by not sending the requested information.

Think of it as if a law enforcement agency were to contact them with a warrant, asking for any and all information they have about you. If they didn't comply, they would definitely be in hot water. I was reading somewhere about this same situation regarding Google. They specifically state that if they are contacted by LE for your records, then they will immediately comply - and are not required to even contact you letting you know that these documents were requested.

An e-wallet is not a law enforcement agency. It can choose not to do business with you if you don't provide the documents and that's about it.

Furthermore, if these companies were based in the EU then they fall under the data protection law of the countries where they are processing personal data, and in particular, it would be illegal for a company to hold personal information obtained in this manner. I am slightly confused whether it was entropay or not, one post says "something like Entropay but it's not" the other one complains about entropay, but if it is based in the UK, a complaint to the Information Commissioner costs nothing.

**aodat2** · 5th March 2008, 03:53 AM

Originally Posted by GrandMaster

Furthermore, if these companies were based in the EU then they fall under the data protection law of the countries where they are processing personal data, and in particular, it would be illegal for a company to hold personal information obtained in this manner. I am slightly confused whether it was entropay or not, one post says "something like Entropay but it's not" the other one complains about entropay, but if it is based in the UK, a complaint to the Information Commissioner costs nothing.

GrandMaster, the casino that I'm mentioning is an accredited casino and NO it's not Entropay which is in question. It's another company all by itself. I'm just using Entropay as an example.

I'm not really wanting to make a complaint or anything. The casino is working with me right now on this issue and hopefull we will be able to resolve this issue on a better term than compared to the complaint route. That would be my last choice.

Will update you guys on what's happening as I get updates. Sorry I can't tell who the processor is as well.

**vinylweatherman** · 5th March 2008, 09:00 PM

Many of these processors advertise their service as offering a conduit such that you do NOT have to reveal your full details to the merchant. Normally, the idea behind this is to prevent the merchant from misusing your fixed payment method details and emptying your bank or card account.

The processor would surely ask for it's client's details up front, but may be asking for the merchant to supply what IT sees as their "client's details". This could check that the processor account itself has not been "hacked", and used by other than it's owner with an online merchant. Unfortunately, it seems that the casino may have supplied more information than is necessary for the processor to carry out such a check. This could be cause for complaint under EU privacy laws, although many casinos and processors fall outside them.

The FSA really does not have a clue, as by issuing these "small e-money" licences, they are creating a deception that many companies are only too willing to exploit. Many may mistake these "licences" as an indication that the company is properly regulated, and thus can be trusted. Those companies that are properly regulated will also be affected, as trust in the FSA will be undermined when complaints get the brush-off (as above).