Gambling operators covertly sharing users’ data with Facebook

According to a new report by the Observer, gambling companies are breaching data protection laws, tracking the data of website users, and sending it to Meta without consent. 

The information is then used to profile people and flood their Meta accounts with casino and betting ads. 

This is made possible by a hidden tracking tool embedded in several UK gambling websites, which extracts visitors’ data, such as the websites they visit and what they click on. The information is then passed on to the Facebook owner. 

The Observer tested 150 gambling sites, including virtual casinos and sports betting sites, and found widespread breaches of permission laws.

Iain Duncan Smith, the Conservative chair of the all-party parliamentary group on gambling reform, has called for intervention. He stated: “The use of tools such as Meta Pixel without explicit consent seems wholly in breach of the law and should be immediately stopped.” 

He added that the gambling industry’s marketing practices are out of control, and regulations have been shown to be inadequate. 

Wolfie Christl, a data privacy expert, said that sharing data with Meta, even with consent, is very problematic. Doing so without explicit consent shows a blatant disregard for the law.

52 of the 150 websites tested by the Observer shared data automatically via the Meta Pixel tracking tool without explicit consent. These sites include Hollywoodbets, Sporting Index, Bwin, Lottoland, 10Bet, and Bet442. 

The data transfer is said to have happened automatically when the webpage was loaded before any marketing consent was asked for or given. In the days after, those testing the sites were flooded with Facebook ads for gambling websites, suggesting they had been profiled as a result of the data sharing.

In one browsing session, the journalists were shown gambling ads from 49 brands, and not just from those websites that had unlawfully shared their data. The brands included betting companies unaware of the data breaches, but using Meta Pixel within the rules. These companies included Ladbrokes, Sky Bet, BetVictor, Tombola, and Bet365.

After the Observer contacted the gambling operators covered in the report, many of them updated their websites to end the automatic data sharing, with some removing the Meta Pixel tool.

A Bwin spokesperson pointed to an internal error that caused issues with the promotional page, stating it was “not fully aligned with other group sites.”

Gambling group AG Communications is said to have 26 websites automatically sharing data with Meta without consent. These include Bet442, King Casino, 666 Casino, and 24Spin. A representative for the group responded simply that they took compliance extremely seriously.