La Liga has taken substantial flak for tapping into
microphones and geolocation services in fans‘ phones in a bid to root out
piracy
Spain’s national data protection agency AEPD has
slapped a fine of €250,000 (US$280,000) on the country’s top-flight soccer
league, La Liga, for failing to make it adequately clear to users of its
Android app that the app can activate microphones on their phones as well as
monitor their location, according
to the Spanish daily El Diario.
You may recall our
report from a year ago (exactly
to the day, in fact) about La Liga’s rather unusual approach to tackling pirate
broadcasts of soccer games – by enlisting the help of its app’s users. More
precisely, the app would ask for access to the microphones on the fans’
handsets in order to record their surroundings and check if the captured audio
fingerprint matched up with the sound of a soccer broadcast.
Together with GPS data also collected by the app,
this was intended to pin down the locations of bars and other public venues
that might be showing games illegally. The functionality provoked an outcry,
with many people claiming that the app was essentially turning them into spies
and their phones into bugging devices.
Fast forward 12 months, and the Spanish data
watchdog concludes that La Liga violated European Union rules about consent and
transparency.
Here’s the
kicker
While the app does request – twice in fact,
according to La Liga – user permissions to activate the microphones and
GPS services, AEPD maintains that this is communicated in an “opaque” manner.
Additionally, the agency says that the consent should be requested every time
the mic is activated, because the practice amounts to the collection of personal
data. According to AEPD, La Liga also violated the EU’s General Data
Protection Regulation(GDPR) by
failing to enable users to withdraw their consent at any time.
La Liga would have none of this, however. In a
statement, Spain’s
premier soccer league said that it
will challenge the decision in court, noting that AEPD made no effort to
understand how the technology works. The league also reaffirmed what it’s said
before – that the technology doesn’t make it possible to listen to users’
voices and conversations and that there is no way to turn the sound footprint
back into the actual content of the recording, hence there’s no collection of
personal data to begin with.
La Liga also claims that the captured audio snippet
is automatically converted into a binary code on the device itself. The code is
then compared to a reference database and, if there’s no match between the two,
the former code is discarded. The feature was introduced
with an update on June 8, 2018.
Either way, the league said that it will kill the
functionality by June 30, although not exactly in response to AEPD’s decision.
Rather, La Liga called the feature “experimental”, adding that it won’t extend
its contract with the technology’s provider after it expires at the end of this
month. Nevertheless, the league said that it will continue to test new
technologies in its fight against unlicensed broadcasts of soccer games, which
it says cost
Spanish soccer €400 million (US$450
million) in lost revenues each year.
The app has more than 10 million users, including 4
million in Spain. Its main functionality is to deliver scores, news, highlights
from the top flight of Spanish soccer.