- La Liga is accused of violating the EU’s GDPR laws for collecting data by activating Android device microphones.
- The soccer organization is claiming not be violating any laws, as they don’t log conversations.
- The Spanish data protection agency is not convinced and imposed a €250k fine on La Liga.
La Liga, the Spanish soccer league system, is expected to pay a fine of 250,000 euros following AEPDs (Spanish Data Protection Agency) investigation on the La Liga Android app. According to user reports, previous publications, and the AEPD’s conclusions, the La Liga app has been activating devices’ microphones and the GPS sensor without the user realizing, sending both the geographical coordinates and the audio feedback to the developers for analysis. La Liga claims that the purpose of this is to develop statistical patterns on soccer consumption, as well as to detect fraudulent operations of the re-transmissions of football matches.
This latest part is the key here, as the app is basically acting as a straight out spyware tool. If a user is sitting in a sports cafe, or even at a friend’s house watching a game that plays from an illicit source, La Liga will know about it. While the soccer organization has the right to protect the broadcasting licenses of a product they own, the practice of spying on users without asking for their consent is absolutely unacceptable, and AEPD has imposed the €250K fine to reflect this.
La Liga doesn’t agree with the fine and believes that AEPD didn’t understand or even made an effort to understand how their app works. That said, they have announced that they will take this matter to court, trying to object the fine, saying that they never violated any part of the GDPR regulation. In fact, they note that the people who try to install the app are asked for their consent on two distinct occasions, and they argue that their app is not recording or storing anything that has to do with people’s private conversations, merely focusing on the match feed based on an automated checking procedure.
In the way that Shazam works, the app is continuously looking for acoustic fingerprints that indicate the re-transmission of a La Liga football match. No human conversations are logged, stored, or analyzed in this process. The AEPD is clearly not convinced by this explanation, as they believe that this still qualifies as spying, and the claim of the transmissioned data not being reversible back to sound is a spurious one according to their understanding. They are asking La Liga to introduce new mechanisms that ensure the users’ privacy protection, respecting them, and properly notifying them of the anti-piracy systems that are incorporated into the app.