Spanish football organisation La Liga has occurred to be levied 250,000 euros by regional data security agency. The punishment appears after La Liga extended a contentious highlight in its Android app which actuated device microphone and location services in an attempt to recognise institutions opening matches without a permit.
With millions of followers around the globe, Spain’s La Liga soccer league is one of the most common in the game.
To allow fans to keep up with all the latest news, La Liga offers an Android app with a number of features including schedules, kick-off times, and the all-important results.
Controversially, however, the app also has a surprising trick up its sleeve.
After gaining consent from users, La Liga’s software turns fans’ phones into spying devices which are able to analyze their surroundings using the microphone, listening out for unauthorized broadcasts in bars and restaurants, for example. This audio, collected Shazam-style, is then paired with phone GPS data to pinpoint establishments airing matches without a license.
“The purposes for which this functionality will be used are: (i) to develop statistical patterns on soccer consumption and (ii) to detect fraudulent operations of the retransmissions of LaLiga football matches (piracy),” the policy read when first uncovered last summer.
While controversial, La Liga felt that it was on solid ground in respect of the feature and its declaration to app users. AEPD, Spain’s data protection agency (Agencia Española de Protección de Datos), fundamentally disagrees.
As a result, AEPD has hit La Liga with a significant 250,000 euro fine for not properly informing its users in respect of the ‘microphone’ feature, including not displaying a mic icon when recording.
The Data Protection Agency ruled that it broke several EU laws about transparency and consent.
However, La Liga has said it will appeal the fine handed out to them.
In a statement to El País (translated from Spanish), La Liga expressed disappointment with the decision and suggested the regulators were ignorant of the technology involved.
They said users were asked twice to give permission to use the smartphone’s microphone and said it did not store any audio from users.