TechTronBlog.com

Technology, Innovation, Collaboration
Menu
  • Features
  • Gadget
  • Mobile
  • Uncategorized

Daily Tech Updates Sent to your Email

Join our Newsletter
Home
Features
LaLiga facing €250k fine for GDPR violations in app used to spy on users
Features

LaLiga facing €250k fine for GDPR violations in app used to spy on users

August 17, 2020

The official app of the Spanish soccer league used the microphone and GPS in an attempt to curb restaurants from broadcasting the game.


Spanish soccer league LaLiga is facing a fine of €250,000 (approximately $283,000) for GDPR violations resulting from a convoluted wiretap in their smartphone app intended to curb piracy of soccer match broadcasts. The Spanish Agency for Data Protection (La Agencia de Protección de Datos, or AEPD) levied the fine this week due to the league’s violation of consent-related clauses in the GDPR, as LaLiga did not properly disclose the nature of the microphone usage, according to a report from Spanish newspaper ABC.

According to the ABC report, LaLiga intends to appeal, stating that AEPD “has not made the necessary effort to understand how technology works.” (Quote software translated.) Despite this, LaLiga will disable the listening function on June 30, the end of the season.

LaLiga’s convoluted attempt to wiretap fans to curb piracy

LaLiga introduced a feature in the official Android app last year that activates the microphone and GPS functions when matches are being played, under the pretense of using the features to identify venues such as bars or restaurants that are broadcasting soccer games illegally.

This functionality is not happening surreptitiously, as the app requests access to the microphone and geolocation service—it does not rely on a vulnerability to access these components without explicit permission—as TechRepublic reported a year ago.

Despite this, users were not explicitly informed of the intended use of the microphone and geolocation permissions, which is central to the decision by AEPD to levy fines against LaLiga.

SEE: GDPR: A guide for tech and business leaders (free PDF) (TechRepublic)

LaLiga’s explanation of the app behavior was oblique—even granting an allowance for software translation diluting the meaning of their official statement, LaLiga contended that the app “does not access the audio fragments captured by the microphone of the device, since these are automatically converted into a binary code on the device itself,” which is a meaningless distinction, as any audio captured for storage on a computer is inherently a binary code. The methodology is likely some type of audio fingerprinting, or a discrete cosine transform.

The difficulties of this strategy were noted in TechRepublic’s previous coverage:

While it is possible to attempt audio fingerprinting of the commentators, the overlap which would inevitably occur of background sounds in public places would make accurate identification via audio fingerprinting exponentially more difficult. It is possible that broadcasts could be watermarked with a pattern of ultrasonic sounds which humans would not be able to hear, as focusing on a frequency outside of normal human speech would greatly simplify filtering out background noise. This, however, relies heavily on the receiving equipment (TV, speaker systems, etc.) to be sensitive enough to reliably reproduce this sound, and for the microphone of a given smartphone to be able to pick it up.

Additionally, outside of commentary, soccer is not a particularly sound-oriented sport to telecast. This surveillance scheme devised by La Liga could swiftly be undercut by simply muting a television. No matter what technical means are being used for this scheme, the amount of engineering which is required to operate this surveillance system is trivially easy to bypass.

GDPR enforcement should concern businesses of any size

In just over a year since GDPR enforcement commenced, businesses small and large are facing fines for improper handling of private data. While the fine levied against LaLiga is relatively small, Google faces a fine of €50 million for collecting personal data without transparently disclosing how that is used to target advertising.

GDPR is far-reaching regulation, as it also covers the use of information collected through third parties—a Polish company was fined €220 thousand for collecting information available on the internet and using it to contact over 90,000 people for promotional purposes.

For more, check out “One year in, fewer than half of professionals believe GDPR increased data protection” and “How has GDPR actually affected businesses?” on TechRepublic.







5G and Mobile Enterprise Newsletter


5G networks and devices, mobile security, remote support, and the latest about phones, tablets, and apps are some of the topics we’ll cover.
Delivered Tuesdays and Fridays




Sign up today




Also see

” data-credit=”Image: Yuliia Zatula, Getty Images/iStockphoto” rel=”noopener noreferrer nofollow”>soccer.jpg

Image: Yuliia Zatula, Getty Images/iStockphoto


Share
Tweet
Email
Prev Article
Next Article

Related Articles

https://www.techrepublic.com/article/ai-fighter-pilot-vs-air-force-pilot-dogfight-showdown-scheduled-for-this-week/#ftag=RSS56d97e7

AI fighter pilot vs. Air Force pilot: Dogfight showdown scheduled for this week

https://www.techrepublic.com/article/future-of-farming-ai-enabled-harvest-robot-flexes-new-dexterity-skills/#ftag=RSS56d97e7

Future of farming: AI-enabled harvest robot flexes new dexterity skills

About The Author

Leave a Reply

Cancel reply

Recent Posts

  • New tech and gadgets you absolutely can’t miss
  • Razer Pro Click ergonomic wireless mouse maximizes your productivity
  • Lume Cube Panel Mini Bicolor LED Light provides on-the-go lighting for photographers
  • LINKA LEO GPS Smart Bike Lock can track your bicycle’s movements in more than 100 countries
  • Razer Pro Glide soft mouse mat cushions your hand during use

Recent Comments

    Archives

    • August 2020

    Categories

    • Features
    • Gadget
    • Mobile
    • Uncategorized

    Meta

    • Log in
    • Entries feed
    • Comments feed
    • WordPress.org

    TechTronBlog.com

    Technology, Innovation, Collaboration
    Copyright © 2021 TechTronBlog.com
    Theme by MyThemeShop.com

    Ad Blocker Detected

    Our website is made possible by displaying online advertisements to our visitors. Please consider supporting us by disabling your ad blocker.

    Refresh