La Liga fined over smartphone spy app

It has emerged that the Spanish soccer league, La Liga, has been turning on people’s smartphone microphones in order to listen to fans as they watch matches. La Liga has been fined 250,000 Euros for illegally exploiting app permissions to engage device microphones and pinpoint the locations of football fans during matches using GPS and cell phone tower signals.

spanish football fans

La Liga's app, which is thought to be used by approximately four million Spanish soccer fans, was using smartphone microphones to discover the location of bars broadcasting matches illegally without a license.

Privacy advocates believe consumer privacy rights have been breached amidst the surveillance. Concerns have also been raised that La Liga might have been gaining access to private conversations and data about Spanish app users during this time.

The Spanish league denies this, claiming that the technology is specifically designed only to listen out for ambient sounds that match the TV broadcast,

"The signal that arrives [from the app] is converted into a binary code that is compared with the code of the transmission signal by an automatic system that performs the operation in less than a second".

According to La Liga’s official statement, the technology is automated and works in a similar manner to the app Shazam. The football league claims that no human employees ever listen to any sounds derived from the app and that no recordings are ever created or stored in the process of finding venues that illegally broadcast matches without paying.

“Even if we wanted to, even if we were ordered to by a judge, we could not record conversations. It's simply not how the technology works."

Despite this, the Spanish Data Protection Agency (AEPD) has found in favor of consumer privacy. AEPD ruled that the app had been acting illegally because it fails to explicitly mention its surveillance capabilities to consumers. AEPD says the app must inform consumers and seek consent both at the time when the app is downloaded - and when surveillance is activated.

According to AEPD, it is too difficult for consumers to remember exactly what permissions for data collection are granted at the time when they download an app. For this reason, the data protection agency has suggested that the app should have to display an icon on the screen that demonstrates that passive listening has begun. This would give consumers the opportunity to disable or uninstall the app if they found themselves being listened to.

La Liga insists that it has done nothing wrong, and has stated that it intends to appeal the agency’s decision, which it believes is unfair. La Liga feels that allowing consumers to protect venues that broadcast matches illegally works counter to its copyrights. In an official statement the Spanish football league stated:

"We deeply disagree with how the AEPD’s has interpreted this technology, and sincerely believe that it has not made the necessary effort to understand how it works."

La Liga believes that displaying an icon when the microphone is switched on could "cause the user to fear that we were listening to something when this technology cannot capture a human conversation."

Despite these claims, the fact remains that the app has been listening on people's phones and tracking their location with GPS - meaning that private data about users has been collected. According to AEPD consumers’ GDPR right have also been violated. It claims that sections 5.1 and 7.3 of the EU’s GDPR are being contravened because consumers are never given the ability to withdraw consent for data collection.

Revelations that the Spanish soccer league has been leveraging permissions on its app to perform corporate surveillance is a stark reminder of how easy it is for firms to spy on the public. Any time that an app asks for permission to access a device microphone - it is possible that the microphone is being switched on to perform this kind of passive listening.

At other times, consumers have reported being served adverts after discussing a product near their phone. Allegations have also previously surfaced that Facebook performs this kind of surveillance; a claim that the social media giant has refuted on more than one occasion.

For consumers, the only option is to always be attentive at the time of downloading and installing mobile software. If any app asks for invasive permissions that it doesn’t appear to need, consumers must carefully consider whether they trust the app and want to install it.

AEPD has given the Spanish football league one month to rectify the privacy problems it has found in the app.

Written by: Ray Walsh

Digital privacy expert with 5 years experience testing and reviewing VPNs. He's been quoted in The Express, The Times, The Washington Post, The Register, CNET & many more. Ray is currently rated #4 VPN and #3 internet privacy authority by Agilience.com.

0 Comments

There are no comments yet.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives: