General Data Protection Regulation (GDPR) , Governance & Risk Management , Privacy

Qatar's World Cup Apps Pose Privacy Concerns

European Data Protection Authorities Advise Using Loaner Phones
Qatar's World Cup Apps Pose Privacy Concerns
The Al-Janoub Stadium in Doha, Qatar, where seven World Cup matches will be played. (Image: Shutterstock)

European data authorities are sounding privacy warnings over apps the Qatari government is encouraging millions of soccer fans to download when they descend on Doha for the 2022 FIFA World Cup.

See Also: Modernize with Monitoring: Keys to Third-Party Risk Management Success

Norwegian, French and German regulators say ticketing and accommodation app Hayya and novel coronavirus contact tracing app Ehteraz open the door to surveillance by Qatari authorities. About 1.5 million soccer fans are set to travel to the Gulf State for a 32-team, 29-day global tournament set to begin Nov. 20.

The German Federal Commissioner for Data Protection and Freedom of Information says the apps collect telephone call metadata protected by secrecy laws in Germany. They also likely collect far more data than what their descriptions disclose, it says.

The Norwegian Data Protection Authority advises users to turn off Hayya's access to location data. "We are alarmed by the extensive access the apps require," the data watchdog says.

“There is a real possibility that visitors to Qatar, and especially vulnerable groups, will be monitored by the Qatari authorities,” it says.

Traveling Norwegians may want to carry two phones to Qatar, it suggests: a loaner exclusively for the purpose of downloading and installing the two apps, and the traveler's normal mobile to use for other purposes. This advice is echoed by French and German authorities. Don't connect the normal phone to open Wi-Fi networks, the data protection authority advises.

"In France, thanks to the GDPR, all applications must guarantee the fundamental rights of individuals and the protection of their data. This is not the case in Qatar," tweeted French Minister for Digital Transition and Telecommunications Jean-Noël Barrot. GDPR refers to the pan-European privacy rules known as the General Data Protection Regulation.

French data protection authority the National Commission on Informatics and Liberty issued a checklist calling for travelers leaving the country to "if possible, travel with a blank phone" and to delete mandatory apps required by foreign nations.

Human rights concerns have dodged FIFA's 2010 decision to select Qatar as host for the 2022 World Cup from the start given the country's poor track record on migrant labor rights, its criminalization of same-sex relations and other autocratic restrictions. Amnesty International reports that all residents face restrictions on freedom of expression and that women and LGBTQ individuals "face discrimination in law and practice."

Fans attending matches in Doha's soccer stadiums will be tracked by omnipresent street cameras equipped with facial recognition technology, reports French state-owned TV network France24.


About the Author

Akshaya Asokan

Akshaya Asokan

Senior Correspondent, ISMG

Asokan is a U.K.-based senior correspondent for Information Security Media Group's global news desk. She previously worked with IDG and other publications, reporting on developments in technology, minority rights and education.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.