European privacy experts have warned FIFA World Cup attendees that their data may be at risk if they download two local tracking apps. The two apps in question are contract-tracing software Ehteraz, which football fans may be asked to download if they’re forced to visit healthcare facilities during their stay in Qatar, and the official World Cup app Hayya. The latter functions as a fan ID app that may be needed to enter stadiums. However, concerns have been raised that it also tracks device location and network connections, even preventing devices from going into sleep mode. With 1.5 million fans expected to travel to the tiny Gulf state, several European governments have issued advice to mitigate privacy and security concerns. Many, including the Norwegian Data Protection Authority, expressed alarm at the excessive permissions requested by the apps and urged users to take burner phones to the tournament. German data protection agency, BfDI, said that “the data processing of both apps probably goes much further” than their descriptions in the app store indicate. “Among other things, one of the apps collects data on whether and with which number a telephone call is made. This sometimes involves sensitive telecommunications connection data,” it explained. “Among other things, the other app actively prevents the device on which it is installed from going into sleep mode. It is also obvious that the data used by the apps not only remain locally on the device but are also transmitted to a central server.” The BfDI’s French equivalent, CNIL, has also released a checklist for privacy-conscious travelers. The controversial World Cup host nation has been called out for human rights abuses in the past, especially toward the LGBTQ+ community, raising the stakes for those heading to the tournament.
Neil Jones, director of cybersecurity evangelism at Egnyte, argued that the data collected by the apps could also be a treasure trove for would-be cyber-criminals. “If you plan to travel to the event, I would strongly recommend the purchase of a burner phone, if the privacy-limiting capabilities cannot be disabled,” he added. “If prompted, allow only the minimum permissions for the application to function on your device. Strongly consider limiting other users’ access to view your geographical location. Don’t allow the application to make calls on your behalf or alter your device’s data. Consider deleting event-related applications when the events have concluded.”