For fans of Spanish soccer powerhouses like Real Madrid and FC Barcelona, La Liga's Android app provided a convenient way to follow live scores and game schedules. But it was also a great tool for the soccer league to eavesdrop on users' surroundings.
Earlier this month, La Liga was fined 250,000 euros by Spain's data-protection agency for spying on its app's users. The app was tracking users' locations and accessing their microphones to listen to their surroundings in order to uncover bars that were streaming its soccer games illegally.
The La Liga app was using an algorithm similar to Shazam to identify broadcasts of its games. Combining this data with users' geolocations, it could pinpoint specific bars and look at whether the broadcast was unlicensed. The organization has sued hundreds of bars recently for illegally showing its games.
The league has argued that the app sought consent from users to access their microphones and, if permitted, only listened for an "audio fingerprint" of the games and not any other sounds, such as conversations. But the data-protection agency said the app should have gone further by alerting users every time the microphone was activated.
It's not just La Liga; when it comes to your data and privacy, many popular apps are probably more invasive than you'd like. Uber stores customers' complete ride history and, until last year, gave drivers access to all of their past pick-up and drop-off locations—which more than likely included their home addresses. Facebook's facial-recognition software that allows users to more conveniently tag friends in photos also subjects individuals to the technology without their consent.
Fitness trackers record two sets of sensitive information, users' precise locations and health data, and several brands have been found to transmit information using methods with low security levels. Meanwhile, third-party weather apps have become notorious for asking for permissions that seem irrelevant to its main service and selling the data it collects.
And for Android users, Google tracks your location under certain circumstances even if you disable location history. Every time you use Google Maps, for example, your location is recorded and saved, regardless of your settings.
Can you protect your privacy from apps?
Apps are monitoring us in ways we often aren't aware of. The easiest way to protect your privacy would be to stop using your phone and all its apps. Don't want to give up your tech? We didn't think so.
Turning off location permissions on your phone helps. But if there's anything to be learned from the La Liga case, it's to be more discerning when it comes to giving apps permission to access your location or parts of your phone. Some permissions are required for certain apps to work, but it doesn't make sense for a soccer score app to need to access your microphone, for instance.
Another step to take is controlling which apps have access to your Google account. Head to Google's Security page and select "Google apps with account access." From there, you'll be able to see and remove apps that have access to your account.
While some data gathering by your apps might seem unavoidable, anyone who cares about their online privacy should invest in a high-quality VPN for Android. A VPN hides your IP and location from websites that you visit, keeping you anonymous, and its encryption abilities also make it safe to use public Wi-Fi, such as in cafes and airports, where your data would otherwise be especially vulnerable to interception by hackers.
As for La Liga's app, the league remains defiant against the notion that it has done anything wrong, but the app's listening function will be disabled by the end of this month—always the intention, according to La Liga—as the season comes to a close.