Several cybersecurity experts have highlighted potential data security issues ahead for attendees of the FIFA World Cup Qatar 2022.
The Norwegian government’s Head of Security Øyvind Vasaasen told NRK (opens in new tab): “It’s not my job to give travel advice, but personally I would never bring my mobile phone on a visit to Qatar”, likening the scope of official apps to give someone the keys to your house.
Those wanting to make a trip to the Middle East to experience the tournament live will need to install a Covid-19 tracker dubbed “Ehteraz” on their smartphones, alongside “Hayya”, a compulsory ticketing and transport app.
How do the apps work?
Vasaasen alleged that Ehteraz claims access “to several rights on your mobile, such as access to read, delete or change all content on the phone, as well as access to connect to WiFi and Bluetooth, override other apps, and prevent the phone from switching off to sleep mode”.
Naomi Lintvedt, a research fellow at the University of Oslo’s Faculty of Law, pointed out that if she were an employer, she wouldn’t allow employees to work from their phones in Qatar.
In addition, France’s data protection authority CNIL suggested in Politico to “travel with a blank smartphone … or an old phone that has been reset” and that “special care should be taken with photos, videos, or digital works that could place you in difficulty with respect to the legislation of the country visited”.
UK regulators have also recognized the issue. A spokesperson from the UK Information Commissioner’s Office (ICO) told The register that it is “aware of media reports on this matter and we will consider the potential impact on the privacy rights of UK citizens”, recommending that football fans check out the agency’s data rights page (opens in new tab).
The ICO didn’t offer any opinion on whether or not it was a good idea to bring a secondary “phone burner” for protection.
Via The Register (opens in new tab)