Protecting the Privacy of Fans and Players as the Business of Sports Data Booms
The end of the federal ban on sports gambling in the U.S. is likely to invigorate the collection and use of sports data
While the ball is now in Congress’ court to re-legislate, at this stage in the game, some states will most likely take the opportunity to quickly legalize local sports betting, hoping to be one of the first past the post to cash in on the expected tax revenues. The resulting ease in betting restrictions, and the expansion of sportsbooks to include all manner of situations on which to place bets, will lead to efforts to collect even more data on athletes, to either provide more betting opportunities for the bookies (that have to make up for low margins), or in efforts to garner more inside information by the bettors.
Either way, athletes will find that their privacy is more exposed than ever. Technology is already playing a major part in the effort to garner more data in sports; this collection will now be even further incentivized—and that data morel likely publicized—via these new efforts to monetize sports information.
Athletes have always had two strikes against them in the privacy arena: From the media, that cares too much about their exploits off the field, to the rabid fans that hound them incessantly. Athletes, like other celebrities, have grown to expect excessive public exposure. However, while sports has always been an industry obsessed with athletic statistics, with the explosion of wearable sensors and other devices interconnected by the internet of things, teams can now track and compile nearly every measurable vital or muscle movement, both on and off the field. These new technology trends that aim to collect as much data as possible from devices on and around the athletes, while a boon for the gambling industry, will grossly exacerbate the athlete’s public exposure.
To wit: ostensibly this data can provide the relevant inputs for use in complex algorithms to optimize performance and minimize injury. However if not collected and curated carefully and transparently, there is real room for abuse. This abuse can come from anywhere: from those who hijack unencrypted data streams from the various wearables (perhaps those in the gambling industry) to teams that obsessively collect all possible data to make playing and hiring decisions based solely on un-thoroughly tested predictive analytics.
These technologies are not limited to only the athletes. Sports technologies include fan engagement as well, and the two areas of sports tech, fan engagement and the collection of player statistics, advance hand in glove. Just as many will collect more data on athletes, a few will employ similar technologies to collect much more data on fans in an effort to sell additional experiences and/or to extract more advertising revenue from the dedicated fanbase. In either event, advancements in data collection methods and data analytics will result in more data collection, particularly commodifiable personal information on the fans, for example, through apps on their smartphones or during actual gameplay using advanced vision systems and even facial recognition. These technologies easily travel across borders, with the expected effects to also emerge far beyond the U.S. and its new-found gambling freedoms.
Athletes everywhere deserve to have some privacy, but more importantly, they deserve to have a say in how the data collected on them can be used. There is a need for encryption and data standards to safeguard the actors from malicious actors and mistaken analyses. League-wide rules regarding the ownership, permitted use, and distribution of the data will go a long way in protecting athletes’ privacy. This will trickle down to you the fan as well.
Some suggest that the European General Data Protection Regulations (GDPR) and similar efforts worldwide should protect fans and their idols. In Europe, under the GDPR, which came into force May 25, the data collected on athletes and their fans should have some baseline level of privacy and security.
However, the GDPR can also become a significant drag on many areas of sports:
Modern professional sports is in the business of collecting, curating and often sharing data and would find that laws like the GDPR could hamper their business model. For example, fans and athletes will need to provide informed consent at each game with the option each time to opt out of the data collection, this consent and opt-in procedure will be a time consuming and legally onerous process in games with tens of thousands of fans. Finally, data protection laws might also inhibit the free movement of athletes between clubs might become overly restricted as teams weigh the benefits of a trade over the loss of that athlete’s associated data, which might end up leaving with them.
With the current untenable situation, sports clubs are unlikely to simply throw in the towel. They are likely to get in the ring and use their lobbying clout to carve out specific exemptions for sports, as has been the case in antitrust law, putting the fans and the players back to square one.
If this is the case with the leagues and teams calling the shots, both athletes and their fans may actually see a further erosion of their privacy while everyone else enjoys increased privacy under regimes like the GDPR. With a full count against them, fans should not rely on the sporting industry to do anything but bunt a solution, or even drop the ball entirely. Thus, with fans expecting to be behind the eight ball, there is a real need to develop a tenable game plan that includes privacy regime tailored specifically to the data needs of sports and the privacy needs of its consumers.
Dov Greenbaum is the director of the Zvi Meitar Institute for Legal Implications of Emerging Technologies at Interdisciplinary Center Herzliya.