In-depth reporting, data and actionable intelligence for policy professionals – all in one place.
Avoid naughty pictures and scrub your phone to keep clear of state snoopers, French regulator says.
If you’re going to Qatar for the World Cup, you had better get a burner phone. And don’t take any photos that might fall foul of the Gulf state’s strict morality laws.
France’s influential data protection authority CNIL is telling football fans how they should protect themselves from the Qatar World Cup apps’ snooping.
“Ideally, travel with a blank smartphone … or an old phone that has been reset,” a spokesperson for CNIL told POLITICO.
“Special care should be taken with photos, videos, or digital works that could place you in difficulty with respect to the legislation of the country visited,” the spokesperson said.
Nearly 1.5 million visitors are expected in Qatar for the 2022 World Cup from November 20 to December 18. The sports event has been plagued with controversies including allegations of bribery and corruption, exploitative working conditions, concerns over how the Gulf state treats LGBTQ+ people and media freedom.
Foreigners visiting the country are required to download two mobile applications — the official World Cup app Hayya and Covid-tracking app Ehteraz.
Experts have labeled the apps as a form of spyware because they would provide the Qatari authorities with wide access to people’s data as well as power to read, delete or change content and even to make direct calls.
“It’s not my job to give travel advice, but personally I would never bring my mobile phone on a visit to Qatar,” said the Norwegian broadcaster’s head of security to Norway’s NRK broadcaster. The country’s data protection authority is also expected to advise traveling fans to install the apps on a burner phone.
For football fans who don’t have a blank phone, France’s CNIL has other tips to limit the spyware’s impact.
The data protection authority recommends that travelers install the app only just before departure and delete it as soon as they return to France. They’re also encouraged to “limit online connection to services requiring authentication to the strict minimum,” keep their smartphone with them at all times and have a strong password.
Football fans should also “limit system authorizations to those strictly necessary.”
According to a CNIL map of privacy rules around the globe, Qatar has some sort of framework but it’s not recognized by the EU as providing similar protection compared to the bloc’s flagship data protection rulebook.
Other European regulators also have misgivings about the Qatari apps.
The German foreign ministry, the federal office for information security and the commissioner for data protection and freedom of information are looking into both apps, a spokesperson for the commissioner told POLITICO.
Delegates traveling to an international climate summit in Egypt were also warned this week that the COP27 summit app is a cyber weapon.
This article is part of POLITICO Pro
The one-stop-shop solution for policy professionals fusing the depth of POLITICO journalism with the power of technology
Exclusive, breaking scoops and insights
Customized policy intelligence platform
A high-level public affairs network
Log in to access content and manage your profile. If you do not have an account you can register here.