• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
qatar world cup apps prompt digital privacy warnings from regulators

Qatar World Cup apps prompt digital privacy warnings from regulators

You are here: Home / General Cyber Security News / Qatar World Cup apps prompt digital privacy warnings from regulators
November 17, 2022

Getty Photos

Two apps explained as ‘mandatory’ for attending the Qatar Earth Cup have been the issue of privacy grievances by several European details regulators, amidst promises they accumulate sensitive knowledge exterior of their remit.

‘Ehteraz’ and ‘Hayya’ are both of those applications released by Qatar’s Ministry of Inside and its Supreme Committee for Shipping & Legacy, respectively. The former is listed on Google Play as a get in touch with tracing application for the event, while the latter is mentioned as a portal as a result of which to ebook tickets, handle lodging, and enter stadiums, but gurus have argued that the permissions demanded by each applications go considerably beyond these fundamental features.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


In a statement, Germany’s BfDI (The Federal Commissioner for Knowledge Safety and Independence of Info) urged soccer followers on the lookout to download the app only to do so if “absolutely necessary”.

The regulator also proposed that users must set the applications on a spare phone that incorporates no other personal facts or speak to information, and wipe the phone’s storage and operating after use.

It alleged that the permissions and knowledge processing of each applications goes past that explained on their app shop listings, that just one of the applications tracks the amount of phone calls built, and that information utilized by the apps is “transmitted to a central server” in addition to remaining on the product.

Datatilsynet, Norway’s details protection authority, furthermore mentioned that it does not know “what these apps really do,” but that Ehteraz is demanded for trying to get any health care treatment while in Qatar.

It advised not supplying the Hayya application permission to use product spot and urged all corporations planing to ship staff members to the Qatar Globe Cup to carry out proper risk assessments.

“We are alarmed by the intensive entry the apps need. There is a true chance that site visitors to Qatar, and especially susceptible groups, will be monitored by the Qatari authorities.”

Google Enjoy notes that Hayya’s security tactics do not incorporate details encryption, and the developer has neglected to present a way for customers to delete their details. The official FIFA steerage on Hayya clarifies that a Hayya card is “required to obtain the stadium on match day”.

The UK government’s travel suggestions for Qatar states that visitors will not be required to sign up with Ehteraz prior to arrival, but that Hayya is a mandatory ID needed not only for coming into stadiums during the celebration, but also for coming into Qatar in typical.

“We are knowledgeable of media reports on this make a difference and we will think about the opportunity impact on the privacy rights of UK citizens,” an ICO spokesperson told IT Pro.

“If anybody is worried about how their knowledge has been managed, they can make a complaint to the ICO. We’d also constantly advise travellers who may perhaps be heading to Qatar to refer to our Your Data Issues website page to ensure they are knowledgeable of their data rights.”

The ICO declined to remark on the recommendation of applying spare telephones for app use.

Apps produced for the advertising of, or to interface directly with, sports activities situations have a historical past of security fears. At the get started of 2022, a ‘devastating flaw’ was identified in China’s Beijing Olympics application that authorized threat actors to circumvent encryption intended to guard users’ information and voice recordings. 

The MY2022 app, the use of which was obligatory for equally international and domestic readers to the online games, was also uncovered to transmit some metadata without the need of any SSL encryption and lacked transparency about the extent to which it shared user healthcare info with 3rd-party organisations. 

In reaction, the Federal Bureau of Investigation (FBI) urged athletes to use short term phones during the Beijing Wintertime Olympics, and encouraged participants and spectators not to down load apps expected to attend the party for dread of individual details theft, tracking, or malware.


Some pieces of this posting are sourced from:
www.itpro.co.uk

Previous Post: «chinese hackers using 42,000 imposter domains in massive phishing attack Chinese Hackers Using 42,000 Imposter Domains in Massive Phishing Attack Campaign
Next Post: Cybersecurity Industry Must Maintain Public Faith in Technology, Says NCSC Founder Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution
  • Securing Data in the AI Era
  • Critical Wing FTP Server Vulnerability (CVE-2025-47812) Actively Being Exploited in the Wild
  • Iranian-Backed Pay2Key Ransomware Resurfaces with 80% Profit Share for Cybercriminals
  • CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
  • Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
  • Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord
  • Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods
  • What Security Leaders Need to Know About AI Governance for SaaS

Copyright © TheCyberSecurity.News, All Rights Reserved.