Biometrics in live event venues face pushback from privacy regulators

Sports leagues and live event venues continue to explore facial recognition for security and ticketing use cases. Biometric ticketing deployments to date have been mainly successful from both provider and fan perspectives, and data shows that almost half of venues consider biometrics a top initiative for 2025. But regulators are beginning to catch up with enterprise, pushing back over perceived violations of data privacy legislation.

AEPD slaps Osasuna with €200,000 fine for face biometrics deployment

In Spain, the Spanish Data Protection Agency (AEPD) has sanctioned La Liga football club Osasuna for using opt-in facial recognition at its 23,516-capacity El Sadar Stadium, slapping the club with a fine of 200,000 euros (roughly equivalent in USD) and a ban on continued use of facial recognition tech.

A report from Pamplona media outlet Diario de Navarra says the regulator’s resolution, issued in December, calls for facial recognition to be prohibited at El Sadar and for any biometric data collected to be deleted. The AEPD had been investigating the matter since a 2022 complaint about Osasuna’s deployment of a biometric access control system, which leverages facial recognition from Veridas and das-Nano.

A notice on the club’s website from August 2024 says “the facial recognition service is currently being adapted to the new technical configuration of the turnstiles at the El Sadar stadium and it is also necessary to adapt it to the new regulations on data protection, so the service will not be available until further notice.”

Osasuna is planning to appeal the regulator’s decision.

Meanwhile, Veridas is now facilitating biometric entry at El Mâs Monumental, an 85,000-seat stadium in Buenos Aires, Argentina that houses the River Plate football club.

Australian Open ruffles fan feathers with FRT in terms and conditions

Similar complaints are hounding the Australian Open, which this year launched opt-in facial ticketing through Wicket – as well as an unrelated facial recognition camera system for venue security.

It’s the security cams causing consternation among some fans, who say they weren’t aware of new terms and conditions for attendance that requires visitors to acknowledge the use of cameras “that may incorporate facial recognition technology.”

Information Age quotes Monash University professor Mark Andrejevic, who worries that the practice of collecting biometrics in such a manner doesn’t constitute meaningful or informed consent – particularly since Tennis Australia, which stores the data, has not confirmed how long they keep the biometrics.

“What’s happening is very similar to what takes place online,” Andrejevic says. “Somewhere, nestled in a thicket of verbiage that you have to agree to, is the fact that you’re consenting to being scanned. But what’s your choice? If you want to go to the tennis, you have to agree to the terms.”

Facial recognition at K-pop events irks political opponents

South Korean entertainment giant Hybe is also facing questions about facial recognition. The company, which produces and distributes content for the K-pop industry, has caught the attention of politicians in the opposition Democratic Party of Korea.

According to Asia News Network, Rep. Lee Soo-jin has proposed an amendment to the Personal Protection Act to limit Hybe’s use of a new facial recognition system, Face Pass, for concert and event admission. She says “current law lacks specific provisions for biometric data, treating it as sensitive information under the Enforcement Decree of the Personal Information Protection Act. We need explicit legislation to address biometric data collection and management.”

Hybe says its facial recognition system, managed in concert with Internet bank Toss and ticket provider InterparkTriple, helps reduce scalping.

The system is set to debut at a fan event for boy band TWS in Seoul from February 14-16. Fans can opt out of the biometric system, but Lee and other critics raise concerns about excessive demands for sensitive personal information – especially from a fan base with such a high percentage of teenagers.

Lee’s bill would require data collectors to “prioritize methods that don’t involve collecting sensitive data to avail themselves of their goods and services.”

Article Topics

AEPD  |  biometric ticketing  |  biometrics  |  data protection  |  facial recognition  |  Hybe  |  identity verification  |  Veridas  |  video surveillance  |  Wicket