By Will Scolinos, GW Law, 3L
(The following article appeared in Esports and the Law, a publication by Hackney Publications.)
Who owns Pro Soccer Player Harry Kane’s top speed in a match? The velocity of a well-struck cross by Soccer Midfielder Bruno Fernandes? The height of Brazilian Footballer Alisson Becker?
To finally resolve ambiguities related to players’ ownership of their data, more than 400 current and former UK soccer players (known collectively as Project Red Card) are bringing a lawsuit alongside former Cardiff City and Layton Orient manager Russell Slade. The suit asserts that certain gambling, gaming, and data processing companies use players’ personal, performance and tracking data for financial gain without the consent of the players to whom the data relates, purportedly in violation of EU law.
Project Red Card argues that the players’ performance data (speeds, distances traveled in a match, etc.) should be treated under UK and EU data protection laws as personal data and is being exploited for financial gain without their consent.
Ultimately, Project Red Card’s success hinges on which data is legally considered personal data and or data concerning health.
In 2018, EU passed the General Data Protection Regulation (GDPR) which provides protection for one’s data, including athletes. The GDPR grants individuals (i.e. players) the right to rectify inaccuracies in their data, access the data themselves, and remove their data altogether from the dataset. Should the players elect to delete their data, the less valuable the dataset will be to purchasers.
Prior to 2018, the EU courts have held that statistical data is not personal data. For instance, in 2012, the European Courts of Justice found that Football DataCo, which aggregated and licensed out Premier League statistical data (scoring, assists, etc.), did not own the data. Instead, it ruled that the statistical data, despite being disseminated pursuant to private broadcast agreements, was a public fact and should be distributed free of fees and licensing.
The GDPR places strict regulations on the use of personal data, which it defines broadly as “any information relating to an identified or identifiable natural person (‘data subject’).” The players will rely on the following arguments: (1) Lack of transparency and fairness, (2) Failure of consent violates the legal processing requirement, (3) Failure to provide additional protections for health-related data, (4) Consent is not part of their player’s contract, and (5) Violating protections against profiling data subjects.
Conversely, the Defendants will argue they have a legitimate interest is such data and their interest is more important than the rights of the footballers.
The main ripple in the GDPR is that there is presently no consensus on which sporting data deserves full GDPR protections. This untested legal landscape surrounding this issue could cut either way because, in the past, certain sports related data has been treated as belonging to the public domain. For instance, over the past several years, data related to scoring a goal has been treated by the EU courts as data belonging to the public domain. However, it is worth noting that the GDPR contains an exemption for data shared for journalistic purposes, but it is more strictly enforced for data used for gambling.
According to the BBC’s interview with Jason Dunlop, a technology expert who co-founded the sports data firm Global Sports Data and Technology Group alongside Project Red Cross’s Russell Slade, players “have no issue with football clubs using the data.” Instead, he argues that the players seek greater control over where their data is shared thereafter.
Richard Dutton, representing Project Red Card, was quoted by Wired.com saying that, “The details of their passing accuracy, their fitness, their speed, all of those things which you see in various guises on countless websites or games – that’s how players are assessed now… The simple message is in order to do that, you need a player’s consent, and you ain’t got it.”
One could argue the player only owns a small percentage of the goal’s data. For example, when a player scores a goal with a Nike ball, in Adidas cleats of Arsenal’s colors, in a stadium paid for by the club and league, how much of that goal does the player really own? Does he/she own enough to erase it from the official league statistics or merely from a gambling website?
Some experts wonder if the solution lies in a player’s contract or collective bargaining agreement. In the United States, the NBA and the NFL have already taken this approach. The NBA permits nonbiometric data sharing without individual players’ consent and the NFL operates similarly, with the addition of biometric data.
“Analytics” has become a buzzword in professional sports in this post-Moneyball era. Teams today spare no expense in identifying and exploiting the most minute trend that could lead to a competitive advantage. More data is recorded each year. And today, as teams and leagues seek to recoup lost revenues incurred during the pandemic, there is more data than ever available to sell. Drawing the line of ownership will prove difficult in today’s betting world.
 Regulation (EU) 2016/679 (General Data Protection Regulation).
 Football Dataco Ltd., et al. v. Sportradar GmbH, et al., (2012) ECR1-0000, the Court of Justice of the European Union (“CJEU”).
 Nick Hartley & Philip Marsh, Russell Slade: Ex-manager leads lawsuit over use of players’ personal data, BBC Wales News, (July 28, 2020), https://www.bbc.com/sport/football/53557706.
 Oliver Franklin-Wallis, There’s a big fight brewing over the Premier League’s player data, WIRED UK, (July 8, 2020), https://www.wired.co.uk/article/project-red-card-football-data.