Performance analysis is used widely by clubs and other major stakeholders in sports to evaluate and capture player performance based on objective markers. Players' performance data is commonly used to evaluate a player's key performance metrics such as top speed, sprint distance, number of sprints, distances covered, and heart rate monitoring. Sports technology companies offer a variety of tech solutions for analysing performance datasets. Below we look at the impact of data protection laws on the use of players' data for performance analysis.
Performance Data Analysis: a Growth Market
According to MarketsandMarkets™ (global research and consulting firm) the global sports analytics markets size is expected to grow from $1.9 billion in 2019 to $5.2 billion by 2024, with performance analysis expected to be the fastest growing segment of that market.
Performance data can range from traditional statistics such as the amount of goals, assists or game appearances, to advanced data derived from complex analysis of traditional data, or biometric data such as blood oxygen levels, pulse and other health data.
Sports Stakeholders' Use of Performance Data
Some stakeholders have a direct contractual relationship with athletes such as clubs and agencies, while others, such as bookmakers and broadcasters, may not. An athlete's contract with a club should address the use of their personal data, as required under relevant data protection laws (GDPR and the Data Protection Acts 1988-2018 in Ireland). Appropriate data processing transparency by way of a data protection privacy notice should be given to the athlete. Such notices should be comprehensive, clear and provide specific and explicit details of the purposes for which the data will be used. The notice should include details of what data will be processed, the means and types of processing, and the legal bases for processing (e.g. consent, for contract needs etc.).
Value of Performance Data
There are many ways to monetise performance data, including through the sale and grant of licences to use the performance data. In 2017, the NFL Players Association reportedly reached an agreement with WHOOP (a sports performance technology company) that facilitated players' collection and, if desired, sale of their personal health data from WHOOP wristbands. Strategic partnerships with betting companies or data analytics companies can also be formed. Data analytics companies may pay fees to have sole access and distribution rights to performance data from matches. Betting companies may use performance datasets for stats-based offerings that allows customers to bet on specific in-game actions, such as the amount of shots, passes, tackles made by individual players.
Traditional sales and licenses are not, however, the only ways of deriving value from performance data. Footballer Kevin de Bruyne reportedly used a data analytics company during the negotiation of his contract extension with Manchester City F.C. to demonstrate his value to the club based on historical, current and projected performance, as well as his contribution to the team and compared his salary against his fellow players.
Athletes' Rights Over Performance Data
Who owns the performance data? Generally, the athletes – and more and more athletes are realising this. A distinction must be made between use of personal data such as athletes' biometric data (use of which may be subject to an increased level of justification under GDPR) and data which may be considered already in the public domain e.g. data derived from simple tracking or situational data. GDPR defines “personal data” as any data relating to an identified or identifiable individual (the data subject).
Under the GDPR, athletes have the right to access their data, request rectifications and have the right to erasure. The wider exercise of such rights by athletes, specifically the right to erasure, could create gaps which may reduce the utility and overall value of performance datasets.
Recent Actions
'Project Red Card' is an initiative, led by former Cardiff City manager Russell Slade, head of Global Sports Data and Technology Group Limited ("GSDT"), seeking to bring legal proceedings on behalf of over 850 current and former UK soccer players against certain gaming, betting and data processing companies for the use of players' personal data without their consent for financial gain. The proceedings, which is still in its infancy with letters before action being issued to at least 17 major data collection firms, will seek to prove that athletes' performance data is 'personal data' as per the definition in data protection law, and to recover compensation for these players. Richard Dutton, representing Project Red Card, has said that this action is not just about lost revenues, but also about players' careers "The details of their passing accuracy, their fitness, their speed, all those things which you see in various guises on countless websites or games – that's how players are assessed now. … The simple message is: in order to do that you need a player's consent, and you ain't got it."
It remains to be seen how effective Project Red Card will be. The UK Supreme Court ruling in Lloyd v Google LLC given in early November 2021 suggests there may be a reluctance to entertain claims which deal with merely the loss of control of data and will in fact require evidence of damage or distress. This will put pressure on Project Red Card to be able to adduce evidence of damage or distress and removes a weapon from their arsenal (excuse the pun…). Mr Slade, in an interview with The Guardian newspaper, specified that GSDT wished to engage in settlement negotiations as soon as possible with would-be defendants and to educate them on issues such as the protection of player's personal data. Their negotiation position has been weakened as a result of the Lloyd judgement.
Conclusion
Clubs and other sports stakeholders should pay attention to the exploitation of athletes' personal data and to their data protection rights as these rights might impact commercial realities and deals, and how performance data is to be dealt with if players and athletes take further steps to seek returns and protections arising from their personal data.
Article provided by INPLP member: Leo Moore (William Fry, Ireland)
Discover more about INPLP, the INPLP-Members and the GDPR-FINE database
Dr. Tobias Höllwarth (Managing Director INPLP)