Indian cricket’s governing body, the BCCI, has become the latest critic of the controversial “whereabouts rule” adopted by the World Anti-Doping Authority (WADA). As I described in my previous post, the rule requires all elite sports men and women to provide information about where they will be for an hour every day for the next 3 months, and has prompted a number of questions as to its proportionality.
Whilst other athletes and sporting bodies have tended to object first to the lack of freedom it affords them, perhaps citing privacy concerns second, it is notable that the main issue which the BCCI has focussed on is the security of its players. Cricket in India is perhaps the most fanatically supported of any sport in any country in the world, to the extent that star players reportedly consider their security, and even their lives, will be at risk if their whereabouts is made known outside of the various competitions in which they participate (during which they can, in theory, be adequately protected).
The BCCI has not, it seems, attempted to criticise WADA’s data protection standard, the World Anti-Doping Code International Standard for the Protection of Privacy. Instead, the inference is that the Indian cricketers do not trust WADA and its affiliated bodies to meet that standard and keep their data secure. As we have seen in the UK, it is one thing to have a robust data protection regime in place, and quite another to adhere to it.
Which seems to raise an interesting question: should the likelihood of a data security breach be factored in to the decision as to what personal data it may be proportionate to collect in the first place?