PRESS RELEASE: Athlete’s health data – the latest legal threat for sports organisations

• Sporting organisations are collecting broad ranging and often unnecessary health data, including female athletes’ menstrual cycles.

• Lack of clear guidelines and protection of athlete’s performance and health data raises the risk of a new wave of legal action against sports organisations.

Major sporting organisations are leaving themselves exposed to future legal action in the way they’re capturing and storing players performance and health data.

Bartier Perry partner Michael Cossetto says exactly what athlete data is being collected and how safely its being stored is inconsistent or unclear across a number of high-profile sports.

“Today’s elite athletes literally have every move they make tracked and this desire for data is filtering down to the semi-professional, representative and even junior levels of sport,” he
said.

“What’s not keeping up are the guidelines or governance within sporting organisations
around exactly what personal information about athletes should be collected and how that
data is being protected.”

Former Australian Olympians, sports scientists, legal academics, and AI experts have raised
concerns that collected and stored data that was, “personal, unique, and intimately revealing about individual athletes”— was often excessive, unnecessary and a potential “powder keg” of unregulated information.

The 12-member Expert Working Group convened by the Australian Academy of Science and
the University of Western Australia cited as one example the growing trend of menstrual
cycle tracking in female athletes, often without their permission, and for no proven
performance benefit. [1]

“In the euphoria of making the team or winning a contract, athletes often feel they can’t ask
or push back as to what health or performance data is collected about them,” said Mr
Cossetto.

“However, the real risk is that their health data could later be used against them in any
number of ways. Professional athletes obviously work in an industry where their health data
is often directly relevant to performance but you can imagine the outcry if an ASX100
Media Release company asked employees to hand over health or performance data from their Apple Watch or Garmin tracker. The interests of the team and athlete need to be balanced”.

Tennis great Serena Williams and Olympic star gymnast Simone Biles have had confidential
health records hacked and published online while a number of high-profile Australian
Olympians were also caught up in the same cyber breach.

“Aside from the reputational and ethical issues, the maximum fines for privacy breaches have also leapt from $2.5 million to $50 million. If an organisation the size of Manchester United can get hacked, then any Australian sporting body who thinks they're safe should think again.”

Mr Cossetto said sports administrators should be having open and honest conversations on
collection of health data from elite to grassroots level.

“Each organisation in the sporting hierarchy should first query whether it’s even necessary or appropriate to collect an athlete’s health data, if so, what data should be collected, what is the best way to get athletes to opt in or out from providing it and how and for how long will it be stored safely?”.

Like the current focus on liability around concussion in sport, Mr Cossetto said it may be a
number of years before inappropriate use or storage of athlete health data is dealt with in Australia’s courts.

Professional sporting organisations needed to protect themselves and their athletes now by
having in place clear policies with governing or administrative bodies providing simple and
clear guidelines for representative and grassroots sports.

[1] Australian Academy of Science released a discussion paper 'Getting ahead of the game: athlete data in professional sport'