Security June 17, 2026

The most watched World Cup: how AI and biometrics will change football (and our privacy)

The 2026 FIFA World Cup is a global testing ground for predictive surveillance, cybersecurity, and biometrics. How much privacy are we willing to give up in exchange for an agile, modern, and secure event?

El Mundial más vigilado: cómo la IA y la biometría cambiarán el fútbol (y nuestra privacidad)

The 2026 FIFA World Cup is already rewriting the operational history of mega sporting events. For the first time, the tournament is jointly hosted by the United States, Mexico, and Canada, bringing together 48 teams and attracting more than six million fans across its 16 venues. Such a mobilization consolidates what VML consulting defines in its "The Future 100 2026" report as the era of "omnisurveillance".

In this contemporary context, constant observation by corporations and artificial intelligences has become normalized, forcing us into permanent self-editing of our behaviors. Today, surveillance typically arrives disguised as convenience; people willingly surrender their most intimate data in exchange for quick access and frictionless services. The 2026 World Cup will be the perfect reflection of this new social pact.

To understand the challenge of protecting this ecosystem, Luciano Moreira, Chief Transformation & Strategy Office of Cloud Legion, offers a clear perspective: "The 2026 World Cup doesn't have one border: it has sixteen, in three countries and on two planes at the same time, the physical and the digital". Protecting this environment requires the security forces of three jurisdictions to speak a single technological language to anticipate threats in real time.

Matías Baillo, Cybersecurity expert at Logicalis Argentina, agrees that the event "combines three unprecedented factors: scale, hyperconnectivity, and multinational complexity". That hyperconnectivity means each incident gains instant global reach. In this regard, Sebastián González Palacio, Sr. Dir. Advanced Connectivity & Security at Cirion Technologies, points out that "the real challenge is not only in the stadiums, but in the network that will allow the event to be transmitted, distributed, and consumed in real time". The attack surface, he warns, "will be monumental for cybercriminals and advanced threats".

Predictive video surveillance and the face as an entry ticket

The traditional paradigm of static guards staring at monitor walls is dead. Technology will take absolute control of admissions, converting spectators' physical features into their safe passage. In fact, before the competition, 65 airports in the United States have already implemented contactless facial recognition systems that reduce identity verification to just a few seconds.

Inside the venues, the goal is proactivity. Hernando Castiglioni, Director of Engineering for Fortinet Argentina, explains that with the maturation leap in technology "the objective is no longer to react faster, but to anticipate and act before it's too late".

Emmanuel Lucero, IT Manager and AI Leader at Streambe, illustrates this technical convergence: "Security camera video by itself is reactive: it shows you what already happened. Analytics makes it predictive". Using digital twins of the stadiums, operators will be able to visualize how bottlenecks form and dismantle them before they become avalanches.

Ulises Gómez, Senior Vice President of Sales for Video Security and Access Control at Motorola Solutions Latin America, details that "technology helps protect the fan. We seek to return the spectacle to the fan". This is achieved through generative AI tools that emit automatic visual alerts when they detect anomalies in the stands, reducing visual fatigue for human personnel.

Of course, this digitization of physical space has an undeniable social cost. Martina Tolosa, Director at Toltech Group, anticipates that we will see "biometric and frictionless access control, which come to replace old metal detectors". However, the executive is forceful in warning about the side effects of this ecosystem: hyper-technologization "will increase physical security, but will reduce the anonymity we used to have in public spaces".

The invisible referee: Artificial Intelligence takes control

Artificial Intelligence will cease to be a simple retrospective analysis tool behind the scenes. Leonel Navarro, Information Security Global Practice Director at Softtek, asserts that "AI will transition from being an observer to becoming an active participant in the ecosystem", processing millions of variables to optimize transportation, capacity, and cybersecurity in milliseconds.

Pedro Droven, CTO of Zula Ciberseguridad, adds a warning about the speed of these defenses: "AI in 2026 no longer just helps analysts review alerts; it makes autonomous decisions at machine speed. It will act as an automated defender". And he explains that, for crowd control, heat maps are analyzed in real time, anticipating possible deadly bottlenecks. However, he stresses that, although the system may predict, "false positives are preferable to false negatives, and the human factor makes the final decision before physically intervening".

Despite its operational promises, algorithm autonomy raises concerns. Dmitri Zaroubine, Director of Sales Engineering for LATAM at Veeam, presents one of the most challenging scenarios: "This will be the first World Cup in the era of active artificial intelligence. I'm referring to agents that make decisions on their own. That move data, change configurations, activate processes, without anyone calling them".

To this concern about lack of control are added the dangers of algorithmic discrimination. Lucero firmly argues that AI should remain a "luxury copilot, but under no circumstances is it the pilot", and debunks the infallibility of systems by warning that "defining what is suspicious is already a decision that comes with a huge burden of biases and the system will end up systematically suspecting the same profiles".

The most hackable World Cup: cybersecurity and the battle for trust

Given the very high volume of interconnected online platforms, the North American venues will be an unprecedented magnet for cybercrime, with over 4,000 fraudulent domains linked to the event already detected.

Navarro explains that, in a scenario of global geopolitical tension, "a successful attack during the World Cup could have more visibility than months of conventional criminal activity". The risks identified by experts like Baillo include denial-of-service attacks (DDoS) capable of taking down entire platforms, as well as ransomware intrusions targeting the logistics and ticketing operations.

At the user level, the threat will be invisible but omnipresent. Droven highlights the rise of "Quishing (QR Code Fraud)", warning that in cashless stadiums, altered codes that redirect to malicious sites "are a plague". Additionally, attackers will deploy fake Wi-Fi networks ("Rogue APs") to intercept fan traffic in the stands.

Faced with a panorama of systemic risks, the physical protection infrastructure itself becomes a target. Moreira sheds light on this irony: "The one who watches also has to be watched: the camera that protects you is, furthermore, a computer that someone may want to hack".

If cameras and servers are vulnerable, the only thing that separates us from chaos is ensuring data integrity. Néstor Markowicz, COO of CertiSur, synthesizes the underlying debate: "The big question of the 2026 World Cup will not only be who is watching us, but how we know that what we see, receive, or use is authentic". For him, safeguarding that "digital trust will be one of the most important infrastructures of the tournament".

Omnisurveillance: The definitive cost of convenience?

Returning to the postulates of the VML report, the World Cup in the United States, Mexico, and Canada will be a metaphor for our time. We are heading toward an event where we will prioritize not standing in lines and feeling safe over our anonymity. We will surrender the validation of our faces and allow invisible networks to analyze our movements, justifying it as the necessary trade-off of the digital age.

But this transaction requires establishing red lines, because as Moreira reminds us: "A password can be changed; your face cannot. That's why biometrics demand the highest standard, not the most convenient one". In the same vein, Zaroubine launches an irrefutable truth for the organizers: "A fan who enters a stadium did not sign a contract to be watched indefinitely. He signed up to watch a match".

Predictive surveillance and artificial intelligence will offer us a safe and uninterrupted spectacle. But the subsequent challenge for brands and governments will be monumental. As VML concludes in its projections, "the game for brands is no longer to keep accumulating data endlessly, but to manage the trust that data requires". The success of this mega event will depend not only on thwarting physical and cyber threats during its 40 days of competition, but on assuring citizens that, when the last spotlight goes out and the stadium empties, the cameras of omnisurveillance will also stop watching.

Source: Forbes Argentina