The sensitive privacy issues of health and fitness apps

Health and fitness apps or wearables are more and more common these days. Everyone seems to be sharing on social media their biking mileage, their running route or the number of steps they took in a day.

Besides the more social aspect of these apps, they also turn out to greatly improve people’s lives, since they help them keep track of their physical and physiological data and motivate others be more active as well. Which is why they can be very useful.

However, many of these apps present important privacy dangers and if you are not careful, your data could end up in the wrong hands! Insurance brokers, for instance, could pay valuable sums to gain access to this precious information.


The numerous security risks and the need for best practices

According to a recent study conducted by researchers at the University of Toronto, there are several security and privacy risks associated with wearable fitness trackers.

Do you use health or fitness apps? Learn about the #privacy risks. Click to Tweet

For this study, the researchers studied eight wrist-worn trackers, and their related apps, among which: Apple Watch, Basis Peak, Fitbit Charge HR, Garmin Vivosmart, Jawbone UP2, Withings Pulse O2, Xiaomi Mi Band and Mio Fuse.

Worryingly, the research concluded that “the fitness data generated by several wearable devices can be falsified by motivated parties, calling into question the degree to which this data should be relied upon for insurance or legal purposes. This confirms (…) that people could fraudulently input device data.”

That is why, the University of Toronto researchers recommend that the provenance of fitness tracking data needs to be carefully assessed when utilizing the info for non-personal fitness tracking purposes, such as when it is introduced in courts or used to increase or reduce a person’s insurance premiums.

Due to these increasing privacy concerns, more and more organizations from around the world are taking a stand and trying to force developers to take users’ privacy more seriously.

Kelsey Finch, Policy Counsel, Future of Privacy Forum highlights that “Some data collected from wearables may be relatively trivial, but other data can be highly sensitive”. That is why the US based think tank has created a set of best practices for consumer wearables and wellness apps and devices, accessible at this link.

Some of the recommendations issued by FPS, which found that a whole 30 percent of fitness-focused apps available don’t have a privacy policy, include:

  • The prohibition of sharing personal fitness/health data to “advertising platforms, data brokers, or information resellers, even with express consent”
  • The app developers must “make the covered data available to the user it refers to in a reasonably complete way as soon as reasonably practical and technically feasible, at little or no cost to the requester”
  • The covered data “must not be maintained for longer than is needed for the reasonable operation of the app or service, or as long as the user maintains an account with the company”.
Where is your personal data going? Take a step back and check if your fitness app has a privacy policy. #PrivacyTips… Click to Tweet

Our recommendations to you, the user

  • Read the privacy policy of the fitness/health app you wish to install; if there is no privacy policy, don’t even bother to install these programs.
  • Don’t share your jogging / biking routes on social media; these allow potential thieves to know your exact location.
  • Keep the fitness and health data stored in your mobile private with the help of a VPN such as CyberGhost – it encrypts your entire Internet connection and doesn’t allow third parties to sneak a peek into your personal life.
  • Also, don’t share other health data on your social accounts. You’re basically handing out costly personal information to third parties you wouldn’t normally give it to (such as insurance companies). No privacy policy can protect you against what you are willingly and publicly sharing!

About the author

Corina Dobre
Corina Dobre

A professional wordsmith, Corina has improved her writing skills through extensive experiences in journalism, advertising and marketing. Curious by nature, she enjoys learning foreign languages and discovering everything, as well as everyone around her.


Leave a comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

© 2017 CyberGhost