Fitness bands violate European law says watchdog

A formal complaint has been filed by Norway’s Consumer Council (NCC) about the privacy policies of Fitbit, Jawbone, Garmin and Mio activity trackers.

The 30 page report analyzes the terms and conditions and privacy policies of the four companies and concludes that we surrender basic consumer and privacy rights when using these fitness wristbands. It comes on the heels of an earlier NCC warning that fitness apps including Runkeeper, MyFitnessPal, Strava and Lifesum were exploiting user data by retaining it after accounts had been deleted, as well as tracking them when they weren’t exercising.

The rights body says that the four service providers all have their strengths and weaknesses when it comes to respecting consumer rights, but on the whole they are not sufficiently transparent, gather too much data and fail to say who they are sharing user data with.

The wristbands may help people monitor fitness activities, but anyone who used them gave up data on “asymmetrical and obscure terms”, said Finn Myrstad, director of digital services at the NCC, in a statement.

“We fear that this information can be exploited for direct marketing and price-discrimination purposes, and that basic privacy principles are being neglected.”

The complaint has been lodged with Norway’s data protection authority and came out of a research project carried out into the terms and conditions used by the four wristband makers.

“It is important that we don’t give up basic rights in order to use the products and services of the future,” Mr Myrstad added.

In a statement to the BBC, Jawbone said it was reviewing the NCC report.

“We want to reassure our users and let them know that we only share their data if they ask us to – for example to integrate with a third party app,” Jawbone said.

“We are custodians of the user’s data. We collect it, analyse it, and present it back to the user with meaning. The user may give us permission to share that data.”

Its users can also download their data and ask Jawbone to delete it, the company added.

The NCC has written a set of tips to consumers to help them peruse the technology while understating and maintaining their rights. The watchdog has also included a list of demands for companies. For example, it wants users to be able to change privacy settings in the app itself, and public sharing of information should be off by default.

Fitbit sought to reassure its customers it is committed to protecting its users’ privacy and does not sell data.

“We have never sold personal data and we do not share personal data unless a user specifically directs us to do so, or under the limited exceptions described in our privacy policy,” a company representative said in a statement.

“Fitbit tries to employ clear, non-legalese language in our policies so our users understand what data we collect and how we use it, and we continually look for ways to improve our written policies.”

Norway is clearly not exempt from the fitness tracker craze. The report says around 720 000 of these wristbands were sold in the country last year, signifying the enormous and growing popularity of the products.

Like this article? Subscribe to our monthly newsletter to never miss out!

Leave a Reply

Your email address will not be published.