3 Steps to Secure Your Wearable Fitness Device Data
Your wearable is tracking more than just steps. But who is it sharing that info with?
You tell it what you eat and when you sleep, and it tells you how many steps you take. Your wearable fitness device is your digital cheerleader for healthier living. But who else might have access to the information it contains? And how can you protect that information — your daily routines, your health data, maybe even your bank account information?
In the early days of these gadgets, consumers had high hopes for them. More than half of 1,000 people surveyed by PricewaterhouseCoopers in 2012 estimated wearables would add 10 years to their lives, and 46 percent said they would reduce obesity rates. But 86 percent worried the devices would make users vulnerable to security breaches and 82 percent said they feared wearable technology would invade their privacy.
How can you protect your privacy? SafeBee talked to Anura S. Fernando, a principal engineer for medical software and systems interoperability for UL's Life & Health division. Fernando works on services that help wearable manufacturers address these issues, and he recommends asking these three questions.
1. Does your device transmit data to a cloud or a phone? If it connects to the cloud, Fernando says, make sure there are extra levels of security on the cloud, such as passwords. “If the device is paired with a phone, make sure your phone has appropriate security measures, like a type of password or screen lock,” he adds.
2. Where are you entering your personal information? Be wary of how you type in your personal data. Don't type information directly into the wearable device, advises Fernando. It's less secure than your phone (if that’s where the device connects).
If possible, enter sensitive information through your phone instead of the device. For example, if your wearable is synced with an employer wellness program, it may ask for your social security number and insurance ID information. See if the app you’re using has privacy settings that allow you to control if and when that information is released to a third party.
Even if you enter info via your phone, note “the link between the wearable and the phone is often a Bluetooth link, and it can be easily compromised using easily available hacking tools that even teenagers are familiar with," says Fernando.
3. Do you share your activities on social media? Posting workout updates on Facebook might provide additional motivation or encouragement, but the risks to your personal safety may not be worth it.
“If you’re using social media tied to these devices, be very careful on the permissions you set, who in your social media circles may have access to that data and how you allow location data to be gathered,” says Fernando. “You don’t want people monitoring your daily habits for some sort of malicious activity.”
Pay particular attention to how social media accounts can access the data from your wearable device. The app you use should have a privacy restriction that allows you to turn off information sharing with social media accounts. For example, make sure you're not allowing Facebook to access the data from your wearable when you sync it to your accounts. “Turn on and off capabilities like communications, so they're only in use when you need them,” Fernando says.
“Wearable fitness devices are good technologies that can help people develop
better habits and exercise more,” says Fernando. “If you aren’t careful there can
be negative consequences. It’s important to leverage these technologies in an
educated way, so you’re aware of the risks.”