Where is all your health data going? The Google and Fitbit scandal explained

 Fitbit Sense
Fitbit Sense

On August 31, 2023, Fitbit and Google came under fire (again) for how the tech giant has been treating its users' potentially sensitive health data.

The best Fitbits are terrific devices that monitor heart rate, sleep, calories burned, workouts, menstrual cycle patterns, and more. But for a long time, concerns have been raised about how this data is being used, especially whether it’s being used to complement Google’s massive data-driven targeted advertising operation.

So where is all your data going? Unfortunately, there’s no easy answer: Google and Fitbit have remained tight-lipped, insisting they are using data responsibly and only sharing it for necessary processing purposes, or with user consent. Other parties have attempted to dig into how Fitbit health data is being used or take Google to task over its lack of transparency, with varying degrees of success.

Of course, all fitness trackers and smartwatches collect and store data, from the best Apple Watches to the best Garmin watches, so Google and Fitbit's case is not a unique one. However, the size and scale of Google's advertising and data harvesting operations have perhaps caused it to be scrutinized more closely than other fitness wearable manufacturers.

We’ll break the whole story down in the interactive timeline window below, from when Google first began its Fitbit acquisition in 2019, to the most recent complaints which could lead to billions of dollars in fines.

Why should you care what happens to your health data?

Big data is big business. Targeted advertising is already very smart, convincing you to spend money based on your online activities, but adding GPS and health data from a fitness tracker can create an almost complete picture of who you are. Targeted advertising alone might not necessarily be a bad thing on its own (after all, if you're going to be advertised to, you'd probably prefer to be shown products you care about) but we don't know who has access to all our data, or how much of that data is anonymized before being shared to third parties for processing.

According to a collection of economists from major European universities, "the combination of Fitbit’s health data with Google’s other data creates unique opportunities for discrimination and exploitation of consumers in healthcare, health insurance, and other sensitive areas".

Could data from our smartwatches be used to hike up health insurance premiums? Could period tracking data be accessed by the US government to understand more about who's getting abortions after the overturn of Roe v. Wade? Is GPS information from our watches relayed to advertisers (or even the police)? These are very extreme examples of serious privacy infringements, and while it's unlikely any of the above is happening often, without strict privacy laws this is what our future could look like.

Fitbit users simply don't know where their data is going without full transparency, and information requests from charities such as None Of Your Business, or NOYB, aren't coming to much. Fitbit stated in the August 2022 Reddit post, featured on the timeline above, that it will comply with governmental requests for sensitive health data.

All smartwatches collect sensitive health data. Apple, which doesn't rely on online advertising in the same way as Google, is keen to emphasize that any health data shared to the iCloud is encrypted end-to-end, and it has turned down governmental requests to unlock devices before. However, this isn't to say Apple Watches are necessarily 'better' or 'safer' than Fitbit, as things can change very quickly in Silicon Valley.

We'll keep an eye on the ongoing Google and Fitbit story as it evolves. In the meantime, regardless of which brand of smartwatch or fitness tracker you use, it's worth diving into the small print of your watch's user agreement to check the brand's privacy policy.

You might also like: