Are Smart Exercise Devices Risking Your Privacy and Health Data?

February 25, 2025

James Maitland is an expert in robotics and IoT applications in medicine, driven by a strong passion for leveraging technology to advance healthcare solutions. Today, we will discuss how smart exercise equipment and health tracking apps may collect and use our personal health data.

Can you explain what kinds of personal information smart exercise equipment and health tracking apps are collecting?

These devices and apps are capable of collecting a wide range of personal data. This includes biometric data like heart rate, calorie intake, exercise routines, sleep patterns, and even more sensitive information such as reproductive health data and sensory data like smell.

What specific data did Consumer Reports find that products like Peloton or Bowflex might track? Can you elaborate on how reproductive health and sensory data, like smell, are possibly being tracked?

Consumer Reports found that products like Peloton and Bowflex have privacy policies that allow them to track various types of personal data. Bowflex, in particular, reserves the right to track sensory data like smell. While it is not clear if they are actually collecting such data, their policies give them the flexibility to do so. Additionally, these policies could include the right to track reproductive health data, although the specifics of how this data might be collected and used are not clearly defined.

Are these companies currently able to collect data on how users smell, or are they just reserving the right to?

Many of these companies are currently just reserving the right to collect such data. The technology to track some of the more invasive data points, like smell, may not yet be in widespread use, but by including these possibilities in their privacy policies, companies are keeping their options open for future developments.

Why do these companies want to gather such a broad range of personal data?

Companies are motivated to gather a broad range of data to gain deeper insights into user behaviors and health trends. This information can be highly valuable for multiple purposes, including improving product offerings, developing new services, and creating targeted advertising strategies.

What are some potential future uses for this health data that companies might find profitable?

Companies could use this data to build detailed health profiles of their users. These profiles can be used for targeted advertisements, personalized health and fitness recommendations, and possibly even for selling insights to third parties like insurance companies or healthcare providers who could use this data to evaluate risks and set policy terms.

How could this collected data be used for targeted advertising?

Collected health data can be combined with other data to create highly personalized advertising campaigns. For instance, if a user’s data shows they are interested in weight loss, they might receive targeted ads for diet plans, fitness programs, or weight loss products.

Could this health data be sold or shared with third parties? If so, who are these third parties?

Yes, this health data could potentially be sold or shared with third parties. These third parties could include marketing companies, researchers, and insurance companies. The specific details of with whom the data might be shared are usually outlined in the privacy policies of the devices and apps.

Is there evidence that life insurance or long-term care insurance companies are using data from these fitness devices and apps to influence policy rates?

While there is currently no concrete evidence that life insurance or long-term care insurance companies are using data from these devices to influence policy rates, it is a concern among privacy experts. The detailed health data collected could, theoretically, be valuable to these companies for assessing risks and setting premiums.

How might health data from smart exercise equipment be accessed by law enforcement or government bodies?

Health data from these devices could be accessed by law enforcement or government bodies through legal mechanisms, such as subpoenas. In scenarios related to criminal investigations or other government inquiries, companies may be compelled to provide access to user data.

Are there current laws or regulations preventing insurers from using health data gathered from these devices?

Health insurance companies are subject to regulations like the Affordable Care Act, which offers some level of protection against the use of personal health data. However, other types of insurance, such as life or long-term care insurance, may not be as tightly regulated concerning the use of health data from these devices.

How could concerns surrounding reproductive health data become a legal issue with these tracking apps?

Reproductive health data could become a legal issue if it is used to prosecute individuals under certain laws. For example, in regions where abortion is illegal, data showing reproductive health details could potentially be used as evidence in legal cases, raising significant privacy and ethical concerns.

What options do consumers have to protect their personal information when using smart exercise equipment?

Consumers can take several steps to protect their personal information. These include carefully reading privacy policies, opting out of data collection when possible, using devices that offer higher privacy protections, or choosing non-connected exercise equipment. Additionally, they can reach out to companies to understand their data practices better or use pseudonyms and limit the personal information provided to apps.

Can consumers opt out of data collection while still using the apps and equipment?

The ability to opt out of data collection varies by company and device. Some companies provide options for users to limit data collection while still using their services, whereas others may require data sharing as a condition of use. It’s important for consumers to review and understand the specific terms of each product.

Are there non-high tech alternatives to smart exercise equipment that consumers should consider?

Yes, consumers can consider traditional, non-connected exercise equipment, which does not track or store personal health data. Examples include basic stationary bikes, free weights, and other manual fitness tools that offer effective workouts without the data privacy concerns.

What recommendations do you have for consumers who want to use smart exercise technology but are concerned about their privacy?

For those concerned about privacy, I recommend thoroughly reading privacy policies, selecting products from companies with strong privacy practices, and regularly monitoring what data is being collected and how it’s being used. Additionally, consumers should update app permissions and software settings to limit data sharing and look for devices that offer anonymized usage or minimal data collection options.

Are privacy policies easy for the average user to understand, or are they overly complex and vague?

Many privacy policies are complex and written in legal jargon, making them difficult for the average user to fully understand. They often contain broad and vague statements that allow companies a wide scope of data collection and use, which can obscure the true extent of their practices.

What should users do if they are uncomfortable with the privacy policies of their smart exercise equipment?

If users are uncomfortable with the privacy policies, they have several options. They can contact the company for clarification, choose not to use the product, or look for alternatives with better privacy practices. Writing to regulators or consumer protection agencies to express their concerns can also help encourage better industry practices.

How can consumers stay informed about how their data is being used by these companies?

Consumers can stay informed by regularly reviewing privacy policy updates, subscribing to consumer advocacy groups, and following news on data privacy practices. Using resources provided by privacy watchdog groups can also help consumers understand the implications of data collection.

Do you think people are generally aware of the privacy implications when they accept the terms and conditions of these apps? How can awareness be improved?

Most people are not fully aware of the privacy implications when they accept terms and conditions. To improve awareness, companies should create clearer, more concise privacy summaries. Educational campaigns and resources provided by consumer advocacy groups can also help inform users about the potential risks and encourage more thoughtful consideration before agreeing to data collection.

Subscribe to our weekly news digest.

Join now and become a part of our fast-growing community.

Invalid Email Address
Thanks for Subscribing!
We'll be sending you our best soon!
Something went wrong, please try again later