Washington Post: Privacy advocates warn of ‘nightmare’ scenario as tech giants consider fitness tracking
The Washington Post reports on privacy questions concerning fitness tracking apps:
Fitness tracking apps and devices have gone from an early adopter novelty to a staple of many users’ exercise routines during the past few years — helping users set goals and measure progress over time. Some employers even offer incentives, including insurance discounts, when workers sign up. […]
“This is really, really a privacy nightmare,” says Deborah Peel, the executive director of Patient Privacy Rights, who claims that the vast majority, if not all, of the health data collected by these types of apps have effectively “zero” protections, but is increasingly prized by online data mining and advertising firms.
Both the Food and Drug Administration and the FTC regulate some aspects of the fitness tracking device and app market, but not everyone thinks the government has kept pace with the rapidly changing fitness tracking market. […]
Data mining and advertising companies already have access to vast amounts of information related to consumers health — companies can glean a lot from users Web browsing behavior, or the pharmacy purchases made while using consumer loyalty cards. But fitness tracking apps have the potential to provide more direct and reliable information in greater detail. And that, [says Jeffrey Chester, the executive director of the Center for Digital Democracy], could have truly devastating consequences as the information is monetized. […]
Health Insurance Portability and Accountability Act of 1996 created a regulatory framework for digital health information and privacy protections to go along with it, but it does not apply to many casual health and fitness tracking apps because the data it collects was created by consumers themselves, rather than an entity covered by HIPAA like a doctor or a hospital.
Because of that, “there may be sharing of sensitive health information that’s collected by these health or fitness apps that consumers may not reasonably expect or anticipate — particularly since they are used to sharing that information in a traditional provider context,” says [FTC Senior Staff Attorney Cora Han].