During the past decade, fitness trackers have become a substantial part of our daily lives. In 2021, global shipments of watches, wristbands and other wearables passed 530 million units. By gathering and analyzing information that can range from geolocation to sleeping time, from calorie intake to mood changes, these devices keep track of our progress and offer individualized recommendations through dedicated apps.
There’s more to the social and emotional side of it. Think a pinch of friendly rivalry pushing us to compete with our buddies in daily step count — or how rewarding it feels to share our latest Strava-tracked run on our socials.
But as Web2 taught us, nothing comes without a cost where personal data is involved. Being on the watch 24/7, your tracker knows all about you: from where you live to the exact hour you prefer to hit the pillow, and much more. How secure is the data we share with fitness apps, and how can modern technologies such as blockchain help us control its exposure?
Fitness trackers: getting on the record
As wearables are, quite literally, recording our every move, privacy concerns are also growing. These are fueled by major hacks and leaks, such as the Pumpup leak in 2018, when individual health data, credit card information and private messages between users were exposed, and the 2020 Kinomap leak, where 42 million user records were open to hacker attacks. It also happened last year, when a database containing over 61 million records — including user names, birth dates, weight and GPS logs of personal travel — involving wearable technology and fitness services like FitBit and Apple’s HealthKit was left unsecured online.
There are a few vulnerability points to sharing your personal data with health apps. One is, users seldom realize how their personal data — including names, addresses, ages, gender and more — will be used. After all, how often do you revise the terms and conditions before you hit “agree”? This gives the developers a free hand in terms of treating your data, including selling it to marketing specialists.
Still, even the high integrity of the app creators doesn’t guarantee data security. With closed-source apps, you never know to what extent the code is vulnerable to exploits and attacks. What are we to expect from independent developers if even Apple’s fitness records get compromised?
The risks of having your data sold to marketers or losing it to leaks at hacks vary. At best, it may get used to fine-tune targeted advertising. At worst — for social engineering hacks and theft. Not to mention we all deserve our right to privacy.
As the demands for an ethical approach and new standards in data storage grow, blockchain solutions are emerging to reform fitness as fitness finance — FitFi, in short — and bring in transparency.
Blockchain, FitFi and ethical data collection
FitFi is a new industry emerging out of the intersection of the worlds of fitness and blockchain. One of FitFi’s goals is to transfer the principles of ethical data collection to fitness.
First, it should be transparent to the end user what kind of data they are sharing with the app and how it is used, and users should be able to revoke permissions at any given time. Second is changing how the data is stored, such as encoding it and looking into more advanced storage solutions than large, centralized databases to lower the chances of big leaks. And third is applying new audit standards, where the applications would have to undergo a thorough code check to avoid vulnerabilities.
So, how exactly can blockchain be a remedy for privacy violations? As the database cannot be changed or modified, it allows for a great degree of transparency and accountability. By choosing blockchain-based solutions, we can reclaim the right to data ownership by tracking who gets access to our data and modifying permissions at any time to prevent personal information misuse.
Another benefit blockchain brings is the ability to use cryptography to encode database recordings. In this scenario, should a leak happen, sensitive data will stay safe. And finally, emerging decentralized storage solutions give us a chance to step away from centralized cloud storage.
And lastly, the culture of code audits is still developing across the space. Still, as the average user is getting savvier, more projects will likely follow the demand for a high level of data security and thoroughly check their code before the app launch.
Quest for better awareness
As you are reading this, chances are that you have your smartwatch on, or there is a health app running in the background on your smartphone, recording your geolocation and keeping the step count. The volume of personal data that is collected and stored by these apps is growing exponentially. It’s high time we assert more control over it by exploring FitFi for the benefits it brings — to our health and our privacy.