In this article from Information
Week, researchers found evidence that fitness trackers are collecting more
private data about their users than just their personal fitness
performance. The researchers explain how
this data is being transmitted from the investigation conducted on eight
different fitness devices.
The wearable devices tested include
the Apple Watch, Basis Peak, Fitbit Charge HR, Garmin Vivosmart, Jawbone Up 2,
Mio Fuse, Withings Pulse O2, and the Xiaomi Mi Band. Three important aspects related to the
research on these devices are the data being transmitted, the apps associated
with these trackers, and the one device tested that provides more protection. The
research targeted the Bluetooth radios that wearables utilize, and the results
showed they shared location data and allowed fitness data to be stolen easily
from company servers. Clearly, the privacy
on these devices are extremely low in protecting anything transmitted through
Bluetooth to their servers. Almost all
of these fitness trackers have to download an app on their smartphone’s associated
with the product. Even the apps were
proven to leak even more information about users such as login credentials and
failure to protect the data being transmitted between smartphone, wearable, and
company server. Since the researchers
were able to intercept this data so easily, they said that “this could allow
others to push false data into the wearable or the phone.” However, seven out of the eight devices tend
to relate to these findings, the Apple Watch offers users more protection of
their information. Wearable devices use
identifiers called MAC addresses which is tracked by nearby Bluetooth
connection, but the Apple Watch generates a random MAC address every time the
devices connects to Bluetooth to avoid pilfering of private data.
Three things I believe the article
overlooked are improvements in Bluetooth privacy, improvements of company privacy,
and how this data effects user. Research
needs to develop ways into how we can make Bluetooth a more secure and private connection
to wireless devices. With fitness trackers
being able to transmit highly personal data through Bluetooth connection, steps
need to be taken in order to protect the privacy of their users. Companies need to create more exclusive
networks in which the data is being stored, so outsiders cannot easily access
it. By doing this it will also protect
the valuable assets and information of the company because it is only a matter
of time before these outsiders that are pilfering user data get their hands on
company blueprints, financials, and statistics.
Finally, having this personal data in unsecure servers can put users in
danger due to the leaking of location data.
Privacy and safety are too huge concerns in today’s society will our
current global issues, and to have personal data pilfered can lead to serious
consequences that would land on the company.
At least the Apple Watch seems to be making strides to create a product
that has both the company and the user in mind.
Work Cited:
http://www.informationweek.com/mobile/fitbit-other-fitness-trackers-leak-personal-data-study/a/d-id/1324165?
I think this particular case expresses the idea of how easily data can be accessed without us even realizing it when it is too late. It is crazy to think that even a fitness tracker can leak our personal information. This is a wake up call to companies in the sense that they need to be more aware of where their data is and how protected it really is. As a consumer it is hard to tell how safe certain technologies are, a thought that can certainly take away from our tendencies to explore new devices. Someone looking to track their fitness would normally never think their privacy is at risk. This case shows how powerful the techniques of hackers can be and there really needs to be more awareness of this. I am curious to see how these companies will go about this issue and how their customers are responding.
ReplyDelete