Everybody wants a fitness tracker, but nobody wants that much of their personal data exposed. Here’s how providers can protect sensitive information while still offering all the smart benefits.
From pedometers to smartwatches, wearables have risen in remarkably little time to a popular must-have. Whether you want to improve your sleep habits, your fertility, or your fitness, there’s an app for that – connected to some lightweight, unobtrusive piece of kit that records and analyses your movements, your heart rate, your body temperature, and more. It’s even possible to track brain activity through earbuds. But by far the biggest part of this market is fitness trackers, and the runner high they produce could be followed by a major privacy headache.
A booming market – built on data
The sector has grown as if on steroids. Around a billion connected devices are now in use, with projections that the global market will be worth US$33,000 million by 2025 (triple its value in 2018). Competition is intense; the market that was formed by Fitbit has attracted, not just tech companies ranging from start-ups to tech giants, but also traditional watch and even fashion brands such as Fossil and Emporio Armani.
And the whole industry is based on data: the collection and analysis of very personal data. Users benefit from health insights drawn from detailed tracking of their activities and from pooled data analysis. To get the best out of their devices, this live data (including geolocation) is combined with manually uploaded personal details such as age and weight. This does generate very effective motivation, giving users a view of their fitness that is both well-rounded and fine-grained, allowing them to understand their health on a deeper level and perhaps even suggesting customized, evolving goals according to their progress.
No wonder they’re so popular. But when you put all those details together, you get a data treasure trove that could be even more valuable to third parties (from health insurers to hackers) than it is to the user.
Privacy concerns on the rise
The reaction to Google’s acquisition of Fitbit, announced in 2019 and concluded early last year, showed rising public awareness of the vulnerabilities created by all that data hoarding. Many Fitbit users reacted to the deal by switching to other devices, out of fears for their privacy. Although Google insists that Fitbit data will be kept siloed, consumers were understandably jittery at the thought of so much personal data being available to the company that has established its global dominance through increasingly intrusive online tracking and data collection.
The sheer volume of data collected, not just its personal nature, adds up to way too much detail on individual users and forms an attractive target for hackers. Hundreds of millions of users have already been exposed through breaches of the app MyFitnessPal and GetHealth (which consolidates data from Apple, Fitbit and others). As the sector continues to grow, so does the potential exposure.
In recent research, 86% of consumers surveyed reported “growing concern” over data collection; unsurprisingly, those who have personally experienced the effects of data theft – credit card fraud, social media account hacking and so on – have greater awareness, and many people have ruled out using a product or website because of privacy worries. Electronics and healthcare services are among the products most affected by this lack of trust, and concerns are greater among more educated and well-off – exactly the users of smartwatches.
Given that PwC research has identified data privacy as the number one factor in consumer and employee trust in businesses, establishing strong, verifiable protection of sensitive information is an urgent imperative.
Heavyweight security for health data
Integritee’s TEE-enabled platform offers an ideal solution. On our secure enclaves, data is untouchable. Consumers can enjoy the reassurance of knowing that their personal information will stay private, with public auditability. Neither the device manufacturer nor anyone else has access to personally identifiable data.
At the same time, trusted execution environments make it possible to process data without seeing it directly. It’s even possible for competitors to work together, pooling data for better analytics and better services, without giving away customer or business information. No participant has direct access to the underlying dataset, and all data can only be processed in pre-agreed ways. This offers a chance for smaller players in the healthtech sector to improve their offering and better compete with the market leaders.
With data privacy legislation, data theft and consumer privacy concerns all on the rise, businesses that handle sensitive information need to ensure the highest possible protection. Integritee’s robust, flexible technology offers top security by design while still allowing analytics, for the best products and services – and all with public auditability for complete reassurance. You could say it’s the fittest solution.