ResearchApp Privacy and Controls

Every Step You Fake Final Report released

Citizen Lab research partner Open Effect today announced the release of the full report detailing our year-long research collaboration into the privacy and security of wearable fitness tracking devices.

The dedicated report webpage includes links to an interactive tool that lets people compare and contrast fitness tracking services, a customization of the Access My Info tool to let consumers create legal requests for their personal data from fitness trackers, and several supplementary resources.

Key Findings

  • All studied fitness trackers except the Apple Watch were vulnerable to Bluetooth MAC address surveillance
  • Garmin, Withings, and Bellabeat applications failed to use transit-level security for one or more data transmissions, leaving user data exposed.
  • The Jawbone UP application routinely sent out the user’s precise geolocation for reasons not made obvious to the user.
  • Fitness tracking companies gave themselves broad rights to utilize — and in some cases, sell — consumer’s fitness data
  • Data collected by fitness tracking companies did not necessarily match with what can be obtained through an access request.

Visit the website.

Media Mentions

CBC News, CTV News, San Francisco Chronicle, Toronto Star, Consumer Affairs, PC Magazine, Fox News Channel 8, Digital Trends, Engadget, Financial Post, Tech Times, Daily Mail

Unless otherwise noted this site and its contents are licensed under a Creative Commons Attribution 2.5 Canada license.

Munk School of Global Affairs & Public Policy | University of Toronto