Smart-exercise equipment and health tracking apps promise to make getting to your health goals and monitoring your gains easier. But at what cost?
If the fine print is any indication, the price could be your personal information – specifically your health data. A Consumer Reports investigation found popular exercise equipment like Peloton or Bowflex have privacy policies allowing them to track everything from your reproductive health to how you smell.
Catherine Roberts, a health science journalist at Consumer Reports, spoke with Texas Standard about the potential future uses for this info that companies could find profitable.
This transcript has been edited lightly for clarity:
Texas Standard: You tell me Peloton is measuring my smell when I get on the bike?What on earth is going on here? It’s freaking me out.
Catherine Roberts: Yeah, so the smell thing was actually only with the Bowflex privacy policy. And I’ll say that it’s not clear, you know, whether they’re actually collecting anything related to smell.
They’re just reserving the right to.
They’re just reserving the right to. And it’s really indicative of kind of the way that these policies are written, which is the big finding in our investigation: that these privacy policies are written really, really broadly.
The companies giving themselves permission to collect all kinds of data on you, whether or not they have a way to collect it or really a use case, you know, a way to use it. And then also granting themselves like, very broad ability to share and use the data kind of however they want.
So that’s kind of the main thing we found. And the smell thing is very indicative of that.
» MORE FROM CONSUMER REPORTS: Why Red Dye No. 3 has been banned in food
Very unsettling, too. But at the same time, I think the fact is a lot of us just sort of scroll past the permissions and then we hit accept – perhaps because a lot of us wonder, what can they do with my smell data? What could they do with, say, my heart rate even?
I mean, are there places out there that really want to know this stuff? What’s the application?
They don’t tell you explicitly, very specifically what kinds of things they might do. But you can imagine – you know, your heart rate on its own is is not a super useful data point, but in combination with a lot of other types of either health-related data or other kinds of habit-related data, you can really start to get a picture of somebody’s overall health and habits, and that can be used in a number of ways.
A lot of it is probably things like targeted advertising, which we’re all familiar with. Which, you know, that’s annoying; it may not feel like a super big deal. But the other thing that we’re worried about is that this kind of data could end up in the hands, eventually, of companies like insurance companies.
So probably not health insurance companies, but maybe things like life insurance companies or long-term care insurance. These are kind of the things that we worry about. We don’t have any proof that that’s happening right now, but this is one of the possibilities that makes our privacy experts concerned about seeing privacy policies like this.
Well, now, this isn’t health data, but I remember hearing stories of people discovering data trackers that had been put into their cars without their permission by some auto service places, which had been paid by these companies to place trackers into vehicles, which is obviously a direct connection with insurers.
Do you sense that this data could be used by health insurers or other insurance providers to raise rates on people without our knowledge? I mean, is that a thing, or are there not laws that would inhibit or prohibit that?
Well, health insurance companies are a little bit more regulated in this case by the Affordable Care Act. It would be harder, I think, legally for a health insurance company to do that.
But other types of insurance – like I said, life insurance, disability insurance, long term care insurance – this kind of information is certainly valuable to those types of companies. So again, we don’t have any proof from this investigation that that is happening. But it is definitely in high demand by those kinds of companies.
» GET MORE NEWS FROM AROUND THE STATE: Sign up for Texas Standard’s weekly newsletters
And of course, this is not to even talk about the fact that a lot of this information could wind up in a subpoenaed document or something along those lines. Law enforcement and government bodies could perhaps access this data. And you think about concerns about reproductive health, for example.
That’s right. I mean, I think what we’ve seen in kind of the concerns about reproductive health is people getting caught for having an abortion in a state where that’s illegal.
A lot of times it’s not someone going into their private data from an app like this. That’s not really what’s happening as we’ve seen – but it’s certainly not out of the realm of possibility, either. And I think the farther we go down this road, the more of that kind of thing could be a possibility.
Are there options to opt out of this, or does this just come as the price for using the app and the equipment? I mean, is this the only option, or should folks be thinking about going back to, say, the non-high tech stationary bike?
Well, there certainly are exercise equipment options out there that generally don’t connect with any of these apps.
I will say it’s more and more common for treadmills and bikes and things to be designed to work with an app like this, but you certainly can find models that don’t kind of do this kind of thing. Or if they do, you have the option to just not connect with an app. So there’s certainly options for that.
