Are health apps doing more bad than good?
Health and fitness apps are spawning both privacy and security concerns
For corporate India, currently the health issues are surmounting, with obesity alone occupying almost one-fourth of the pie or 23 percent as reported by ASSOCHAM. At the same time, consumers are taking efforts to lead a healthier lifestyle with about 80 per cent Indians showing interest in buying wearable devices such as health and fitness monitors.
Wearable technology has become prominent, more so in healthcare with wearable devices not only offering the promise of making consumers healthier, but also providing a basis for lowering healthcare costs. These wearable devices have provided users with better insights into their habits and daily patterns helping them make better life choices.
The phenomena of recording everything about one’s life is called the ‘Quantified Self’. With the ‘Quantified Self’ movement entering a golden age, consumers are using devices to monitor their health and fitness stats via smartphone applications that track daily movement and calories burnt versus intake, or devices that track steps and monitor metrics such as body temperature, stress and even sleep quality.
But as with most Internet-connected devices, the growing proliferation of wearables has spawned both privacy and security concerns.
Symantec examined some of the most popular fitness apps and devices available and some of the key highlights points us to the potential privacy risks of tracking devices. Here are a few highlights that consumers and businesses alike need to know about self-tracking:
- All hardware-based devices examined were found to be 100 per cent trackable. And one in five tracking apps transmits user-generated data (names, email address and passwords) without encryption.
- The information collected on self-tracking devices could have massive privacy and security implications – including identity theft, profiling, stalking, extortion and corporate use/misuse
- Devices that store information in the cloud were found to put users’ privacy most at risk. Additionally, nearly half of tracking apps (52 per cent) examined did not make privacy policies available to users.
- Tracking apps transmit data to an average of five different domains – with some contacting as many as 14 – which frequently gather and analyze behavior for marketing purposes
- Even Non-Internet connected fitness devices such as sports wristbands are traceable since many of them use the Bluetooth Low Energy (BTLE)
What can you do about this?
At first glance, self-tracking and privacy may appear to be strange bedfellows. How can recording lots of data about yourself and maintaining privacy even be possible? Considering the security and privacy issues that we have seen, the obvious conclusion is, if you value your privacy, the best thing is to not do any self-tracking at all!
Despite potential risks to security and privacy, the quantified self-movement continues to experience rapid growth and is expected to keep growing for some years to come. To ensure that users can continue to enjoy this activity in safety, we recommend that they take some basic security precautions to help guard against the risk of exposing their personal and self-tracking information.
- Use a screen lock or password to prevent unauthorized access to your device
- Do not reuse the same user name and password between different sites
- Use strong passwords
- Turn off Bluetooth when not required
- Be wary of sites and services asking for unnecessary or excessive information
- Be careful when using social sharing features
- Avoid sharing location details on social media
- Avoid apps and services that do not prominently display a privacy policy
- Read and understand the privacy policy of app and services
- Install app and operating system updates when available
- Use a device-based security solution if available
- Use full device encryption if available