Fitness trackers and smartwatches are collecting some of the most intimate data that exists: your heart rate, sleep patterns, menstrual cycles, stress levels, and precise location around the clock. Here's where that data goes and why it matters.
What Fitness Trackers Actually Collect
A modern fitness tracker or smartwatch records: your heart rate continuously throughout the day and night, your GPS location during any outdoor activity, your sleep stages and duration, your activity levels and step count, blood oxygen levels, stress indicators via heart rate variability, and in some devices, menstrual cycle tracking data.
This is a medical-grade profile of your physical health, behavior, and location. And unlike medical records, it's not protected by HIPAA — because the companies collecting it aren't healthcare providers.
Where the Data Goes
Fitbit — now owned by Google — shares data with Google's advertising systems. The acquisition specifically raised concerns because Google could combine detailed health and location data from Fitbit with its existing advertising profile. Users must opt out of having data used for advertising, and the opt-out must be done manually.
Strava, the fitness tracking app popular with runners and cyclists, had a significant privacy incident in 2018 when its global heatmap (showing aggregated activity data) revealed the layouts of secret military bases and the patrol routes of soldiers and intelligence officers who used the app while on duty.
Health Insurance and Employer Concerns
While HIPAA prevents traditional health insurers from using medical records against you without consent, fitness tracker data isn't covered. Some employers offer premium discounts for sharing fitness data — the trade-off being that your employer's health insurer gains access to your physical activity and health metrics.
The long-term concern: as health insurers seek more data to refine actuarial models, fitness tracker data is a potential future input into pricing. This is already happening with life insurance through programs like John Hancock's Vitality, which offers discounts in exchange for fitness tracker data sharing.
What to Do
Review your fitness app's privacy settings. In Fitbit/Google Fit, navigate to your account and disable advertising data sharing and research data sharing if you haven't already.
Don't connect fitness apps to social media. Sharing runs and workouts reveals your location and daily patterns.
Use airplane mode during sensitive activities. If you don't want a specific location tracked, enable airplane mode on your device.
Consider whether cloud sync is necessary. Many fitness trackers allow local-only sync, storing your data on your device rather than sending it to company servers.