Is your fitness tracker spying on you?

Fitness trackers pose a privacy risk to the millions of people using them, an international study has claimed.

A study by Open Effect, a nonprofit research group that focuses on digital privacy and security, and the University of Toronto recently found that fitness smart trackers can leak data via Bluetooth, even after they have been turned off.

Fitness trackers collect exercise and activity data as well as personal information. Trackers transmit data between the device and a related smartphone app or the internet. This data, according to researchers, can be leaked to outside parties.

The study, “Every Step You Fake”, put eight top-selling devices to the test, including the Apple Watch, Garmin Vivosmart, Jawbone Up 2 and Fitbit Charge HR.

Apart from the Apple Watch, the other seven devices studied have “unique identifiers” that third parties use to monitor the locations of these devices.

“Academic studies have showcased how persons who wear fitness trackers are often concerned about the amount of data that is collected by fitness wearable companies, the inaccessibility of the data once collected, and the ways in which it is processed, stored and shared,” the study said.

Danny Myburgh, MD of computer forensic laboratory Cyanre, said he did believe that the data stored on the devices was significant enough to pose a risk.

However, he said it was important to monitor these kinds of devices – especially when they become more sophisticated.

“Their capability to be exploited [by hackers] is very limited. At the moment they can track heart rate, steps, stairs, but they are going to expand from that. They will expand the same way as a cellphone, and they will become a hybrid device between what you see in the activity trackers and mobile phones. If we move into that then it becomes a problem,” said Myburgh.

Nikki Friedman, Fitbit South Africa’s marketing manager, said: ” We carefully design security measures for new products, monitor for new threats, and rapidly respond to issues. ”

Jawbone’s international spokesman, Patrick Henkel, said: “We fully respect the privacy of our users and are committed to protecting data and personal information.”

Original Article