Senator wants FTC rules on data selling by wearable device companies

A U.S. senator is calling on the Federal Trade Commission to shore up data privacy regulations regarding mobile health and fitness devices, claiming device makers are sharing data without consumer permission or awareness.

Charles Schumer (D-N.Y.) said the scenario is a "privacy nightmare" as fitness tracker and healthcare device makers could be selling data to third parties, and cited Fitbit specifically in an announcement Sunday night, according to a Business Insider report. Schumer stated the data shared could be sold to insurance companies, mortgage lenders and even employers.

"Personal fitness bracelets and the data they collect on your health, sleep and location should be just that--personal," Schumer said. "The fact that private health data--rich enough to identify the user's gait--is being gathered by applications like Fitbit and can then be sold to third-parties without the user's consent is a true privacy nightmare." 

Fitbit, which has been making fitness and activity trackers for nearly seven years, denied the claim and told Business Insider it would like to "work with" Schumer.

"Our privacy policy prevents us [data selling] from doing this," a spokesperson said.

Schumer, according to Business Insider, wants the FTC to mandate that companies notify consumers if data could be sold and allow an opt-out feature.

As FierceMobileHealthcare reported in May, an FTC study reported mobile health and fitness application are sharing user data with third-party vendors, including device use and personal fitness information. The study focused on data sharing in relation to 12 mobile apps, and it was determined that data was being shared with 76 third-party vendors. Eighteen of the 76 apps were collecting specific device data, such as a phone's unique device identifier, its media access control address and its international mobile station equipment identity.

Late last month, FTC Commissioner Julie Brill stated that she supports new laws for boosting healthcare data privacy and protection measures, but that the FTC is not mulling any new regulations on mobile health and fitness applications. "We don't know where that information ultimately goes," Brill said. "It makes consumers uncomfortable."

Clearly, it's also making Schumer uncomfortable.

"The FTC should require fitness devices and app companies to adopt new privacy measures that will help conceal the identity of individuals and develop policies to protect consumer information in the event of a security breach," Schumer told Business Insider.

For more information:
- read the Business Insider article