A new study out of Canada says the odds are that your wearable tech device (like a Fitbit) is leaking personal data in unexpected places.
Eight popular wearable devices were tested by Citizen Lab and the Munk School of Global Affairs: Apple Watch; Basis Peak; Fitbit Charge HR; Garmin Vivosmart; Jawbone Up 2; Mio Fuse; Withings Pulse O2; and Xiaomi Mi Band. The results of the study were and published by the Canadian nonprofit organization Open Effect and under the title “Every Step You Fake: A Comparative Analysis of Fitness Tracker Privacy and Security.”
Wearables use unique Bluetooth identifiers – ‘MAC’ addresseses – that allow them to be picked up by nearby Bluetooth beacons, like your phone. An (un)welcome side effect? Bluetooth beacons can and are also being used in stores to profile shoppers, who then get more offers theoretically tailored to them. (Think: those push notifications about a special deal on milk that popup on Target’s Cartwheel as you walk by the grocery section of the store.) The researchers found that out of the eight devices, only the Apple Watch capitalized on Bluetooth LE (low energy) technology to generate random MAC addresses and thwart location tracking.
In fairness’ sake, the devices themselves only gave up location information. But the apps accompanying the device? That’s a different story.
Login credential interception and tampering with the signal are both possible during the transmission between the wearable, its smartphone/app, and the device manufacturer’s servers.
In the exact words of the researchers:
In the course of our technical investigations into transmission security, data integrity, and Bluetooth privacy, we discovered several issues that confirm concerns about the potential uses of fitness tracking data beyond the typical case of a user monitoring their own personal wellness.
This potential security danger is on the radar of legislators in the United States, as well. Senator Chuck Schumer (D-New York) called for federal protections to guard consumers from a “privacy nightmare” that could be created by wearable fitness trackers.
On the other side of the “wearable-beacon” coin, there’s already been a landmark case in the U.S. in which Fitbit-transmitted information was used for good. Police can ask for a warrant to examine your fitness tracker, just as they can for your car, computer, cell or smartphone – and tracking steps and location was enough to change the outcome of this case: A Florida woman who traveled to Pennsylvania and claimed she was sexually assaulted after being pulled out of bed is currently on probation, charged with making a false report after police reviewed data from her Fitbit which revealed that she was awake and active during the time she claimed the attack occurred.
Lancaster County District Attorney Craig Stedman said, “The Fitbit made all the difference.”
We know that data is vital, and everyone wants more data they can use. Businesses may want to keep tabs on their “health” by tracking steps towards goals, homing in on where they’re at and where they’re going, and to go back and look over the map when they don’t seem to be where they think they should.
But security of that data must be top of mind as well. 5i Solutions Inc. can help you with both.
We can help you keep track of your data, allowing you to make better decisions for your business. All the while, the 5i Cloud Vault offers encryption, network security, key management, custom-built identity verification and access control. Our data storage and transmission solutions provide 24/7/365 access with complete security yet allow you to interact with your important information whenever you want. We match the monitoring with the milestones, and keep that data out of the hands of those who may not be so concerned for your business’s health.
5i Solutions tailors cutting-edge intelligent business technology solutions to your specific business model. Solutions to convert paper to digital ‘smart data’ so you can easily access and use it. Document Management systems for instant access to any document, or any piece of any document, with easy search parameters. Even systems that help legal teams prepare their cases in a more intelligent matter.
5i Solutions. Innovative Ideas for Intelligent Interaction with Information.
5i Solutions. One single, secure point of intake, access, and storage. One singular solution.
5i Solutions, Inc.
Learn more at http://5iSolutionsInc.com