Money & Business

CEA Issues New Privacy Guidelines For Wellness Devices

By / Nov 3, 2015 Jawbone's UP24 fitness tracker, an example of the kind of device CEA is looking to regulate. (iStock Editorial/Thinkstock)

As more and more people use wearable devices to monitor their health and fitness goals, the Consumer Electronics Association wants to make sure user data is protected via a new set of privacy guidelines.

The uptick in the use of wearable devices, including fitness and wellness trackers, means companies are collecting lots of new data, and the Consumer Electronics Association wants to make sure consumers are protected.

Last week the group released a new set of privacy guidelines [PDF] aimed at companies that handle personal wellness data. The principles, which are voluntary, recommend that companies provide robust security measures, as well as clear, concise, and transparent information on the use of data collection, storing, and sharing, especially when transferring data to unaffiliated third parties. The guidelines also suggest:

  • giving consumers the ability to control and review their personal wellness data
  • offering the choice to opt out of advertising
  • disclosing protocol for law enforcement requests

“Wellness-related wearable devices are among the fastest-growing sectors of the Internet of Things (IoT),” CEA President and CEO Gary Shapiro said in a statement. “More consumers than ever are now harnessing personal data—calories consumed, daily steps taken, and heart rate measurements. … These benefits rely heavily on wellness data, and the guiding principles demonstrate that wellness technology companies understand they must be trusted stewards of that consumer data.”

Roughly 20 percent of Americans use a wearable device, according to a recent Forrester survey, which also found that Fitbit fitness trackers were the most popular wearable devices. Experts are quick to point out the security liabilities in these types of devices, especially less expensive ones.

“The challenge with some of the IoT watches is that if you’re paying $500 for a watch the manufacturer can afford to include it, but if you’re buying a pulse or an activity tracker it does not include it, most likely,” John Dixon, director of marketing for Freescale Semiconductor, told Tech Republic. “You’re counting on the vendors … having security measures in place.”

Shapiro noted that the more than 2,000 companies that make up CEA’s membership were in agreement about the new privacy guidelines.

“The industry itself created and approved these guiding principles, recognizing that we need to evolve with common purpose to build and maintain consumers’ trust,” Shapiro said. “Consensus solutions are the most efficient and effective way to promote innovation, while recognizing the needs of consumers.”

Katie Bascuas

Katie Bascuas is associate editor of Associations Now. More »

Comments