Amazon Halo Band

Warning: *privacy not included with this product

Amazon Halo Band

Amazon
Bluetooth

Review date: Nov. 8, 2021

|
|

Mozilla says

|
People voted: Super creepy

Amazon's Halo fitness band--there's no display, it's just a fitness tracking band packed full of sensors and microphones--tracks the usual: steps, heart rate, sleep, calories, and more. The Halo's microphones listen to you and use machine learning to measure the tone, energy, and positivity of your voice to "help strengthen communication." Not gonna lie, Amazon tone policing you (sorry, "tone of voice analysis" is how they frame it) sounds a little creepy. But that's not even the creepiest part! Amazon also asks you to take pictures of yourself in your underwear so it can measure and track your body fat. Yeah, no thanks. Giving Amazon a picture of yourself in your underwear sounds like a truly terrible idea, even if they claim it will automatically be deleted from the cloud after it is processed. It's nice they put a little note on the product page talking about how seriously they take your privacy. With everything this device collects, we sure hope that's true. This fitness tracker also requires a $4 a month subscription to access all features.

What could happen if something goes wrong?

Last year when Amazon came out with the Halo Band, we were like, Amazon, you've done it. You've taken creepy to a whole new level. We gave the Halo Band our *Privacy Not Included warning label because we felt just because you can, doesn't mean you should potentially collect all that data, do tone of voice analysis, and ask for pictures of people in their underwear be uploaded to Amazon. The problem isn't that all the data this device collects will be kept insecurely, Amazon generally does a good job securing your data. The problem is what Amazon could potentially use all this data for. While Amazon states that it currently does not use Halo health data for marketing, product recommendations, or advertising, the Halo is still collecting a lot of personal body-related information about you—including potentially listening to what you say and measuring your tone. What can give you insights into your health, could also potentially give others information about things like your emotional state while you are looking at something, how attracted you are to someone, or even if you've been drinking. That level of personal information is not something we want Amazon—or any other tech company—potentially knowing.

And we weren't alone in our concerns. Others raised them as well. One journalist even asked Amazon if they would consider an independent privacy audit of the Halo Band. They did not take him up on the offer. Shoot, this fitness tracker even scared some members of the US Congress enough to address it. And so this year, because we haven't seen much change, we’ve stuck to our decision to keep the *Privacy Not Included warning label on this product.

And Amazon proudly states they are not in the business of selling your personal information to others, which is good. However, a good question to ask is, why would Amazon need to sell your data when they have their own advertising and retail juggernaut to use your data to sell you more stuff? Because Amazon is in the business of selling you more stuff. This means Amazon collects a whole lot of data on you -- records of your TV viewing habits, shopping habits, Alexa search requests, the music you stream, the podcasts you listen to, when you turn your lights on and off, when you lock your doors, and on and on and on.

What’s the worst that could happen? Well, you could turn on Amazon Halo’s tone policing features and they could listen to you all day long and determine that if you’re a man, your tone was “opinionated” and if you’re a woman your tone was “dismissive” or “condescending” and you could believe that and as a woman, think you should speak up less and as a man think you should speak up more, and hey, that is not at all what the world needs right now.

Tips to protect yourself

  • During set-up of your device, you can choose to protect your Halo health data by verifying a One-Time Passcode via your mobile telephone number or email address.
  • Be aware of sharing data with third parties! With third parties, different privacy policies (if there any) apply. You can stop sharing data with a third party at any time by delinking their account directly from the Halo app.
  • If you choose to share personally identifiable Halo health data with select third party content providers via Settings in the Halo app, the customer will receive a clear and explicit notice before sharing. Before they link, Amazon will surface screens to them in the app where they can review the categories of data that will be shared with the third party and review information from the third party regarding ways they might use their data.
mobile Privacy warning Security A.I.

Can it snoop on me? information

Camera

Device: No

App: No

Microphone

Device: Yes

App: Yes

Tracks location

Device: No

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

Amazon says they do not use Amazon Halo health data for marketing, product recommendations, or advertising. Amazon does not sell customers’ Amazon Halo health data. This still leaves too many open questions for us on how the body- and voice-related data can be used by Amazon to feel comfortable.

Amazon says all speech samples collected for Tone are processed locally on the customer’s smartphone. Samples used to assess Tone are never sent to the cloud. No one—including the customer—ever hears them. By storing and processing speech samples locally, the data is always within the customer’s control. Speech samples are automatically deleted after processing and are never used to train machine learning models.

Amazon says body scan images are processed in the secure Amazon cloud. They are encrypted in transit and processed within seconds, after which they are automatically deleted from Amazon’s systems and databases. All scan images are fully deleted within 12 hours. Amazon says the scan images are not viewed by anyone at Amazon and are not used for machine learning optimizations.

When asked whether Amazon would consent to an independent privacy audit of this device, Amazon seemed to refuse.

How can you control your data?

Customers can delete all of their retained Body, Tone, and/or Movement Health data. Body data deletion includes historical data on their body fat percentage, scan images, and associated scan image assets (i.e., 3D body model and texture maps generated from the scan which are used to personalize the 3D body model). Tone data deletion includes voice profile, Tone analysis results, and any speech samples currently stored on the customer’s smartphone. Movement Health data deletion includes all scores generated from movement assessments and personalized movement programs.

Customers can download all the Halo health data associated with their profile and review it on their own terms. Deleting this data is a permanent action and it cannot be recovered after it’s been deleted.

What is the company’s known track record of protecting users’ data?

Needs Improvement

In August 2020, security researchers from Check Point pointed out a flaw in Amazon's Alexa smart home devices that could have allowed hackers access to personal information and conversation history. Amazon promptly fixed the bug.

In October 2020, Amazon fired an employee for leaking customer email addresses to an unnamed third party.

In October 2019, Forbes reported that Amazon employees were listening to Amazon Cloud Cam recording, to train its AI algorythm.

In April 2019, it was revealed that thousands of employees, many of whom are contract workers and some not even directly employed by Amazon, had access to both voice and text transcripts of Alexa interactions.

In 2018, Amazon's Echo Dot device recorded private conversation and sent it to random contact. The recording consisted of 1,700 audio files.

Can this product be used offline?

Yes

User-friendly privacy information?

Yes

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

All Amazon Halo health data is encrypted in transit, including going to and from the cloud or between the customers’ Halo Band and the Halo app on their phone. Amazon Halo health data is also encrypted while being stored securely in the Amazon cloud. In addition, Amazon Halo health data is stored securely on the customer’s smartphone, including using available full disc encryption and any other protections provided by their phone’s manufacturer. You can learn more about Amazon Halo privacy features here. Additionally, the published privacy white paper on Amazon Halo (link available on the Amazon Halo privacy page) provides additional technical details about privacy and security for Amazon Halo.

Strong password

Not Applicable

Security updates

Yes

Manages vulnerabilities

Yes

Amazon has abug bounty program, which means that anyone who finds a security issue and discloses it responsibly may get paid. Security researchers can report a vulnerability here.

Privacy policy

Yes

Does the product use AI? information

Yes

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

The feature of the Amazon Halo is AI-powered health to track your wellness (body fat, activity levels, sleep, and tone of voice/emotions.) The AI will also rate your tone for “positivity” and “energy.” The model associates those emotional ratings with vocal qualities like pitch, intensity, tempo, and rhythm.

Questions have been raised raised about bias in Amazon Halo algorithms.

Is the company transparent about how the AI works?

Yes

Does the user have control over the AI features?

Yes


News

Amazon’s Halo tests the limits of personal privacy, and offers a glimpse of the future of health
Geek Wire
“You had three phrases that sounded annoyed, irritated or disgusted,” the app reported one recent evening, recapping my daily interactions. Not only that, but I had “one phrase that sounded stubborn or condescending.”
Senator Klobuchar, spooked by Amazon Halo, asks for new health-tracker privacy protections
Washington Post
Sen. Amy Klobuchar wants the federal government to provide more consumer privacy protection in response to a new wearable health device from tech giant Amazon.
Amazon Halo Band review: Creepy yet unobtrusive and useful for quantified self health data junkies
Larry Dignan
Amazon Halo Band is a fitness, mood, and wellness tracker that can be a bit creepy but may find its own niche with its unique spin on wearables and enterprise corporate wellness programs. I've been taking the Halo for a spin for the last three days and have now entered the obsessive quantified self disorder zone. I'm wearing my usual Garmin Fenix 6 on the left hand and Halo Band on the right.
Amazon Halo review: Affordable but questionable fitness band
Digital Trends
Amazon has made its first moves into the wearable market with its Halo fitness tracker. Much like its Echo and Alexa devices, the Amazon Halo is designed to blend into the background while it seamlessly tracks your health and fitness.
Following Privacy Concerns Surrounding Amazon Halo, Klobuchar Urges Administration to Take Action to Protect Personal Health Data
Sen. Amy Klobuchar
Recent reports have raised concerns with the Amazon health tracking bracelet collecting an unprecedented level of personal data, including body scans and voice tone.

Comments

Got a comment? Let us hear it.