Apple Watch

Apple Watch

Apple
Bluetooth

Review date: Aug. 9, 2022

|
|

Mozilla says

|
People voted: Somewhat creepy

The Apple Watch still reigns supreme in the world of smart watches. You've got all your email, text, phone calls, music, podcasts, and more right there on your wrist (as long as you have an iPhone, of course). And it tracks lots of health data. There's heart rate, sleep tracking, steps, calories, blood oxygen levels, ECG, fall detection, and more. Apple has a pretty good track record of taking all this very personal data and keeping it safe, which we appreciate.

Update: In June 2022, after Roe vs Wade was overturned allowing US states to make access to abortion illegal, we took another look at the privacy and security of the Apple Watch as a device that can track menstrual cycle and reproductive health data. Our updated review is below. Overall, Apple does a pretty good job of protecting their users privacy and security and has a pretty good history as standing up to law enforcement requests for their users' data.

What could happen if something goes wrong?

Apple does a pretty good job with privacy and security as a company. They say they don't share your data for their own advertisement purposes and Apple takes special care to make sure your Siri requests aren't associated with you, which is great. Apple did face backlash in 2019 when it came to light their contractors were regularly listening in on confidential personal conversations when they were reviewing the voice assistant's recordings. Apple changed their policy so users weren't automatically opted-in to human voice review. Recently, Apple made another positive change for your Siri voice requests — many audio requests for things like setting timers or alarms or controlling music will no longer be sent over the internet to their servers, instead processing them directly on the device. This is better for your privacy.

This device does track a whole bunch of biometric data including your heart rate, blood oxygen levels, menstrual cycle, hearing, breathing, and your heart's electrical signals. That's a lot of personal information gathered in one place. A reminder, it’s always good to lock down the privacy on all this data as much as possible.

What is not good is what can happen with all this very personal health data if others aren't careful. A recent report showed that health data for over 61 million fitness tracker users, including both Fitbit and Apple, was exposed when a third party company that allowed users to sync their health data from their fitness trackers did not secure the data properly. Personal information such as names, birthdates, weight, height, gender, and geographical location for Apple and other fitness tracker users was left exposed because the company didn't password protect or encrypt their database. This is a great reminder that yes, while Apple might do a good job with their own security, anytime you sync or share that data with anyone else, it could be vulnerable. I don't know about you, but I don't need the world to know my weight and where I live. That’s really dang creepy.

Update, August 2022 following the overturn of Roe vs Wade protection reproductive health rights in the United States.
Apple does do a pretty good job with privacy, so that's good when it comes to using the Apple Health app for period and reproductive health tracking. And if users take the steps Apple recommends to protect this data, it should be fairly safe out there on the Cloud. Apple says, "
When your phone is locked with a passcode, Touch ID or Face ID, all of your health and fitness data in the Health app, other than your Medical ID, is encrypted. Any health data synced to iCloud is encrypted both in transit and on our servers. And if you have a recent version of watchOS and iOS with the default two-factor authentication and a passcode, your health and activity data will be stored in a way that’s unreadable to Apple." So lock those phones down, set up two-factor authentication, disable iCloud sharing of Apple Health data, and don't share any of those passcodes with anyone, ever.

And given Apple Health data can be synced with lots of third-party apps and companies, well, don't do that. The more you share this data, the more likely it can be that it will be vulnerable. Limit that sharing as much as you can!

Finally, Apple does have a pretty general statement about how they might share data with law enforcement in their privacy policy, which is kinda a bummer. They say, "We may also disclose information about you if we determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate. We may also disclose information about you where there is a lawful basis for doing so, if we determine that disclosure is reasonably necessary to enforce our terms and conditions or to protect our operations or users." Fortunately, Apple does have a pretty good track record at pushing back against law enforcement requests for data. However, they're still not perfect, as they recently gave up data to hackers who forged emergency data request legal documents.

So, while using an Apple Watch and Apple Health to track your period might be safer than other options, it's good to remember, it's still far from perfect and you should take all the precautions possible to protect your data and only share what you'd feel safe being on the internet.

Tips to protect yourself

  • Follow Apple's advice on how to secure Health data: https://support.apple.com/HT204351
  • Restrict the amount of personal information like heart rate data is shared by going to the Apple Watch app on your iPhone under Privacy > Health
  • Be very careful what third party companies you consent to share you health data with. If you do decided to share your health data with another company, read their privacy policy to see how they protect, secure, and share or sell your data.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images and videos)
  • Keep your app regularly updated
  • Limit ad tracking via your device (e.g. on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • If you no longer use your Apple Watch or give it to someone else, consider erasing your data. Open the Settings app on your Apple Watch. Go to General > Reset, tap Erase All Content and Settings, then enter your passcode.
mobile Privacy Security A.I.

Can it snoop on me? information

Camera

Device: No

App: Yes

Microphone

Device: Yes

App: Yes

Tracks location

Device: Yes

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

Apple says it does not share your data with third parties for commercial or marketing purposes. In June 2021, Apple announced that it will no longer send Siri requests to its servers, but instead will process them at the device level.

How the company says they may share data with law enforcement:

Apple may also disclose information about you if they determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.

How can you control your data?

Apple retains personal data only for so long as necessary to fulfill the purposes for which it was collected, including as described in their Privacy Policy or in their service-specific privacy notices, or as required by law. When assessing retention periods, Apple first carefully examine whether it is necessary to retain the personal data collected and, if retention is required, work to retain the personal data for the shortest possible period permissible under law.

You can erase all data from your Apple Watch. Open the Settings app on your Apple Watch. Go to General > Reset, tap Erase All Content and Settings, then enter your passcode.

What is the company’s known track record of protecting users’ data?

Average

There was a major data leak of 61 million fitness tracker data records, including Apple's Healthkit data, by the third party company GetHealth. In September 2021, a group of security researchers discovered GetHealth had an unsecured database containing over 61 million records related to wearable technology and fitness services. GetHealth accessed health data belonging to wearable device users around the world and leaked it in an non-password protected, unencrypted database. The list contained names, birthdates, weight, height, gender, and geographical location, as well as other medical data, such as blood pressure.

Child Privacy Information

"Apple understands the importance of safeguarding the personal data of children, which we consider to be an individual under the age of 13 or the equivalent age as specified by law in your jurisdiction. That is why Apple has implemented additional processes and protections to help keep children's personal data safe.

To access certain Apple services, a child must have a child Apple ID. A child Apple ID may be created by the parent or, in the case of a Managed Apple ID, by the child's educational institution."

Can this product be used offline?

Yes

User-friendly privacy information?

Yes

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Uses encryption in transit and at rest. After Apple recognizes the words “Hey Siri,” what you say is encrypted and sent anonymously to Apple servers without being tied to your Apple ID. Audio samples are only retained if you have opted-in.

Strong password

Yes

Security updates

Yes

Manages vulnerabilities

Yes

Apple has a bug bounty program, which means that anyone who finds a security issue and discloses it responsibly may get paid.

Privacy policy

Yes

Does the product use AI? information

Yes

Some of Apple's AI research can be found at https://machinelearning.apple.com/.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Apple states in its privacy policy, "Apple does not take any decisions involving the use of algorithms or profiling that significantly affect you." Apple employs machine learning in many different ways, from using it to to improve Siri to using it to sharpen the photos that you take.

Is the company transparent about how the AI works?

Yes

Does the user have control over the AI features?

Can’t Determine


News

Improving Siri’s privacy protections
Apple
At Apple, we believe privacy is a fundamental human right. We design our products to protect users’ personal data, and we are constantly working to strengthen those protections. This is true for our services as well. Our goal with Siri, the pioneering intelligent assistant, is to provide the best experience for our customers while vigilantly protecting their privacy.
Apple resumes human reviews of Siri audio
Associated Press
Apple Inc. is resuming the use of humans to review Siri commands and dictation with the latest iPhone software update. In August, Apple suspended the practice and apologized for the way it used people, rather than just machines, to review the audio.
Apple’s AI plan: a thousand small conveniences
The Verge
AI has become an integral part of every tech company’s pitch to consumers. Fail to hype up machine learning or neural networks when unveiling a new product, and you might as well be hawking hand-cranked calculators. This can lead to overpromising. But judging by its recent WWDC performance, Apple has adopted a smarter and quieter approach.
Apple apologises for allowing workers to listen to Siri recordings
The Guardian
Apple has apologised for allowing contractors to listen to voice recordings of Siri users in order to grade them. The company made the announcement after it completed a review of the grading programme, which had been triggered by a Guardian report revealing its existence. According to multiple former graders, accidental activations were regularly sent for review, having recorded confidential information, illegal acts, and even Siri users having sex.
Apple vs. Feds: Is iPhone Privacy a Basic Human Right?
Harvard Business School Working Knowledge
Apple CEO Tim Cook didn’t come to his post with an activist agenda, yet when law enforcement officials began pressuring the company to hand over iPhone users’ data without their permission, Cook took what he believed was a moral stance to protect consumers’ privacy. He knew taking this position would embroil the company in an ugly fight—one that risked alienating some shareholders—but he felt strongly that Apple should champion its customers’ basic human right to privacy.
How can US law enforcement agencies access your data? Let’s count the ways
The Guardian
It was revealed last week that hackers obtained the information of some Apple and Meta users by forging an emergency legal request, one of several mechanisms by which law enforcement agencies can request or demand that tech companies hand over data such as location and subscriber information.
How to ensure Apple Health cycle tracking data stays private
AppleInsider
Apple hosts a lot of sensitive information within its cycle tracking feature in the Health app. Data points like tracked menstruation cycles, pregnancy test results, and other personal data can be found in the cycle tracking section. This information is highly sensitive and shouldn't be shared freely with third parties without express permission.

Comments

Got a comment? Let us hear it.