Fitbit Versa 3
Wearables Fitness Trackers

Fitbit Versa 3

Google
Bluetooth

Review date: Nov. 8, 2021

|
Mozilla researched 6 hours
|

Mozilla says

|
People voted: Somewhat creepy

It's a watch! It's a sleep tracker! It's a heart rate monitor! It's a swim/workout/meditation coach. It's a motivational, inspirational, health pal. It's almost everything but a kitchen sink. It will notify, buzz, and ding to get you off your butt and out doing stuff. It's got Alexa built-in (because, what doesn't have Alexa built-in these days), and comes with a variety of bands to help you look good at the gym or at the office. Here's to tracking everything about your life with ease.

What could happen if something goes wrong?

As of January 14, 2021, Google officially became the owner of Fitbit. That worried many privacy conscious users. However, Google promised that “Fitbit users’ health and wellness data won't be used for Google ads and this data will be kept separate from other Google ad data” as part of the deal with global regulators when they bought Fitbit. This is good.

And Fitbit seems to do an OK job with privacy and security. It de-identifies the data it collects so it's (hopefully) not personally identifiable. We say hopefully because, depending on the kind of data, it’s been found to be pretty easy to de-anonymize these data sets and track down an individual’s patterns, especially with location data. So, be aware with Fitbit--or any fitness tracker--you are strapping on a device that tracks your location, heart rate, sleep patterns, and more. That's a lot of personal information gathered in one place.

What is not good is what can happen with all this very personal health data if others aren't careful. A recent report showed that health data for over 61 million fitness tracker users, including both Fitbit and Apple, was exposed when a third party company that allowed users to sync their health data from their fitness trackers did not secure the data properly. Personal information such as names, birthdates, weight, height, gender, and geographical location for Fitbit and other fitness tracker users was left exposed because the company didn't password protect or encrypt their database. This is a great reminder that yes, while Fitbit might do a good job with their own security, anytime you sync or share that data with anyone else, it could be vulnerable. And Fitbit partners with many third parties such as employers and insurance companies. I don’t know about you, but I don’t need the world to know my weight and where I live. That’s really dang creepy.

Tips to protect yourself

  • Follow Fitbit's advice to keep your stats private
  • Be very careful what third party companies you consent to share you health data with. If you do decided to share your health data with another company, read their privacy policy to see how they protect, secure, and share or sell your data.
  • Stop sharing friends' lists: Under “Friends” on your profile page, select Privacy Setting and then Private.
  • mobile

Can it snoop on me? information

Camera

Device: No

App: Yes

Microphone

Device: No

App: Yes

Tracks location

Device: Yes

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

Fitbit says that they transfer information to their corporate affiliates, service providers, and other partners who "process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures." You may also give consent for Fitbit to share your information in other ways, for example, when you give a third party access to your account, or give your employer or insurance company access to information when you choose to participate in a wellness program. Remember when you do that, their use of your information will be governed by their privacy policies and terms.

How can you control your data?

You can choose not to sync the device with the app. Fitbit keeps your account information, like your name, email address, and password, for as long as your account is in existence. Fitbit keeps your exercise or activity data, until you use your account settings or tools to delete the data or your account. Fitbit also keeps information about you and your use of the Services for as long as necessary for their legitimate business interests, legal reasons, etc. So, there is no clear and final way to delete your data. No retention details are stated either.

What is the company’s known track record of protecting users’ data?

Average

Unfortunately, Fitbit's security measures did not prevent the major data leak of 61 million fitness tracker data records, including Fitbit user data, by the third party company GetHealth. In September 2021, a group of security researchers discovered GetHealth had an unsecured database containing over 61 million records related to wearable technology and fitness services. GetHealth accessed health data belonging to wearable device users around the world and leaked it in an non-password protected, unencrypted database. The list contained names, birthdates, weight, height, gender, and geographical location, as well as other medical data, such as blood pressure.

Can this product be used offline?

Yes

User-friendly privacy information?

Yes

Despite being acquired by Google, Fitbit keeps its own privacy policy, written it relatively simple language.

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Strong password

Yes

To create a Fitbit account, users are required to provide strong, complex, passwords during onboarding.

Security updates

Yes

Manages vulnerabilities

Yes

Privacy policy

Yes

Does the product use AI? information

Can’t Determine

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

Can’t Determine

*privacy not included

Dive Deeper

  • Google Now Owns Fitbit: What It Means For Your Fitness Data Privacy
    Forbes
  • 61M Fitbit, Apple Users Had Data Exposed in Wearable Device Data Breach
    Health IT Security
  • Google closes $2.1B acquisition of Fitbit as Justice Department probe continues
    Fierce Healthcare
  • Here's what your Fitbit knows about you
    Avast
  • Fitbit Joins Google
    Fitbit
  • We read your wearable tech's privacy policy so you don't have to
    Wareable
  • How to Lock Down Your Health and Fitness Data
    David Nield

Comments

Got a comment? Let us hear it.