Stressed out? Overwhelmed? Neck in knots? Stomach a mess? Garmin's fitness trackers have you covered. They do all the usual fitness tracking stuff like activity, heart rate, sleep monitoring and more. They also track the time interval between each heartbeat and use that to figure out how stressed you are. If you get too stressed, they will vibrate and remind you to take a moment to breath. Deep breath everyone, this sounds like just what we need these days.
Update: In June 2022, after Roe vs Wade was overturned allowing US states to make access to abortion illegal, we took another look at the privacy and security of the Garmin Watch as a device that can track menstrual cycle and reproductive health data. Our updated review is below. Overall, Garmin does a pretty good job of protecting their users privacy and security and has a pretty good history as standing up to law enforcement requests for their users' data.
What could happen if something goes wrong?
Here’s what this privacy researcher likes about Garmin. Yes, they do collect a good bit of personal information through the device and on the Garmin Connect app because that’s what a fitness tracking smartwatch does. They collect data like email address, device information, location, and all that body related data like physical activity, stress, sleep patterns, heat rate, pulse ox, and more. The good thing is, yes, they collect it, but they also seem to protect it.
Garmin also seems to do a pretty good job securing the personal information they collect. However, they did suffer that very public ransomware attack in 2020. Ransomware attacks suck and it seems no company is safe from them these days. Good news though, no user data was actually compromised in that attack, so, once more, good work Garmin.
Is your intrepid privacy researcher happy with her decision to get a Garmin fitness tracker? Yes, she is. Although it does make her a little nervous that she now leaves her phone's Bluetooth on all the time. But hey, knowing that body battery score is really cool! What’s the worst that could happen with your fun Garmin fitness tracking smartwatch? Well, hopefully nothing, but do beware if you link your data to other third party apps like Strava and MyFitnessPal. Those apps come with their own privacy policies and every time you share your personal information with someone else you increase the vulnerability of that personal information.
Update, August 2022 following the overturn of Roe vs Wade protection reproductive health rights in the United States.
Garmin's wearables and the app they use, Garmin Connect, can be used for period and pregnancy tracking. Still, even though Garmin does collect a lot of very personal information, they do a pretty good job with privacy and security. However, if you share your Garmin Connect app data with another third-party such as MyFitnessPal or Strava, all that very personal data you share is not under the privacy policies of those third-parties, which might not be as good as Garmin's policies. So be very careful who you share your Garmin data with. Better yet, don't share it with anyone. And remember to password protect and lock down your phone so people can't access your period or pregnancy data there either.
Does this privacy researcher still use her Garmin fitness tracker? Yes. Does this privacy researcher use it to track her period? Yes. Is she worried that personal information could leak or be shared in a way she doesn't want. Also, yes. But not worried enough to stop using the device, because Garmin does do a pretty good job with privacy and security. And this privacy researcher understands nothing is perfect and we all have to determine our own risks versus reward. Now, if this privacy researcher lived in a state where abortion had recently been made illegal, she'd probably have a different take on matters. This is the sort of evaluation we all have to do right now, as nothing is 100% safe.
Tips to protect yourself
- Be very careful who you choose to share your Garmin wellness data with.
- Adjust your privacy settings in the Garmin Connect app to suit your comfort level.
- Don't connect your Garmin app to any social networks like Facebook, WeChat, etc.
- When you no longer use the app, go to "Delete account" in the app menu
- Turn off precise location sharing!
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc.
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images and videos)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
What can be used to sign up?
WeChat, QQ, or Apple log-ins available
What data does the company collect?
Name, email address, gender (optional), age (optional), date of birth (optional), photos (optional)
"Activity data, such as menstrual cycle information, steps, distance, pace, activity time, calories burned, heart rate, sleep, location, golf stats, etc."
You can add friends to see their activity data
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
They did suffer that very public ransomware attack in 2020. No user data was compromised during this attack.
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
Garmin has an easy to find list of all privacy policies. The privacy policies are relatively simple to read.
Links to privacy information
Does this product meet our Minimum Security Standards?
Garmin devices and apps use a combination of asymmetric and symmetric encryption appropriate to the nature and function of the product, and data stored/transmitted.
In order to use companion apps, an account with a strong password is required.
Garmin use Machine Learning (ML) to provide personalized insights to customers who wish to receive them as they pursue their fitness and wellness goals.
Is this AI untrustworthy?
What kind of decisions does the AI make about you or for you?
Is the company transparent about how the AI works?
Does the user have control over the AI features?
Got a comment? Let us hear it.