Whoop Strap 4
With the Whoop Strap 4 (that's fun to say three times real fast) you don't buy a device, you join a membership. The device comes with the membership. For $30 a month you get the Whoop Strap 4, access to the Whoop app which gives you tons and tons of metrics on things like sleep, stress, and exercise. The Whoop app (that's also really fun to say!) also gives you access to customized coaching to help you sleep better and train better. Given the growing following this little strap full of LEDs and photodiodes seems to have, it seems there's a lot to whoop about with Whoop. Yeah, yeah, even I know that pun was bad.
What could happen if something goes wrong?
The Whoop Strap 4 is an interesting device. By all accounts, it measures a lot of body metrics, like body temperature, respiratory rate, and blood oxygen data quite well. And data is the name of the game for Whoop, so using algorithms to analyze all this data is key. All this becomes much more interesting when you read about how Whoop is being used to try and identify covid-19 symptoms early on. And how workplaces are asking (requiring?) their employees to wear such a tracking band to help them identify workers at risk for covid to keep them out of the workplace before they can infect others. It’s an interesting use of this sort of tracking technology with some good public health implications while also raising some serious privacy concerns.
When it comes to how Whoop handles your data, things seem pretty OK to us. Whoop says they do not sell personal data. Yay! And Whoop says they don’t use any personally identifiable wellness data for advertising purposes. Again, yay! Although it’s a good time to remind you that it’s been found to be pretty easy to de-anonymize some types of data and track down an individual’s patterns, especially with location data. Our biggest concern for the handling of all this sensitive personal data the Whoop collects is what happens to it when users opt to share with others through social media or corporate wellness programs. Once you agree to share your Whoop personal data with these sorts of third parties, then you need to rely on them to protect it and read their privacy policies to understand they can use it.
All in all Whoop does collect a huge amount of sensitive personal data, as most fitness trackers do. They also seem to do a decent job protecting this data and the privacy of their users. What’s the worst that could happen? Well, it seems in our brave new world these days it’s not too far fetched to think an employer could require you to wear one of these bands to monitor you for covid symptoms. But they take that monitoring way beyond that and look to see which employees drink on the weekends. The company then decides that’s against their code of conduct and fires you for what you do in your off hours. That’s some Big Brother potential right there. Here’s hoping that never happens.
Tips to protect yourself
- Be very careful who you chose to share your wellness data with.
- Don't connect your app to any social networks like Facebook.
- Minimize volumes of data collected about you by an app
- Use two-factor authentication
What can be used to sign up?
What data does the company collect?
Name, email and mailing address, phone number, location
Heart rate, skin temperature, blood oxygen saturation level and acceleration; metadata on workouts and sleep, birthday, sex or gender identity, weight, height, and fitness/athlete level.
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
No known incidents in the last 3 years.
Can this product be used offline?
User-friendly privacy information?
Simple privacy principles are provided.
Links to privacy information
Does this product meet our Minimum Security Standards?
Got a comment? Let us hear it.