Hacker News new | past | comments | ask | show | jobs | submit login
Users fear for privacy after Google buys Fitbit (theguardian.com)
57 points by LinuxBender 11 days ago | hide | past | web | favorite | 20 comments

This doesn't add significant new information over the HN threads on the topic. In fact the HN threads might as well be a primary source for it.



This type of headline isn't healthy, 'tossed my Fitbit in the trash' is almost implying it's a solution to Google now having your Fitbit data; in reality, the article goes into the correct way to perform this: deleting your fitbit account.

You can’t use a Fitbit without a Fitbit account. It becomes junk once you delete the account. Even if you do trust them to have deleted your data.

I had a Fitbit, and the first thing I did was file a bug report on the lack of support for HealthKit - in other words mandating that you give them all your data, after you already paid for the device.

That responded saying that they did not want to support HealthKit or any secure data method - I was willing to give them the benefit of the doubt, which in hindsight was stupid: it should have been clear that they wanted to profit off the stolen data.

> they wanted to profit off the stolen data

At least Google has some incentive to keep the data for themselves (to target ads at you), rather than sell it to third parties.

Still, I’ll be looking at different brands next time my Fitbit breaks.

Google don’t sell data to third parties, they rent it. Completely different.

Last time I checked you still needed a fitbit account to use the device though.

What are the alternatives ? MS band ? Apple watch ? xiaomi ?

I've asked myself the same thing. After some digging I've found Withings that looks fairly promising:

https://www.withings.com/us/en/pulse-hr https://www.withings.com/us/en/steel-hr-sport

Though they are still gathering a lot of data. It feels better than Fitbit/Google, but I wish they'd spend some time on encryption / privacy.

For example, all the GPS data, that's useful for showing a map of the run and measure the distance, but certainly doesn't need to go on their servers. They should encrypt the GPS points and only send the shape (vector path) to their servers. That would contain info about distance, but not where in the world the person was running.

Similar things could be done for other things.

A vector path is just a jigsaw puzzle piece. There are only so many places in the world where you’d have a certain shape dictated by local streets, footpaths and bridges.

You don't need to sync your data. Delete your account and just write down your daily stats with a pencil if you like. The device will automatically discard old data when it fills up.

I am pretty sure you can't access the dashboard if you are not logged in.

How does one deleting their account apply to any backups the company in question might have? Sure, it won't be in the next back up, but am I too conspiracy minded that someone so hungry for user data like Google would not work back through backups for this very purpose?

You could GDPR request deletion instead of using the built-in 'delete account' feature, and in the request note that you would like to know if they also delete your account from their backups or what their backup retention policies are like. GDPR deletion requests also mean they have to delete the data from their backups.

Clickbait isn't healthy, number 7 on this list will surprise you! Time is limited, so order now! But wait, there's more! Order now, and get twice the cheap Chinese solutions for twice the price!

I'm a lot less worried now, actually. Google's model doesn't include the outright sale of data. The way Fitbit was going, I thought they'd lose control of it somewhere.

They scrape email for cross selling already, I could totally imagine seeing them use heart rate data to segment their audiences by happiness. Then they can show you ads when you are more likely to convert when you are happy/awake/resting etc. Slimy but not without precedent.

One of the worst things that ever happened to the internet it's called Google. This rogue CIA backed crap that violatates every single day your privacy data. I was one step from buying a Fitbit watch and spend $200 but after Google made it's move I stepped back.

Everyone and their cats are looking at Google to see if they are misusing private data.

Nobody cares what Fitbit is doing with the data.

But lets trust Fitbit more than Google.

FitBit has your health data but not all the other data about you which Google is squirreling away. If you have an email address for Gmail against your Fitbit info then that health data is now available to be merged with all your other data. It can then be sold to anybody who offers enough for it or you will start to get ads for health products when Google starts analyzing your health info.

I can't wait for the time when users fear for their privacy when they buy a non-free hardware with non-free software installed on it.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact