However, having spent close to €300 with the company (for the scale + ultra, and recently upgraded to the Fitbit One), i was very disappointed when I found out about their data policy. Having to pay a premium 50/pa to get access to my own data (it's one of the big 'upsells' of premium) leaves a very bad taste in the mouth.,And now learning that even this doesn't give you access to your raw data is even worse.
I hope Fitbit changes their approach; if anything I think they have it backwards: give me my data for free when I purchase your hardware for life, and upsell me the web app (i'd be happy to pay for it; maybe include the first year free with your hardware purchase); rather this than than give you a pretty complete web app for life for free to record everything i want, but and then charge me to read back my own data!
So far, we've put out Emokit (emotiv epoc headset), libfitbit, libomron, and have started libfuelband and libsensewear. The main problem is just time and lack of people resources. We need more people aware that USB/Bluetooth reversing, while somewhat complex, is not all that inherently difficult. 2 or 3 people working together can easily open up a device and protocol format with a minimal amount of [insert language that supports libusb or hidapi] code. However, not many people are interested in learning that, as they just wanna get the data and run. Understandable, but that means you're waiting on one or two people to finish something that they may lose interest in.
I've been contemplating trying to teach a usb/bt reversing workshop for years now, I should really get around to trying that soon.
EA put out a fitness video game with a wireless heart rate monitor that showed up as a normal HID device via its USB dongle. On sale it was like $40, making it a very inexpensive way to log heart rate wirelessly. But no-one had reversed the protocol, and I couldn't find any online resources to teach me how to do it myself.
I'm pretty sure I threw it out, and the product is discontinued now, but I would encourage you to at least put training materials together, if not a full workshop.
I've taught workshops on other subjects before, and usually once I get going to writing cirriculum that question answers itself in spades, though. Just need the motivation.
I'm finishing up another personal project right now, then I may start on this. I suppose I don't really have much room to complain when I've already set out a solution that just needs to be done. :)
You might also consider trying out Zed Shaw's "Learn X the Hard Way" format as a framework, which he recently formally published: https://gitorious.org/learn-x-the-hard-way/learn-x-the-hard-...
Last workshop I taught was http://artandcode.com/3d/workshops/2b-teledildonics-with-the..., which I had to compress into 3 hours so it was more an overview sort of thing. I think this workshop will require a nice device to start reversing from scratch, which is something else I'm going to have to figure out. Fitbit would suck since you'd have to learn USB, then ANT. Would like to get one HID device, one non-HID, just to cover most of the bases.
But according to the author, even the $50 option doesn't let you download the data so it has nothing to do with you being the product.
Don't buy their products. That's what I did.
API webpage: https://developer.bodymedia.com/docs/read/Home
1- The Bodymedia gives you steps taken as well as accurate sleep and caloric burn readings.
When you reach checkout, you'll see that they are asking you if you're in the US, Canda, Australia or New Zealand, while the shop contains the helpful "Currently BodyMedia FIT only ships within the U.S. and Canada (does not include Quebec)". What happens if I _am_ in Australia or NZ? Weird.
Product looked nice, wanted to impulse buy one right now, but .. guess not.
aehm ... do I understand that correctly, I have to pay them $7 bugs a month to get access to my data? WOW, yes so much better than fitbit :D
Is the price you're paying set by perception of value, rather than cost of goods sold? Yes, mostly. It is a business. But Bodymedia is aggressive in making their product (both SaaS and armband) better over time, so your subscription fees aren't pure profit.
So if you accept that $7/mo is a negligible cost, and that the price does not need to be simply an invoice of labor and hardware, but an expression of value, then I think this is a no-brainer. This easily delivers $7 of value even without using the API.
A biometric sensor with minute-by-minute granularity of data access for $84/yr plus one-time cost of ~$150? That's very well priced, IMO. It's just the idea of paying twice for a product you already own which hurts -- it's not the easiest pill to swallow, and it kept me from buying one for a while too.
I'm not interested in giving away money just because a product is neat. Charge me the real price up front if you want more money. Or do it right and charge me for analysis but not for raw data dumps.
So your only gripe really is that they're selling it as a service, instead of a single box install. Which is fine, but let's not pretend that this isn't a legitimate business model and probably the prevailing way of making a dollar in our industry. It's completely legitimate to sell SaaS and allow access only on a subscription basis.
Why shouldn't you pay to have your data stored and compiled into reports on an ongoing basis? And if you don't want that, as I've said, the serial protocol is completely hackable by even noobs.
The Bodymedia FIT has actual sensors, it's an armband you have to wear. It monitors temperature among other things. It has been tested against, a $40,000 "portable oxygen analyzer", the gold standard for measuring calories. (source: http://www.bodymedia.com/the_science.html)
Regarding the Bodymedia FIT developer program. It looks you still need a subscription though and one still needs to upload the data from the armband to the website to get at it. Seems kind of pointless. I would want to get the data directly from the USB armband without a subscription.
The total costs are higher though. The Fitbit is a onetime cost of $100-125 where the Bodymedia is $120-150 once and $84/yr. But for me, the cost of the Fitbit is too high for the relatively inaccurate method of collection.
If accessing the collector data is important I would consider looking at some of the fitbit competitors, as they have much more open APIs. Fitlinxx (http://www.fitlinxx.net/pebble-activity-monitor.htm) and Fitbug both come to mind.
I hate it when companies think that they can get away with making you pay for your data.
From looking around the FitBit site, it seems they are in California, so Californian law applies. No EU Data Protection Directive there I'm afraid. (If they were in EU their terms & conditions would probably not be binding anyway, against the EU Unfair Terms & Conditions Directive)
Individuals must have access to personal information about them that an organization holds and be able to correct, amend, or delete that information where it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy in the case in question, or where the rights of persons other than the individual would be violated
It would be interesting to send them a request and see what their position is.
From my understanding, from the yearly IG briefings I used to have, you would be able to provide that requester with information on how to obtain their personal access, and point out to them where they can find the information they have requested.
Information needs to be made accessible, you don't necessarily need to actually provide printouts. For example, FOI requests from news agencies often cover the same topics. This information can and often is posted publicly on the organisation's website and the FOI responses refer the requester to those links.
What if the FOI request was supplemented with the users password (changed by them to a temporary one)?
Other possibilities would be encrypting a second copy of the patients data (each time it is stored by the user) using a public key with the corresponding private key held in escrow somewhere on a machine with no network connection. It would then be someone's job, upon receiving an FOI request, to take the patients master-encrypted record(s), put them on the non-connected computer that contains the private key, decrypt, and print out in order to reply to the FOI and then clean up.
You must track each and every time a patient's data was decrypted and by whom, and that information must be available as well.
Information that you'll probably also need to encrypt, but still be able to search by patient, date, and decrypter. (requests come through to find all records a particular employee has seen within a certain date range as well)
I can see the start of a rabbit hole, which is why organisations dealing in PID have IG teams or consultants who know the laws and know how much needs to be done.
If a patient thinks an organisation is holding out on them, that patient has a way to complain, and the complaints aren't taken lightly from what I've seen.
What would be ideal is to have some kind of "password/data escrow" service that is separate from companies like yours, or the one I'm working with, so that there is a way to recover the data if a password is lost, but a formal/legal separation of the means to access it is maintained.
Minor pedantic peeve of mine: Many countries have Freedom of Information (FOI) laws, and Data Protection. Often FOI only refers to government bodies and covers lots of stuff (e.g. "How much per year does my local council spend cleaning the local park?"), however data protection mostly applies to personal data that anyone (government or private enterprise) holds on you. Data Protection laws sometimes make it illegal for the company to tell third parties the personal data about you.
I've started a project to track any data that I want and stop relying on all of these free sites because of this loss of data issue.
The source code is here:
and you can see it in action here:
I haven't tackled generated graphs from the SQL data yet but plan to eventually. The one graph on the page was generated with Apple's Numbers. Since it's annual data I don't plan on updating it more than once a year.
(P.S. My project is also heavily inspired by the features and shortcomings of Daytum (namely the lack of an API), which is frankly the best self tracking tool available at the moment.)
I wonder if you can do the same with Fitbit.
 https://twitter.com/NikeFuel/status/205424488836370433  https://github.com/beaumartinez/fuel
I always wonder why company reps phrase it this way. "Unfortunately"? For us, yeah, it's unfortunate. But for Nike...?
The real value in the data is the relationships between various data sources. I really don't care how many steps I take in a particular day, but I do care if there is a relationship between that and my weight, how well I sleep, my heart rate etc. No device, or brand, does everything, nor should they. I want to be able to get my data out so I can use it in interesting ways.
I have thought a lot about not buying any devices in the future that don't allow me access to the data I produce. I think it is probably a good policy, but I would be left with very little in the way of options then. Finding hacks to get data out of devices can be useful, but should we really have to crack each new gadget just to use the data? I think its a pretty sad state of affairs.
IMHO the main draw for these devices is their ability to motivate me to be more active, sleep better, etc. Historical data is interesting, but not crucial to that function (although I'd like to see FitBit make the data available). Far more important are real-time feedback mechanisms, such as notices that I achieved a goal, motivating messages ("you're almost there"), etc.
I own a fitbit, and have loved it. I don't regret paying the $99 for it. I log into the web site, and see my daily totals, and the little graph showing when my activity spikes were. At the end of a grueling day walking around New York City, I can tell my wife that we took 20,000 steps and that's a bit interesting. It's useful and interesting - only to a point.
So after reading this post, my main question is "Why?"
Why do you need minute-by-minute access to pedometer data? What use is it, really? The OP says, basically, "out of curiosity". OK, so hack the thing. There's a number of links for intercepting that data during the sync process. But can you fault fitbit for not providing data that noone (not even the company itself) needs?
What data can the fitbit give you on a minute-by-minute basis that is remotely useful or interesting?
It's just a pedometer. At the end of the day, it tells you you took 10,000 steps or whatever. It's also interesting that you walked 50 miles this month, or have walked up steps to the level of a helicopter flies. Or how many miles you've walked this year.
Without frequent sampling, you can't get access to high frequency information. http://en.wikipedia.org/wiki/Nyquist_frequency
An example (not for regular sampling, but I hope it gets the point across): if a pedometer records the time of every footfall through the day, you can discern whether your pace is faster on Tuesdays than Sundays, even if you take the same number of steps. If those data are aggregated into steps/hour, you'll never see it.
The lack of open access to the data acquired by a FitBit (I'd been considering buying one) is a certain dealbreaker.
These wouldn't be possible without data exports:
I wanted to know what fitbit is, but the site redirects me to fitbit.com/de and I closed that site.
How can they be open about data, if they have obviously no clue about open standards, like http accept headers? Worse, there's no way to visit the (official?) fitbit.com site even after that idiotic redirect. I can't access an english version, period. Stupid.
While it's perfectly understandable that you might be upset that their site for Germany doesn't offer english language as an option, that's clearly a completely separate issue from how they handle user data.
Obviously that's annoyance speaking and speculating based on me being tired with the constant 'Hey, I know better what you want' attitude (Looking at you, Google/Blogger) - I don't even know a single thing about their product (which is why I went to the site in the first place).
Sorry about that. I stand by my point about this sort of redirection being a telltale sign of a flawed web site and lack of respect for user preferences. What else they can or cannot do, I have no clue about and cannot judge.
I'm not sure it's obvious that sending someone in Germany to the UK/US website (where presumably they'll be unable to buy the product) just because their browser is set to English is the better solution.
While for sites like Blogger language is obviously more important than country, for companies which are country-localized (i.e they treat different countries differently for shipping, taxes, legal, operations, etc.) I would guess that it makes more sense to send you to local country version.
Imagine you were using say a dating site or a takeaway site, you would find it equally frustrating if you were routed away from a local language site to a US specific site just because that's what your language preferences were set to.
a) content and localization
b) the region I'd like the product to ship to, if at all
Why is the site different for different countries, ignoring 'translation'? I haven't thought it through, maybe, but I cannot come up with any decent reason for a 'German' site that isn't just the 'US' site in a different language.
In that case, please (dear website) listen to what I'm asking for. If I go to fitbit.com I expect to get the very same thing someone in the US receives. I'd like to talk about the very same site. I don't want someone to redirect me to a localized thing. And certainly not without giving me the opportunity to say 'Yeah, no. That was stupid. I really wanted the original version, silly'.
Same thing: If I go to www.google.com, I want to end up at www.google.com, not www.google.de. If I visit a random post on Blogger, chances are everything content is in English. Except for the 'helpful' Blogger toolbar and whatnot, that are coming up in German, because hey that's where we figured out you're coming from.
Lived in Israel for a year, got a Hebrew toolbar, google.il (and I'd like to know what fitbits would've done there). German vs. English is one thing: I can read both, I just explicitly (url, domain, accept headers) ask for the latter. English vs. Hebrew is another: I cannot read the latter, even if I happen to be - yay for geolocation - in the one state that represents the Hebrew language.
Imagine you were using say a dating site or a takeaway site, you would find it
equally frustrating if you were routed away from a local language site to a
US specific site
A dating site would allow me to register and state my country of origin or interest (which might be Germany, even if I live in Tel Aviv at that time). A takeaway site is really a weird example. www.pizza.de is available in German only for all I can tell and won't redirect me to a random US site because I ask the server to please return en_US or en localized content, _if possible_.
So, for me this whole 'automagic-we-know-it-best' translation/redirection thing is broken by design. It was a constant hassle in the past and just seems to catch on. Which is why I'm pointing it out when I can. I'm sorry for the thread-jacking. Thanks for the exchange so far.
Either the OP didn't ask around very well, or they were lied to. There are plenty of other much more open solutions out there.
Edit: A downvote? Really? In what way is the above not true?
I speak here only from personal experience; having used the following mostly at the gym, biking to and from work and while hiking in the Sierras:
- Garmin Forerunner 405 (https://buy.garmin.com/shop/shop.do?pID=11039&ra=true): All around general good "exercise" watch, but battery life requires a backup plan. Doesn't have Linux software, but can easily export to GPX for use in things like Google Earth and Maps. You can also combine other sensors: bicycle speed/cadence sensor (https://buy.garmin.com/shop/shop.do?pID=1266) and a foot pod (https://buy.garmin.com/shop/shop.do?pID=15516) for gym workouts, or just longer battery life.
- Zephyr HXM (http://www.zephyr-technology.com/products/fitness) combined with a smartphone (such as N900): Another good solution for basic logging; a variety of software to choose from, with different levels of openness.
Just to curb some replies: I know that FitBit does other stuff, lasts longer on a charge, has less friction getting data off, etc, but the thing I'm countering is the openness claim. If you have to pay for your data, and you still don't get a copy, it's a) not your data and b) not an open platform. Some basic research would have revealed this, hence why I didn't (and won't) get a FitBit, and I recommend others avoid it too.
"The Tracker will upload your data every 15 minutes provided you are within range of any plugged in base station (about 15 feet for direct line of sight), the computer is on and not in sleep or hibernate mode, the software is installed and running, and you have an active internet connection."
This implies to me that the data isn't cached locally outside of the Tracker itself, if an internet connection is not available.
I wonder if there's an easy way to scrape their flash charts on the dashboard...
If you're lucky, the URL requests will be in an easy to reverse engineer format so you could easily dump all the data you need by adjusting the URL.
It isn't as detailed (e.g. distribution over time) as the website, but it still gives me a warm and fuzzy feeling to have at least part of the data in machine-readable files :)
For me, this is the first time that not owning my own data has really put me off. I'll be returning my FitBit.
Minute by minute data can be very useful for custom visualization.
I have found a few bugs in fitbit, like I change my daily targets, but weekly targets dont change.
Also, fitbit free app is not available in Indian App Store. I dont want to create a US apple account to just use this app.
If open data access is available, I would be inclined to but a Aria and couple of fitbit zip for my family members as well.
fwiw I think that is by design; the two things are independent. e.g. you may wish to set a minimum 10k steps a day, but a weekly goal of 100k (or whatever). It's a bit confusing because it sets you up defaults for both day and week where week=7xDay, but it doesn't have to be that way.
I personally love the FitBit ecosystem (I use the app and scale religiously, and its UX is fantastic) and stopped using Sleep Cycle in favor of the tracking via FitBit.
I love fitbit, and hope they allow users to at least download the detailed personal reports.