Most Smart Watches, Rings, and Bands Lack Basic Transparency Reports and Key Privacy Features | Electronic Frontier Foundation
Skip to main content
AboutContact
Press
People
Opportunities
IssuesFree Speech
Privacy
Creativity and Innovation
Transparency
International
Security
Artificial Intelligence
Our WorkDeeplinks Blog
Press Releases
Events
Legal Cases
Whitepapers
Podcasts
Annual Reports
Take ActionAction Center
Volunteer
Follow EFF
ToolsPrivacy Badger
Surveillance Self-Defense
Certbot
Atlas of Surveillance
Cover Your Tracks
Street Level Surveillance
apkeep
Shop
DonateDonate to EFF
Shop
Giving Societies
Sponsorships
Other Ways to Give
Membership FAQ
Email updates on news, actions,
and events in your area.
Join EFF Lists
Copyright (CC BY)
Trademark
Privacy Policy
Thanks
Electronic Frontier Foundation
Donate
If you use technology, this fight is yours.Donate today
EFFecting Change: If You Own It, Why Can't You Fix It? on July 23
Most Smart Watches, Rings, and Bands Lack Basic Transparency Reports and Key Privacy Features
DEEPLINKS BLOG
By Thorin Klosowski<br>July 15, 2026
Most Smart Watches, Rings, and Bands Lack Basic Transparency Reports and Key Privacy Features
Share It
Share on Mastodon<br>Share on Bluesky<br>Share on Facebook<br>Copy link
Oura Rings, Garmin GPS fitness watches, Apple Watches, Whoop bands—every year, more and more tech devices are promising to monitor our health and fitness, guide us toward healthier living, and provide useful health metrics to take to our doctors. But few of these tools provide the sorts of privacy and security promises we demand from all technology, let alone tech that captures personal health data. It’s time they step up and start providing transparency reports and stronger encryption options.
Surveys suggest that around 40 percent of people in the United States own some sort of commercially available wearable health device. Despite being marketed as health devices, they have no special health-related privacy protections that one might hope for. The companies who make these devices can and do collect an abundance of data, and many of them share that data with third-parties for marketing or to influence insurance rates, or use it for their own purposes, like training artificial intelligence models.
Health data is increasingly an important part of law enforcement or government investigations. Wearable data has been critical in a number of cases, where information about heart rate and steps was used to determine the whereabouts of individuals. And the surveillance company Penlink calls fitness trackers and wearables an “overlooked source” for law enforcement since they tend to show movement patterns and changes in heart rates. Law enforcement can try to get access to this data through subpoenas or warrants.
There are many potential privacy issues with these sorts of devices, including whether the companies who make them share or sell information to third-parties. But here we are choosing to focus on two facets we’re concerned with around health data itself: 1) whether the company shares information with law enforcement and governments and 2) if they offer end-to-end encryption, which means the company itself can’t access that health data to begin with.
Reading through dozens of product review sites we narrowed our research in on ten companies that seem to make the majority of recommended consumer health products on the market:
Amazfit
Apple
Coros
Garmin
Google (including Fitbit)
Hume
Oura
Polar
Suunto
Whoop
We reviewed each company’s public facing policies, then emailed them to confirm those findings. Here’s what we found.
Transparency Reports Are Few and Far Between
Companies should provide transparency reports of how often they provide data to the government, including information about whether it’s an official demand or an unofficial request. We have been calling on tech companies to publish transparency reports for a long time, but the practice is still rare across the industry. That’s especially true with fitness gadgets.
Only two of the companies we surveyed, Apple and Google (which also owns Fitbit), currently publish transparency reports. Apple, Google, and Whoop promise to notify users of law enforcement requests in publicly available documentation.
Oura now does too, after an update to their privacy policy in June 2026 that was perhaps prompted by a series of requests from journalist Zack Whittaker. In that same update and in an email to us, Oura promises that it is “actively evaluating ways to provide greater visibility into how we handle these requests, like through a transparency report.” This is promising, and we hope the company agrees that transparency reports are the best option moving forward.
Any company that handles data that’s of interest to law enforcement and governments owes it to their users to publish transparency reports and, when legally possible, notify users when that data is...