If you downloaded a fitness app in 2020, you’re not alone. During the first half of the year, health and fitness app downloads grew by nearly 50% as a result of lockdowns, gym closures, and other social-distancing measures.
That trend does not appear to be abating, if Big Tech’s movements in wearables are anything to go by: Apple launched the Fitness+ app on its already health-oriented watch; Amazon launched its first (and very invasive) Halo fitness band; and Google finally completed its acquisition of Fitbit earlier this month, leading users to speculate on changes regarding how the data is collected.
It makes sense: Smartwatches are a constant companion on our wrists and, combined with our phones, give us all the data we want on how many steps we take, our heart rate, our stress levels, and even how well we sleep.
But this personal data is also being handled by the world’s biggest tech companies that have a track record of collecting customer data, not to mention that smart devices in general are quite vulnerable to attacks.
Fitness apps may finally be catching on, but their privacy settings are still stuck behind the starting line.
For some apps, it’s fitness first, privacy second
Here’s where things go from scary to downright terrifying: In a 2016 report from Canada’s Open Effect and the University of Toronto’s Citizen Lab, experts were able to show how hackers can not only see what data your fitness app is sending out but also alter it.
The report, titled “Every Step You Fake”, calls on tech companies to include better privacy settings in their devices. According to the researchers:
“Consumers deserve to be better informed about fitness tracking systems’ privacy and security practices.”
Some fitness apps still leave much to be desired, so we have compiled a list of tips to help improve your privacy while getting your work out on.
1. Use an alias when creating a new profile
Your smartwatch is tracking you, and it’s still unclear what information is being sent. In order to protect your privacy, ExpressVPN suggests you use an alias to create a new profile on your app. Also, turning off Bluetooth and using a stronger password are easy steps you can take to potentially thwart would-be stalkers.
2. Check which data your fitness app can access and what it shares
Sharing how many steps you took during lunch is one thing, but sharing your irregular bowel movements after that lunchtime taco bowl is probably way, way too far. Make sure you know what information your app is sharing, and make sure you restrict it to as little as possible. If you can, stick to the basic settings, and restrict access to data you don’t think the app needs.
3. Always, always update your apps
New updates are annoying, but they exist for a reason. Every time your app asks you to update, it’s usually for one of two reasons: either there’s a new patch to cover a security flaw, or there’s a newer, better app available. Either way, taking a few minutes to update your app is a small price to pay for the big boost in privacy.
4. Make sure your apps use HTTPS
While almost every fitness app today uses Wi-Fi to share data, not all of them do so on a secure server. Not using HTTPS is a rookie mistake, and ExpressVPN was surprised to see how many popular apps, like the Garmin Vivosmart, fail to use it. Make sure your app is using a secure server to transfer and record your data. If they aren’t, it may be time to find a new app.
5. Check periodically to see if your data is accurate
In the report above, experts were able to trick some apps into generating false data. This could affect your personal health goals. When you look over at your data, make sure the information is accurate. If it’s not, someone may be tampering with it.
Stay fit. Stay healthy. Stay private.
It’s not that you should avoid using fitness apps—it’s that you should do so with caution.
Following the tips above will help you stay fit while also staying secure.
Read next: 5 vulnerable smart devices in your home right now
Featured image: Unsplash (image has been edited)