Should Your Employer Have Access to Your Fitbit Data?

A woman using a wearable device to track her fitness activities.

(© olegbreslavtsev/Fotolia)

The modern world today has become more dependent on technology than ever. We want to achieve maximal tasks with minimal human effort. And increasingly, we want our technology to go wherever we go.

Wearable devices operate by collecting massive amounts of personal information on unsuspecting users.

At work, we are leveraging the immense computing power of tablet computers. To supplement social interaction, we have turned to smartphones and social media. Lately, another novel and exciting technology is on the rise: wearable devices that track our personal data, like the FitBit and the Apple Watch. The interest and demand for these devices is soaring. CCS Insight, an organization that studies developments in digital markets, has reported that the market for wearables will be worth $25 billion by next year. By 2020, it is estimated that a staggering 411 million smart wearable devices will be sold.

Although wearables include smartwatches, fitness bands, and VR/AR headsets, devices that monitor and track health data are gaining most of the traction. Apple has announced the release of Apple Health Records, a new feature for their iOS operating system that will allow users to view and store medical records on their smart devices. Hospitals such as NYU Langone have started to use this feature on Apple Watch to send push notifications to ER doctors for vital lab results, so that they can review and respond immediately. Previously, Google partnered with Novartis to develop smart contact lens that can monitor blood glucose levels in diabetic patients, although the idea has been in limbo.

As these examples illustrate, these wearable devices present unique opportunities to address some of the most intractable problems in modern healthcare. At the same time, these devices operate by collecting massive personal information on unsuspecting users and pose unique ethical challenges regarding informed consent, user privacy, and health data security. If there is a lesson from the recent Facebook debacle, it is that big data applications, even those using anonymized data, are not immune from malicious third-party data-miners.

On consent: do users of wearable devices really know what they are getting into? There is very little evidence to support the claim that consent obtained on signing up can be considered 'informed.' A few months ago, researchers from Australia published an interesting study that surveyed users of wearable devices that monitor and track health data. The survey reported that users were "highly concerned" regarding issues of privacy and considered informed consent "very important" when asked about data sharing with third parties (for advertising or data analysis).

However, users were not aware of how privacy and informed consent were related. In essence, while they seemed to understand the abstract importance of privacy, they were unaware that clicking on the "I agree" dialog box entailed giving up control of their personal health information. This is not surprising, given that most user agreements for online applications or wearable devices are often in lengthy legalese.

Companies could theoretically use their employees' data to motivate desired behavior, throwing a modern wrench into the concept of work/life balance.

Privacy of health data is another unexamined ethical question. Although wearable devices have traditionally been used for promotion of healthy lifestyles (through fitness tracking) and ease of use (such as the call and message features on Apple Watch), increasing interest is coming from corporations. Tractica, a market research firm that studies trends in wearable devices, reports that corporate consumers will account for 17 percent of the market share in wearable devices by 2020 (current market share stands at 1 percent). This is because wearable devices, loaded with several sensors, provide unique insights to track workers' physical activity, stress levels, sleep, and health information. Companies could theoretically use this information to motivate desired behavior, throwing a modern wrench into the concept of work/life balance.

Since paying for employees' healthcare tends to be one of the largest expenses for employers, using wearable devices is seen as something that can boost the bottom line, while enhancing productivity. Even if one considers it reasonable to devise policies that promote productivity, we have yet to determine ethical frameworks that can prevent discrimination against those who may not be able-bodied, and to determine how much control employers ought to exert over the lifestyle of employees.

To be clear, wearable smart devices can address unique challenges in healthcare and elsewhere, but the focus needs to shift toward the user's needs. Data collection practices should also reflect this shift.

Privacy needs to be incorporated by design and not as an afterthought. If we were to read privacy policies properly, it could take some 180 to 300 hours per year per person. This needs to change. Privacy and consent policies ought to be in clear, simple language. If using your device means ultimately sharing your data with doctors, food manufacturers, insurers, companies, dating apps, or whoever might want access to it, then you should know that loud and clear.

The recent implementation of European Union's General Data Protection Regulation (GDPR) is also a move in the right direction. These protections include firm guidelines for consent, and an ability to withdraw consent; a right to access data, and to know what is being done with user's collected data; inherent privacy protections; notifications of security breach; and, strict penalties for companies that do not comply. For wearable devices in healthcare, collaborations with frontline providers would also reveal which areas can benefit from integrating wearable technology for maximum clinical benefit.

In our pursuit of advancement, we must not erode fundamental rights to privacy and security, and not infringe on the rights of the vulnerable and marginalized.

If current trends are any indication, wearable devices will play a central role in our future lives. In fact, the next generation of wearables will be implanted under our skin. This future is already visible when looking at the worrying rise in biohacking – or grinding, or cybernetic enhancement – where people attempt to enhance the physical capabilities of their bodies with do-it-yourself cybernetic devices (using hacker ethics to justify the practice).

Already, a company in Wisconsin called Three Square Market has become the first U.S. employer to provide rice-grained-sized radio-frequency identification (RFID) chips implanted under the skin between the thumb and forefinger of their employees. The company stated that these RFID chips (also available as wearable rings or bracelets) can be used to login to computers, open doors, or use the copy machines.

Humans have always used technology to push the boundaries of what we can do. But in our pursuit of advancement, we must not erode fundamental rights to privacy and security, and not infringe on the rights of the vulnerable and marginalized. The rise of powerful wearables will also necessitate a global discussion on moral questions such as: what are the boundaries for artificially enhancing the human body, and is hacking our bodies ethically acceptable? We should think long and hard before we answer.

Junaid Nabi
Junaid Nabi, MD, MPH, is a physician, public health researcher, and a medical journalist. He currently manages several research projects at Brigham Health that include investigating provider- and hospital-level factors associated with racial and ethnic disparities in surgical oncology; evaluating the fiscal impact of consolidating care of complex patients; and, examining systematic factors that lead to opioid over-prescribing patterns after surgery. He has also undertaken research that examined the effect of health disparities that arise from social and political disenfranchisement and the relationship between trauma care and post-traumatic stress disorder (PTSD). Previously, he was a Fellow in Bioethics at Harvard Medical School Center for Bioethics where he studied bioethical issues in global healthcare delivery; role of bioethicists in Artificial Intelligence, Machine Learning, and other evolving technologies; and, emotional intelligence in bioethical analysis. He is a New Voices Fellow at The Aspen Institute, Washington, D.C., and a Fellow at Harvard Graduate School Leadership Institute, Boston.
Get our top stories twice a month
Follow us on

On the left, a Hermès bag made using fine mycelium as a leather alternative, made in partnership with the biotech company MycoWorks; on right, a sheet of mycelium "leather."

Photo credit: Coppi Barbieri and MycoWorks

A natural material that looks and feels like real leather is taking the fashion world by storm. Scientists view mycelium—the vegetative part of a mushroom-producing fungus—as a planet-friendly alternative to animal hides and plastics.

Products crafted from this vegan leather are emerging, with others poised to hit the market soon. Among them are the Hermès Victoria bag, Lululemon's yoga accessories, Adidas' Stan Smith Mylo sneaker, and a Stella McCartney apparel collection.

Keep Reading Keep Reading
Susan Kreimer
Susan Kreimer is a New York-based freelance journalist who has followed the landscape of health care since the late 1990s, initially as a staff reporter for major daily newspapers. She writes about breakthrough studies, personal health, and the business of clinical practice. Raised in the Chicago area, she holds a B.A. in Journalism/Mass Communication and French from the University of Iowa and an M.S. from the Columbia University Graduate School of Journalism.

From a special food to a vaccine and gene editing, new technologies may offer solutions for cat lovers with allergies.

Photo by Pacto Visual on Unsplash

Amy Bitterman, who teaches at Rutgers Law School in Newark, gets enormous pleasure from her three mixed-breed rescue cats, Spike, Dee, and Lucy. To manage her chronically stuffy nose, three times a week she takes Allegra D, which combines the antihistamine fexofenadine with the decongestant pseudoephedrine. Amy's dog allergy is rougher--so severe that when her sister launched a business, Pet Care By Susan, from their home in Edison, New Jersey, they knew Susan would have to move elsewhere before she could board dogs. Amy has tried to visit their brother, who owns a Labrador Retriever, taking Allegra D beforehand. But she began sneezing, and then developed watery eyes and phlegm in her chest.

"It gets harder and harder to breathe," she says.

Animal lovers have long dreamed of "hypo-allergenic" cats and dogs. Although to date, there is no such thing, biotechnology is beginning to provide solutions for cat-lovers. Cats are a simpler challenge than dogs. Dog allergies involve as many as seven proteins. But up to 95 percent of people who have cat allergies--estimated at 10 to 30 percent of the population in North America and Europe--react to one protein, Fel d1. Interestingly, cats don't seem to need Fel d1. There are cats who don't produce much Fel d1 and have no known health problems.

Keep Reading Keep Reading
Temma Ehrenfeld
Temma Ehrenfeld writes about health and psychology. In a previous life, she was a reporter and editor at Newsweek and Fortune. You can see more of her work at her writing portfolio ( and contact her through her Psychology Today blog.