Are health-monitoring devices a privacy concern? They continue to be promoted, but it is unclear whether the data collected is being properly protected

The wearable health monitoring devices (such as smartwatches, smart rings, and glucose sensors) have become increasingly widespread in recent years – even among different segments of the population. Designed to help people monitor parameters such as heart rate, sleep quality, or glucose levels, they are now part of the commercial offering of many tech and fitness companies. In this regard, Robert F. Kennedy Jr., the controversial Secretary of Health in the Trump administration, recently stated that he aims to have every American wear a health monitoring device within the next four years. The initiative would be part of the “Make America Healthy Again” plan (echoing Trump’s famous slogan “Make America Great Again”) and aims to promote prevention through self-monitoring and individual responsibility. As reported by the magazine The Cut, the U.S. Department of Health is already working on a campaign to encourage the use of these tools at a public level. However, the proposal has raised various criticisms and concerns, especially regarding the management of privacy and personal data. Some observers fear that the massive use of devices collecting biometric data could lead to misuse of the information collected by governments, companies, or other entities, compromising users’ privacy. But is it true?

Wearable devices, in fact, work by recording a wide range of physiological data including heart rate, sleep cycles, movement, blood oxygenation, body temperature, and much more. This information, often combined with other data collected by smartphones or apps, such as geographic location, can create a highly detailed profile of a person’s habits. In many cases, users are not fully aware of what is being collected, how it is processed, and above all, by whom. According to privacy experts, once the data is entrusted to a third party, such as the device manufacturer or the company managing the related app, the user effectively loses real control over it. In the United States, current regulations allow authorities to request this data from companies without necessarily having a court warrant. All of this potentially exposes users to various risks: data theft by hacker organizations, use for advertising purposes, or access by law enforcement in contexts unrelated to healthcare. In extreme cases, the forced or unaware sharing of sensitive information could have real-life consequences, such as affecting access to insurance policies or assistance programs. The fear grows when considering that the U.S. government itself could access the collected data, especially if it directly funds the purchase of the devices.

One concern that emerged following Kennedy Jr.'s announcement is that the Trump administration in the future could obtain this mass of data as a form of payment for the required public investment. And it’s not such a far-fetched scenario: as The Cut points out, the Department of Health has already expressed its intention to create a national autism database, based on data from health insurance, electronic medical records, and indeed, wearable devices. The fact that some names involved in the “MAHA” project, such as Calley Means, a White House advisor, and his sister Casey Means, appointed Surgeon General (i.e., the government’s top spokesperson on public health issues), have direct ties to companies that produce or promote these tools has further fueled questions about the boundary between public health and private interests. It is important to point out, however, that there are tools to mitigate the risks associated with the use of wearable devices. Some experts recommend using “offline” or less advanced versions that do not connect to the Internet or store data only locally. Others suggest activating end-to-end encryption, when available, or limiting the use of the device to specific situations, avoiding wearing it constantly.