The most data-invasive health and fitness apps

We’ve turned to them to stay fit during lockdown. Should we?

The closure of gyms and limits on outdoor exercise, combined with the ability to spend more time at home and less time commuting to workplaces, has corresponded with a huge rise in the number of downloads of health and fitness apps. Time spent to reconsider every aspect of our lives – and facing up close and personal the real life reality of humanity – has driven many of us onto a fitness kick.

But in doing so, are we also inviting in overly invasive tracking of some of the most personal parts of our lives – health data? Although one in four Britons surveyed in an exclusive poll for CyberNews said they support the use of their health data to improve healthcare services, fitness apps are something a little different – and a lot less high stakes.

The Quantified Self movement is one that has helped many of us get healthy. But in tracking our weight, our heartbeat and our oxygen rates, we’re giving over a treasure trove of valuable data to third parties. The reality is that in using apps like Fitbit, Strava and Maven we’re handing over some of our most personal of personally identifiable information.

How much data do we give up?

So who are we giving up our data to, and how much information are we handing over without thinking? Where does that data end up once it’s tracked and traced through the world’s most popular apps? Supplement Timing analysed the official privacy policies of the top health and fitness apps to see which data each one asks of its users.

The company assigned ratings to how data intensive each app is, tracking 27 different data types that a user could possibly give up in their day to day usage of each app that’s designed to track fitness and health.

The most intrusive or demanding app of your data is Maven, a women’s health and fertility app. 

Of 27 different types of data that Supplement Timing tracked and traced, Maven asked for 23 of them, and demanded eight of those 23 by default every time you open the app. (The company judging the intrusiveness of data collection assigned two points to an app that demanded a data point by default; and one if it asked the user for permission to collect the data.)

Maven required users to hand over their name, email, phone number, address, device information, age and gender to work. It also asked for lots of other information, including occupation, hobbies and interests, the information of friends and family, weight, fitness level and even shoe size. In a possible score of 54, Maven recorded a staggering 31.

Diet apps are no saviour

Apps that track your health are likely to be intrusive by the very nature of what they’re trying to do, but other dieting apps were equally invasive. 

Nutrition and Weight Loss apps occupied four of the top 10 places in Supplement Timing’s study.

PlateJoy was the second-most invasive app, demanding your height and weight by default and asking for health and lifestyle information – which could be used to potentially target you with advertising for products, should they wish. These types of apps, say the company that tracked their privacy policies, are the most likely to track personal data by default without alerting you.

There are other issues with different apps targeting different areas of your health, however. Fitness apps like Couch to 5K and Strava are the running apps that share the most personal data with third parties, meaning you could end up being targeted for advertising – a cause for concern given their enormous popularity. If you’re looking to avoid being tracked through your fitness apps, then elect to take up yoga, mental health or sleeping apps – all of those were analysed and found to collect the least amount of information compared to their peers.