EFF Review Finds Most Wearable Health Device Companies Lack Key Privacy Measures

Reviewed by Irfan Ahmad.

Most wearable health device companies reviewed by the Electronic Frontier Foundation (EFF) do not publish transparency reports or offer end-to-end encryption for health data they collect and store online, according to an article published by the digital rights organization on July 15.

The EFF examined the publicly available policies of 10 companies, including Apple, Google-owned Fitbit, Garmin, Oura, Whoop, Polar, Suunto, Amazfit, Coros and Hume, then emailed the companies to confirm those findings.

Only Apple and Google currently publish transparency reports showing government requests for user data, the EFF said. Apple, Google and Whoop also publicly state they notify users about law enforcement requests where possible. Oura added the same commitment after updating its privacy policy in June 2026 and said it is "actively evaluating ways to provide greater visibility" into how it handles such requests, including through a transparency report.

The EFF said the Apple Watch, for data stored in the Health app, is the only popular fitness wearable that supports end-to-end encryption by default. The other companies generally use encryption while data is being transmitted or stored, but not end-to-end encryption.

The EFF said it focused on transparency around government access to health data and the availability of end-to-end encryption because wearable devices collect sensitive personal information. It said companies handling such data should publish transparency reports and, when legally possible, "notify users when that data is requested."

Most wearable health firms reviewed by EFF lack transparency reports and default end-to-end encryption protections.
Image: Musab Al Rawahi - Unsplash

Read next: Reelified: Americans Prefer Short-Form Video
Previous Post Next Post