CDT and Fitbit develop guidelines for privacy and research for wearables

May 18, 2016 – WASHINGTON. In a first of its kind partnership with a wearables company, Fitbit invited the Center for Democracy & Technology (CDT), a leading advocacy group dedicated to protecting global online civil liberties, into its research labs to explore how privacy and ethics come into play in the research and development (R&D) process. The result of this collaboration is a report that offers guidance on privacy-protective and ethical internal research procedures for wearable technology companies.

CDT and Fitbit believe this insight into privacy-protective internal research and development in the fast-paced world of a growing wearable tech company, combined with CDT’s expert privacy advocacy analysis, will offer a unique perspective on the data privacy challenges and opportunities facing this industry.

“Although the data generated by users of wearable technology is uniquely personal, it often falls outside of existing health privacy laws. Through this incredible collaboration, we were able to develop clear guidance in the health wearables space that, if put into practice, will allow companies to pursue innovation while simultaneously respecting the privacy rights of individuals,” said Michelle De Mooy, CDT Deputy Director of Privacy & Data. “Fitbit is leading the charge for wearable companies in terms of best practices, and it’s important to have even more companies consider data privacy issues in this type of proactive manner.”

Following a research methodology that included direct observation, surveys, and interviews with Fitbit engineers, CDT and Fitbit jointly developed recommendations that offer wearable companies specific guidance on privacy practices around user data, internal company operations, and the potential broader societal impact of applying good data practices during the R&D process. The recommendations focus on user expectations guiding consent, non-coercive rewards being offered to research participants, respecting the needs of vulnerable populations, and upholding trust through robust security and de-identification protocols. The report recommends that wearable companies invest in employees with privacy and ethics backgrounds, empower researchers with embedded tools for data stewardship, set clear security protocols for use of user data, and establish formal accountability measures.

“As part of our commitment to protecting consumer privacy and keeping data safe, we value the opportunity to collaborate with the CDT and welcome their collaboration to help establish best practices for the industry,” said Shelten Yuen, Vice President of Research at Fitbit. “As our customers seek new information about their health and fitness, it’s the R&D organization that drives these advancements. Having strong privacy practices is essential when developing new technologies to ensure personal data and information is protected at all times, and we are proud to work with the CDT to lead this important discussion.”

The report also highlights the value of health wearable companies committing to internal research that addresses societal issues, such as obesity. Through research aimed at improving the health and wellness of users, wearable companies may have insights that would benefit public health more broadly. The report encourages companies to develop formal practices and policies to ensure that diverse communities are represented in data sets and on the research team.

“We are becoming more connected and the data we share is even more personal. The health wearable industry can certainly be a leader in advancing the privacy rights and dignity of its users, starting with a commitment to privacy-aware and ethical R&D practices,” said De Mooy.

Source: Fitbit, Inc.