noyb files complaints against Google’s Fitbit
Noyb, a Vienna-based digital rights group, has lodged complaints against Google’s Fitbit in three European countries – Austria, Netherlands and Italy. Fitbit is accused of breaching the EU’s General Data Protection Regulation (GDPR) privacy rules. The bone of contention is Fitbit’s policy of compelling users to consent to data transfers outside the EU without offering an option to retract this consent, which Noyb says violates GDPR requirements.
Fitbit’s portfolio includes watches that monitor activity, sleep, and heart rate, with a subscription service available from $9.99 a month. While these features may be impressive, Noyb’s data protection lawyer Bernardo Armentano raised concerns about Fitbit’s handling of sensitive health data. He expressed surprise at the company’s failure to explain its use of such data, a requirement under GDPR rules.
Noyb is now pushing for action against Fitbit. It wants mandatory information about data transfers to be shared with users and for them to be able to use the Fitbit app without consenting to these transfers. The current stance of Fitbit’s privacy policy is that the only way to withdraw consent is by deleting an account, causing users to lose all their previously tracked workouts and health data.
The implications for Fitbit could be severe considering GDPR violations can attract fines up to 4% of a firm’s global annual revenue. With Google’s annual revenue standing at $280 billion in 2022, it’s clear that Fitbit’s parent company could face significant financial fallout.
Source: Privacy activist Schrems files complaints against Google’s Fitbit | Reuters
