Advocacy group claims Fitbit is useless without illegal data sharing consent.

Advocacy group claims Fitbit is useless without illegal data sharing consent.

Fitbit Faces Data Privacy Complaints in Europe


Vienna-based advocacy group Noyb has taken legal action against Fitbit, the popular fitness tracking company now owned by Google, accusing them of violating European Union (EU) data privacy regulations. Noyb has filed complaints in Austria, the Netherlands, and Italy, claiming that Fitbit forces new users to consent to data transfers outside the EU, with no practical way to withdraw that consent without deleting their accounts entirely.

Fitbit’s watches are known for their ability to track activity, heart rate, and sleep. However, Noyb argues that requiring users to agree to data transfers puts Fitbit in breach of the General Data Protection Regulation (GDPR). The GDPR requires companies to clearly explain how they use sensitive data, which Fitbit allegedly fails to do.

Bernardo Armentano, a data protection lawyer at Noyb, expressed astonishment at Fitbit’s lack of transparency, considering the nature of the health data they collect. Fitbit’s privacy policy reveals that they not only share personal details like email addresses, dates of birth, and gender, but also information related to food logs, weight, sleep patterns, water intake, female health tracking, alarms, and messages exchanged on discussion boards.

Even if Fitbit were to offer an opt-out function, Noyb argues that the company’s routine transfer of data to third parties outside the EU would still violate GDPR regulations. Romain Robert, one of the complainants represented by Noyb, humorously commented, “Fitbit may be a nice app to track your fitness, but once you want to learn more about how your data is being handled, you are bound for a marathon.”

Founded by privacy activist Max Schrems, Noyb has been relentless in its pursuit of justice against big tech companies that violate privacy regulations. It has already filed numerous complaints against companies like Google and Meta, leading to substantial penalties in some cases.

As part of their complaints against Fitbit, Noyb is demanding that the Austrian, Dutch, and Italian regulators order the company to provide users with all necessary information about data transfers and allow them to use the app without having to consent to such transfers. If Fitbit is found to be in breach of GDPR rules, the privacy watchdogs have the authority to issue fines of up to 4% of a company’s global annual revenue. For Fitbit’s parent company Alphabet, which owns Google, this could amount to a hefty €11 billion.

Fitbit’s presence in the wearable fitness tracking market is undeniable, with over 100 million registered users in 2021. However, this data privacy complaint serves as a reminder that even popular brands need to adhere to strict privacy regulations. Noyb’s legal action against Fitbit highlights the importance of transparency and user control when it comes to personal data in the digital age.

Fitbit App

In a world where smart devices and apps play an increasingly significant role in our lives, consumers deserve the assurance that their data is handled responsibly and in compliance with legislation like the GDPR. Fitbit, along with other tech companies, must prioritize user privacy and take measures to ensure compliance. Only then can users truly benefit from the convenience and functionality that these devices provide, without sacrificing their personal information.