Your Exercise Gear Reserves The Right To Track And Sell Data On How You Smell

A new Consumer Reports study unsurprisingly finds that popular exercise equipment makers collect way more data on users than is necessary, then sell access to that data to a wide variety of dodgy and largely unregulated data brokers and middle men, who in turn generally play fast and loose with it.

Consumer Reports studied ten different exercise equipment manufacturers (including Peloton, Tonal, NordicTrack, and BowFlex) and found they collect just a massive array of sensitive data, from your personal details and health metrics to your location data (assuming the gear is mobile). Not only that, their overlong privacy policies reserve the right to things they don't do yet, like track how you smell:

Whether this really happens, or ever will in the future, is not clear. The company did not respond to requests for comment. But while your exercise service claiming the right to collect data on your smell may seem more strange than worrying, it hints at how many companies approach data collection."

The U.S. has generally been too corrupt to pass even a baseline privacy law for the internet era. Or regulate a vast array of super dodgy data brokers that are repeatedly caught selling access to sensitive consumer data to criminals, stalkers, foreign and domestic governments, disinformation peddlers, and anybody with a few nickels to spare.

These companies all track data on fertility status, which is kind of a problem in an era where surveillance-happy authoritarians are criminalizing female reproductive health care:

The smart home gym company Tonal, for example, says it may collect data about your pregnancy status, while Peloton offers workouts specifically for pregnancy, and collects information about any workouts you participate in. (Surveillance of pregnant people has become a concernfor many Americans in the wake of state and proposed national measures to restrict abortion access.)"

In addition to your health, location, behavior, payment, and other data, these products all glean additional data from the devices and services you connect them to. And again, there's very little in the way of any sort of comprehensive law governing how this data is collected, stored, and monetized, making this particularly problematic in a greedy country now run by dim authoritarians.

When companies are pressed for comment, they state they fully adhere to all applicable data privacy regulations," which is meaningless because there usually aren't any (though some state laws do allow you to request who your data is being shared with). Or they'll insist this scale of data collection isn't a big deal because the data has been anonymized," a term we've long noted is absolutely meaningless.

Again, this fast and loose approach to privacy and security is absolutely begging for the kind of privacy scandal that makes all of the scandals we've seen so far seem adorable by comparison. It's simply a matter of time.