> the once-responsive Oura has not yet replied to any of my inquiries, or committed to releasing the numbers
Illinois has a tight biometric-privacy law [1]. I’d bet Oura isn’t particularly careful about prohibiting e.g. a Texas police department querying the protected information of Illinois residents.
"In my previous blog, I revealed that Oura data is not end-to-end encrypted. That means that an Oura user's health data can be unscrambled at certain points as it travels from a person's ring, through their phone app, over the internet, and as it lands on Oura's servers."
Very strange -- it seems to be conflating end-to-end encryption with encryption-in-transit.
My understanding is that E2E encryption implies encryption in transit. The message is encrypted at the source and only decrypted at the destination, so it is encrypted everywhere in between.
I don't see the conflation? The author makes it clear that the data is not E2EE. It does sound like it's encrypted in transit (this is table stakes for the past 20 years or so). I think that saying that the data gets "unscrambled at certain points as it travels" is a perfectly reasonable way to explain the practical difference between the two approaches to a nontechnical reader.
Not very strange but E2EE is thrown around a lot and everyone interprets it differently. And in some cases the expectations are unrealistic.
Take a messenger app using a server as middleman. E2EE means only the 2 users get to see the content, not the middleman company server. For Oura there’s only a user and the company server and a lot of people assume Oura can’t read the data, like the Signal or WhatsApp servers can’t read the data because of E2EE. The marketing usually allows or encourages this misunderstanding.
If they claim E2EE though, the interface between the user and the service (the ring or at worst the app) should mandate the encryption and the data should be decrypted only at the other end on Oura’s servers. If at any point in between these 2 ends the data is decrypted then it’s not E2EE.
Target infamously was inferring when teenage girls were pregnant before their parents knew based on reward card data records of single merchant retail purchases.... in 2002.
Tech companies when they speak to VCs: look at all the creepy things we can infer with ooodles of aggregated data and AI to maximize targeted ad revenue, we're worth 50x what an equivalent non-tech company in our sector is valued, because of all the things we can do with all that data from all those people together
Tech companies when they speak to their customers: oh you're so silly to even ask about privacy, what possible utility could there be in that single isolated variable?
Buys your heart rate and blood oxygen data from Oura. Collects your iris data from Eyez. Purchases your fitness data from Borg. Sees your purchasing patterns through Krump. Knows everything you've said online through Gwimp. Gets your sequenced DNA from FamaTree. Tracks your location data from, well, nearly every app in existance.
What could they possibly do from this single variable???
Ordering a taxi after running outside of US? Probably missed some mass transport. Raise the price boys... like good old Uber back in the day based on iphone battery level. Really the possibilities are endless if you're evil.
Bad health? Raise the insurance premiums? Or anything more evil I can't think of.
Most likely biometric data on crime suspects to correlate with other forensic data. Obtaining this data on a case by case basis is expensive so it is most likely to be used in high stakes cases like murders or bank robberies where police and prosecutors need to show a win.
For example, A is known to have been an associate of B. B died violently at a certain time and date. Phone data put both of them in the same general area around that time. A seems evasive and won't talk. But A's biometric data reveals intense physical activity around the time of B's death...
Other suggestions in this thread like algorithmically making things worse for people in general are predicated on continual availability for a whole deanonymized population.
No one seems to care anymore, but a big issue that people were concerned about in the 2000s was the switch from 'I know more about me than the blob (corps, gov, etc) does' to, 'I need the blob to remind me where the hell I was that day'. Heart rate and blood oxygen data are hard to exploit data points but not impossible(1), but facing an accusation from someone who knows more about your movements than you do is an uncomfortable scenario. Of course right now, if you're facing an acusation of this type, odds are it's legitimate, or if not, defenseable, but that was the case 15 years ago in Türkiye, but isn't now. Things change.
(Note 1:"Dr. Bootlicker, the defendant wants the court to believe that she calmly placed herself between the agent and the minor he was trying to apprehend, and asserts that the agent's claim, that the defendant's actions constitute assault, is, in her words, 'ridiculous'. But am I correct in understanding that you view minutes 8 and 9 of the biometric data submitted to the court as characteristic of significant physical exertion that might be similar to that undergone by an assailant while commiting an assault?")
They'll know when and how often you're awake or sleep (including how well you slept), sick, fucking, drunk or high, anxious or upset, relaxed, shitting, menstruating, medicated, etc. Combined with other data and tracked over time there is a shocking amount of intimate information you can get from just those two things which is why companies like Oura and Fitbit are so eager to get their hands on it.
What will the government even do with my heart rate and blood oxygen data?
It's not in isolation. It's in aggregation. So you end up with
"Mr. Smith's heart rate goes off the charts for six minutes every time his phone visits this apartment building in the middle of the night and is within radio range of Ms. Jones' phone."
All this said I'm more concerned about Automatic Content Recognition (ACR) on smartTV you buy in the store and never even realize it's phoning home with everything you watch...
It's been over a decade since the Snowden revelations. We know full well that the large tech companies collect massive amounts of your personal data and secretly share it all with the US government. Not requests, not occasionally, not some - everything. And there are even formal mechanisms for this, like National Security Letters, which essentially guarantee silence.
So, why are we seeing articles like this, which raise suspcision that maybe a wearable smart-device company _might_ be sharing _some_ data, _sometimes_? Or expectations of voluntary transparency?
Yes, the government spies on you. Not because you're important, but because they spy on everybody. It's cheap, convenient and has no negative political consequences (so far).
What in god's name possesses someone to buy (and pay a subscription for) a device that gathers and sells their health data in exchange for a placebo dashboard of numbers...
What in god's name possesses someone to buy (and pay a subscription for) a device that gathers and sells their health data in exchange for a placebo dashboard of numbers...
I considered an Oura but went with an Apple watch instead. I turned on Advanced Data Protection on the paired iPhone for peace of mind. No other large data providers really provide anything equivalent to ADP’s E2EE protection with zero access encryption, especially in the consumer space for activity trackers.
I was stuck between the two, Oura won for its better sleep tracking and battery life.
I suppose one option would be to enable data syncing to Apple Health, and periodically delete/create new Oura accounts to purge historical health data. Not a great workflow, but would let you benefit from E2EE with Apple Health while using Oura (assuming Oura’s “delete account and all data” does what it claims)
This is why although I don't love my Apple Watch, I'm not using anything else. It's very sensitive data and Apple is the only company worth trusting with it. They're not perfect but compared to others there's no competition.
Apple has a great PR (propaganda) department that has convinced many people they respect your privacy. In truth, they do not. They're "better" than Google, but only slightly. And only so slightly that realistically it doesn't matter.
"Apple is taking the unprecedented step of removing its highest level data security tool from customers in the UK, after the government demanded access to user data."
A great example is Apple's new in-house cellular modem design, which gives you the option to stop reporting your exact location to your cellular provider.
The best way to prevent the Feds from getting access to customer data is to not collect it in the first place.
Google's Health Connect system doesn't share this data either (without a consent prompt for third party apps, off course). This is to the point where I wish it would just support some kind of sync, because two devices hooked up to the same accounts need a third party app to transfer the health info.
Apple is subject to the same laws Oura is. The competition is too.
Yeah there's no one I'd trust with my personal data except Apple. Their track record of refusing to bow down to the feds has been golden. 24 carat infact.
From what I understand, they can get call records and subscription info w/ administrative subpoenas, but this is the first I've heard of them being able to get location data without a warrant.
Assuming you meant directly from the telcos and not from the data broker loopholes - in which case pretty much anyone should be able to do that. Emails and texts they still need a warrant for.
Great, so they can further extrapolate what exact locations you get nervous / are more relaxed / walk more quickly… the understated problem with PII isn’t about any single data point, it’s about combining data to make probable inferences.
The ring doesn't have gps but its app requires location permission so it gets it from your phone. It continually asks me to turn on background sync, which would presumably upload my location regularly as well. I decline and only allow location when the app is open to sync.
If your concern is that the government may access the data, whether it's covered by HIPAA or not is irrelevant, because HIPAA allows government access. Though yes, it would still be better than non-HIPAA in general.
I will once again proselytize for the new pebble time 2 (I am quite a fan of it). Open source and comes with standard sensors for health monitoring (6 axis imu, heart rate monitor, SpO2). Health data can be kept and analyzed on your phone and there are various apps that can do so. Suffice to say there are “surveillance-free” options out there, and if you’re not satisfied with current app options it is easy to hack your own together
> the once-responsive Oura has not yet replied to any of my inquiries, or committed to releasing the numbers
Illinois has a tight biometric-privacy law [1]. I’d bet Oura isn’t particularly careful about prohibiting e.g. a Texas police department querying the protected information of Illinois residents.
[1] https://en.wikipedia.org/wiki/Biometric_Information_Privacy_...
Why would they be careful, given that the chances of any serious consequences for ignoring such provisions are effectively zero?
"In my previous blog, I revealed that Oura data is not end-to-end encrypted. That means that an Oura user's health data can be unscrambled at certain points as it travels from a person's ring, through their phone app, over the internet, and as it lands on Oura's servers."
Very strange -- it seems to be conflating end-to-end encryption with encryption-in-transit.
My understanding is that E2E encryption implies encryption in transit. The message is encrypted at the source and only decrypted at the destination, so it is encrypted everywhere in between.
I don't see the conflation? The author makes it clear that the data is not E2EE. It does sound like it's encrypted in transit (this is table stakes for the past 20 years or so). I think that saying that the data gets "unscrambled at certain points as it travels" is a perfectly reasonable way to explain the practical difference between the two approaches to a nontechnical reader.
It also doesn't sound like its encrypted at rest. Perhaps each in-transit is held to be a unique e2e IP exchange?
You are conflating end-to-end encryption with encryption at rest.
Not very strange but E2EE is thrown around a lot and everyone interprets it differently. And in some cases the expectations are unrealistic.
Take a messenger app using a server as middleman. E2EE means only the 2 users get to see the content, not the middleman company server. For Oura there’s only a user and the company server and a lot of people assume Oura can’t read the data, like the Signal or WhatsApp servers can’t read the data because of E2EE. The marketing usually allows or encourages this misunderstanding.
If they claim E2EE though, the interface between the user and the service (the ring or at worst the app) should mandate the encryption and the data should be decrypted only at the other end on Oura’s servers. If at any point in between these 2 ends the data is decrypted then it’s not E2EE.
Is it from the evil govs of China or Russia? Oh, no...
guy who pays $6/month to be monitored by the f3ds
Judging by ads for cell phone service, most people pay more than that per month to be monitored by the Feds.
I like paying $100/month to be monitored by the f3ds to Claude or Open(Closed)AI, or in some cases Max Premium subscriptions of $200/month.
But oh don't worry, since they are selling the tokens at a loss, this data sale doesn't matter.
My non-training data should be such that I pay them to extract it from me.
What will the government even do with my heart rate and blood oxygen data?
"Mr Smith has been running again, we better bring him in for questioning!"
Edit: to be clear, the government is requesting the data, so clearly they're doing something with it... But what? I don't see it!
Target infamously was inferring when teenage girls were pregnant before their parents knew based on reward card data records of single merchant retail purchases.... in 2002.
Tech companies when they speak to VCs: look at all the creepy things we can infer with ooodles of aggregated data and AI to maximize targeted ad revenue, we're worth 50x what an equivalent non-tech company in our sector is valued, because of all the things we can do with all that data from all those people together
Tech companies when they speak to their customers: oh you're so silly to even ask about privacy, what possible utility could there be in that single isolated variable?
Buys your heart rate and blood oxygen data from Oura. Collects your iris data from Eyez. Purchases your fitness data from Borg. Sees your purchasing patterns through Krump. Knows everything you've said online through Gwimp. Gets your sequenced DNA from FamaTree. Tracks your location data from, well, nearly every app in existance.
What could they possibly do from this single variable???
Also if you're a woman biological signals can be used to know when you are on your cycle and thus missed it.
Ordering a taxi after running outside of US? Probably missed some mass transport. Raise the price boys... like good old Uber back in the day based on iphone battery level. Really the possibilities are endless if you're evil.
Bad health? Raise the insurance premiums? Or anything more evil I can't think of.
edit: grammar
Most likely biometric data on crime suspects to correlate with other forensic data. Obtaining this data on a case by case basis is expensive so it is most likely to be used in high stakes cases like murders or bank robberies where police and prosecutors need to show a win.
For example, A is known to have been an associate of B. B died violently at a certain time and date. Phone data put both of them in the same general area around that time. A seems evasive and won't talk. But A's biometric data reveals intense physical activity around the time of B's death...
Other suggestions in this thread like algorithmically making things worse for people in general are predicated on continual availability for a whole deanonymized population.
I’ve seen stories where fitness trackers were used to tie someone to a murder.
https://en.wikipedia.org/wiki/Murder_of_Connie_Dabate
He was running at the same time our cops were chasing people. Bring him in.
No one seems to care anymore, but a big issue that people were concerned about in the 2000s was the switch from 'I know more about me than the blob (corps, gov, etc) does' to, 'I need the blob to remind me where the hell I was that day'. Heart rate and blood oxygen data are hard to exploit data points but not impossible(1), but facing an accusation from someone who knows more about your movements than you do is an uncomfortable scenario. Of course right now, if you're facing an acusation of this type, odds are it's legitimate, or if not, defenseable, but that was the case 15 years ago in Türkiye, but isn't now. Things change.
(Note 1:"Dr. Bootlicker, the defendant wants the court to believe that she calmly placed herself between the agent and the minor he was trying to apprehend, and asserts that the agent's claim, that the defendant's actions constitute assault, is, in her words, 'ridiculous'. But am I correct in understanding that you view minutes 8 and 9 of the biometric data submitted to the court as characteristic of significant physical exertion that might be similar to that undergone by an assailant while commiting an assault?")
They'll know when and how often you're awake or sleep (including how well you slept), sick, fucking, drunk or high, anxious or upset, relaxed, shitting, menstruating, medicated, etc. Combined with other data and tracked over time there is a shocking amount of intimate information you can get from just those two things which is why companies like Oura and Fitbit are so eager to get their hands on it.
They used iPhone pick up and orientation data to build a narrative in the trial of Alex Murdaugh, so I imagine something similar.
What will the government even do with my heart rate and blood oxygen data?
It's not in isolation. It's in aggregation. So you end up with
"Mr. Smith's heart rate goes off the charts for six minutes every time his phone visits this apartment building in the middle of the night and is within radio range of Ms. Jones' phone."
Location and time
You're on Hacker News, think like a hacker - in both meanings of the term - for what could possibly go wrong.
All this said I'm more concerned about Automatic Content Recognition (ACR) on smartTV you buy in the store and never even realize it's phoning home with everything you watch...
> I'm more concerned about Automatic Content Recognition (ACR) on smartTV
You’re more concerned about privacy when it comes to TV viewing than medical data? What a strange hijacking of a serious thread…
If you're concerned about that do not give internet to your tv and use any kind of tv box instead (shield tv, apple tv, etc).
It's been over a decade since the Snowden revelations. We know full well that the large tech companies collect massive amounts of your personal data and secretly share it all with the US government. Not requests, not occasionally, not some - everything. And there are even formal mechanisms for this, like National Security Letters, which essentially guarantee silence.
So, why are we seeing articles like this, which raise suspcision that maybe a wearable smart-device company _might_ be sharing _some_ data, _sometimes_? Or expectations of voluntary transparency?
Yes, the government spies on you. Not because you're important, but because they spy on everybody. It's cheap, convenient and has no negative political consequences (so far).
References:
* https://en.wikipedia.org/wiki/National_security_letter
* https://www.pcmag.com/news/the-10-most-disturbing-snowden-re...
What in god's name possesses someone to buy (and pay a subscription for) a device that gathers and sells their health data in exchange for a placebo dashboard of numbers...
What in god's name possesses someone to buy (and pay a subscription for) a device that gathers and sells their health data in exchange for a placebo dashboard of numbers...
Social media, mostly.
Why is it even necessary to save this data in the cloud?
I considered an Oura but went with an Apple watch instead. I turned on Advanced Data Protection on the paired iPhone for peace of mind. No other large data providers really provide anything equivalent to ADP’s E2EE protection with zero access encryption, especially in the consumer space for activity trackers.
I was stuck between the two, Oura won for its better sleep tracking and battery life.
I suppose one option would be to enable data syncing to Apple Health, and periodically delete/create new Oura accounts to purge historical health data. Not a great workflow, but would let you benefit from E2EE with Apple Health while using Oura (assuming Oura’s “delete account and all data” does what it claims)
Garmin can be used completely offline?
AFAIK, they even have some watches with no radio hardware so that they can be used in sensible environments.
This is why although I don't love my Apple Watch, I'm not using anything else. It's very sensitive data and Apple is the only company worth trusting with it. They're not perfect but compared to others there's no competition.
You may want to reevaluate.
Apple has a great PR (propaganda) department that has convinced many people they respect your privacy. In truth, they do not. They're "better" than Google, but only slightly. And only so slightly that realistically it doesn't matter.
"Apple is taking the unprecedented step of removing its highest level data security tool from customers in the UK, after the government demanded access to user data."
https://www.bbc.com/news/articles/cgj54eq4vejo
It happened in the UK; it will not be long before it happens in the US.
--
Also, USA: https://www.bbc.com/news/technology-36084244
--
Also, France, Germany, Australia, Brazil, Japan: https://www.apple.com/legal/transparency/pdf/requests-2024-H...
--
Also, Russia: https://www.bloomberg.com/news/articles/2019-02-04/apple-fil...
--
Also, China: https://www.article19.org/resources/apple-cares-about-digita...
--
Also in general: https://proton.me/blog/iphone-privacy
A great example is Apple's new in-house cellular modem design, which gives you the option to stop reporting your exact location to your cellular provider.
The best way to prevent the Feds from getting access to customer data is to not collect it in the first place.
Google's Health Connect system doesn't share this data either (without a consent prompt for third party apps, off course). This is to the point where I wish it would just support some kind of sync, because two devices hooked up to the same accounts need a third party app to transfer the health info.
Apple is subject to the same laws Oura is. The competition is too.
Apple might be pretty good now. There's no assurance they always will be.
Yeah there's no one I'd trust with my personal data except Apple. Their track record of refusing to bow down to the feds has been golden. 24 carat infact.
I don't trust them.
https://www.mintpressnews.com/apple-israel-unit-8200-hiring/...
IPOing soon at $11B btw
Oh! The Audacity!
We can not trust any government here.
Another reason to add to my list to justify not wearing my Apple watch and moved to a mechanical watch.
Oura doesn't even have GPS does it?
Government can already get ALL your celltower locations without a warrant
AND read all your emails and text messages that are over 6 months old, without a warrant
In a society where women are being prosecuted for medical procedures, menstrual data becomes very risky to have handed over.
From what I understand, they can get call records and subscription info w/ administrative subpoenas, but this is the first I've heard of them being able to get location data without a warrant.
Assuming you meant directly from the telcos and not from the data broker loopholes - in which case pretty much anyone should be able to do that. Emails and texts they still need a warrant for.
Great, so they can further extrapolate what exact locations you get nervous / are more relaxed / walk more quickly… the understated problem with PII isn’t about any single data point, it’s about combining data to make probable inferences.
The ring doesn't have gps but its app requires location permission so it gets it from your phone. It continually asks me to turn on background sync, which would presumably upload my location regularly as well. I decline and only allow location when the app is open to sync.
OURA is a joke. My GF bought two for us and after a week I made her return them due to non stop dark patterns coming out of that company.
Everything about that company is disgusting.
Such a shame, too. I was eager to learn more about my health.
Can you elaborate?
I was definitely interested in some sort of comprehensive sensor bundle for my healthcare.
But every one of these devices demands some Android/Apple app, and shipping all my health data to basically non-HIPAA data brokers.
Id be all over a local-only no-data-exfiltration health tracker. But the companies do NOT want to provide that.
I, uh, guess, "go surveillance capitalism", for more choices?
If your concern is that the government may access the data, whether it's covered by HIPAA or not is irrelevant, because HIPAA allows government access. Though yes, it would still be better than non-HIPAA in general.
I will once again proselytize for the new pebble time 2 (I am quite a fan of it). Open source and comes with standard sensors for health monitoring (6 axis imu, heart rate monitor, SpO2). Health data can be kept and analyzed on your phone and there are various apps that can do so. Suffice to say there are “surveillance-free” options out there, and if you’re not satisfied with current app options it is easy to hack your own together
Many times GadgetBridge* can be used instead of the official app
*https://codeberg.org/Freeyourgadget/Gadgetbridge
HIPAA is completely irrelevant to any of this. Ours is technically HIPAA complaint because the data they process is not subject to HIPAA.
In overly simple terms, if insurance is not involved, then it’s not subject to HIPAA.
I am using Withings in combination Tredict. Both GDPR-compliant.