“Sensitive but Essential Information”: Policy Debates on Fitness Application Privacy and Data Security

Introduction

With the growth of fitness trackers, or fitness applications for mobile media, many actors involved in the development, use and regulation of these devices expressed increased attention to the privacy and control of data gathered through these platforms. Devices such as Fitbit and Apple Watch and applications such as Strava and PolarFlow provide users with customizable data warehouses to track daily information such as physical exercise, dietary intake, and vital signs. While this data provides users with insights into their own activity, members of the public, advocacy groups, and even government regulators and politicians voiced criticism of privacy implications and risks. In a September 2018 testimony before the Senate Commerce, Science and Transportation Committee, Senior Vice President of AT&T Len Cali reflected that fitness trackers collect “sensitive but essential information” and “now there appears to be a growing need for a new and comprehensive federal privacy law” (Cali, 2018, 06:26).

This chapter explores how government representatives, industry leaders, regulators and politicians discursively constructed and critiqued data privacy in fitness applications in Congressional contexts. Since 2012, there were 341 mentions of “fitness applications” (or “apps”) and “data privacy” in Congressional hearings, testimonies, and House sessions. These mentions are critical points of inquiry for researchers grappling with the ethics of regulation in data privacy. Mentions are archived through C-SPAN, which documents all Congressional activity (Browning & Browning, 2013). This analysis provides deeper understanding of the various perspectives on data privacy (including politicians, lobbyists, and regulators). Further, analysis of these mentions provides insight into future policies and developments in data privacy regulation.

To conduct this analysis, the 341 videos and corresponding transcripts are analyzed using a discursive approach. Using Gee’s (2011) methodology, the analysis provides a set of discourses that exhaustively captures the characterization of data privacy in fitness applications by individuals who are charged with regulating it. Findings indicate the following discourses: (1) fitness trackers as indicative of larger data collection issues, (2) weighing the pros and cons, (3) military implications for fitness application data security, (4) consumers as responsible for their own data privacy, (5) organizations failing to keep pace with cyber security threats, and (6) the misuse of data collected in fitness applications for promotion/strategic communication uses. This chapter provides quotes and examples from the dataset to highlight discursive patterns and insights.

This study provides a comprehensive overview of the policy debates surrounding data privacy on fitness applications in Congress. This analysis holds three foci: (1) describe various regulatory perspectives on fitness applications and data privacy, (2) describe changes and the evolution of discourses from 2012-2019, and (3) reflect on the ethical arguments presented in Congressional debates and discussions. This chapter holds findings for those studying data privacy, the relationship of policy and ethics, and changes to policy debates over time.