Skip to Content

Privacy & Data

CDT and Fitbit Report on Best Privacy Practices for R&D in the Wearables Industry

Wearable sensor technology has the potential to transform health care and our understanding of our own bodies and habits. The investigation and testing of these sensors in the commercial sector offer an unprecedented opportunity to leverage biometric data, both to improve individual health through the development of better products and to advance the public good through research. However, research with wearable sensor data must be done in a manner that is respectful of ethical considerations and consumer privacy. Not only will the processes that govern this research define the potential public good derived from wearables, they will encourage user trust in wearables and promote participation. Therefore, the research and development (R&D) teams at these companies are not just engines of innovation, but also have the potential to be an important part of our social infrastructure.

R&D teams in wearable technology can and should also be laboratories of privacy and ethical research best practices. Some companies, such as Fitbit, leverage the talent and expertise on their teams to embed privacy into their technology. Through collaboration with Fitbit, the Center for Democracy & Technology (CDT) examined the procedures and practices within internal R&D teams that result in positive experiences for users, while improving the analytics and hardware behind the technology. Through interviews, surveys, and other research, CDT gained insight into industry-wide trends and best practices.

This paper provides practical guidance on privacy-protective and ethical internal research procedures at wearable technology companies. CDT and Fitbit’s joint recommendations are based on CDT’s analysis of Fitbit’s internal research and development process, combined with Fitbit’s input on practical industry considerations. This rare glimpse into internal R&D in a fast-paced and privacy-sensitive wearable technology company, combined with an expert privacy advocacy analysis, sets benchmarks for internal procedures and policies across the industry.

Key takeaways:

  • Internal research and development offers a unique window into data practices and policies at companies, such as insight into how data is categorized in projects, the way teams are structured, and the privacy and security methods that are deployed. Internal R&D also offers a flexible environment for piloting privacy-protective and ethical data policies and practices.
  • Building a culture of privacy, security, and ethics involves embedding practices and policies that place value on individual dignity and corporate data stewardship, and also prioritizes contributions to the social good.
  • Technology companies are managing several dimensions of trust through internal research and development – the company and its users, the integrity of internal policies and practices for employees, and the relationship between the company and society. Successfully navigating this trust through practical measures must be at the core of any policy or practice recommendation.
  • Research departments at wearable companies face ongoing ethical questions related to the data they process. Policies and procedures around the uses of internal data, such as employee information, should be developed first.