Privacy of Fitness Applications and Consent Management in Blockchain

TL;DR

This paper reviews privacy challenges in fitness apps, highlighting issues like transparency and consent, and proposes blockchain as a solution to enhance user privacy and consent management.

Contribution

It provides a comprehensive review of current privacy policies, identifies key gaps, and discusses how blockchain can address privacy and consent management issues in fitness applications.

Findings

Identified lack of transparency and privacy policy clarity in fitness apps

Highlighted issues with one-time consent and noncompliance

Proposed blockchain as a viable solution for privacy management

Abstract

The rapid advances in fitness wearable devices are redefining privacy around interactions. Fitness wearables devices record a considerable amount of sensitive and private details about exercise, blood oxygen level, and heart rate. Privacy concerns have emerged about the interactions between an individual's raw fitness data and data analysis by the providers of fitness apps and wearable devices. This paper describes the importance of adopting and applying legal frameworks within the fitness tracker ecosystem. In this review, we describe the studies on the current privacy policies of fitness app providers, heuristically evaluate the methods for consent management by fitness providers, summarize the gaps identified in our review of these studies, and discuss potential solutions for filling the gaps identified. We have identified four main problems related to preserving the privacy of users of fitness apps: lack of system transparency, lack of privacy policy legibility, concerns regarding one-time consent, and issues of noncompliance regarding consent management. After discussing feasible solutions, we conclude by describing how blockchain is suitable for solving these privacy issues.