Google’s $2.1bn Fitbit purchase raises cybersecurity anxiety levels

Reports earlier this month that Google was to buy Fitbit for $2.1bn prompted worried looks by industry observers over the safety of users’ confidential information stored in Fitbit devices and apps.

Fitbit has been a leader in the wearable fitness tracker industry since its inception, although it has encountered hiccups along the way.

When the company was founded in 2007, it was among the first to ‘gameify’ personal health and fitness; its early devices were simple step counters that offered achievement levels, enough to encourage users to improve their health by reaching activity milestones. As they were among the first to enter the industry, they established a strong brand presence and remained a leader in the growing wearable device market for years, bolstered by a society that grew increasingly connected to technology and committed to tracking its personal health information.

Fitbit suffered a major setback, though, with the development and release of Smartwatches — devices with more data tracking power and app connectivity than the Fitbit device.

In the past two years, Fitbit has fought back, including through the development of its Smartwatch offering, but it faced stiff competition from the Apple Watch and others. Fitbit reported revenue of $1.51bn for the fiscal year ended December 2018, a decrease of 6.4% over full-year 2017.

Google is not new to the wearable device market in healthcare. One of their major offerings is the Google Glass, VR-driven smart glasses that have been widely adopted in hospital and surgical teaching scenarios. Google’s cloud-driven services, including the Google Cloud for Healthcare and the Google Assistant, are used in a variety of healthcare applications including smartwatches, hearable devices and more.

In 2018, Google and Fitbit entered into a partnership to use Google’s Cloud for Healthcare API to connect user data from Fitbit devices with electronic medical records, allowing patients and physicians to make more personalised healthcare decisions. Google’s acquisition of Fitbit indicated a clear intention to continue in this space.

In 2018, the wearable tech market was worth nearly $23bn and it is predicted to grow at a compound annual growth rate of 19% to $54bn by 2023.

Beyond eyeing this gigantic market size, Fitbit users are concerned that Google may also have its eye on another uniquely valuable element of the market: user data.

Fitbit’s privacy policies, at least in Europe, underwent a recent redesign to abide by the new European General Data Protection Regulation (GDPR) framework, which was put in place to protect patient data security.

Operational conditions are more relaxed in the US compared to the EU, though, as the US Food and Drug Administration generally views wearable devices as presenting a low risk to users’ health and safety.

In the past, Google has been under fire for apparent breaches of security and trust regarding user data. As recently as 12 November 2019, an anonymous whistleblower reported that the personal medical history data of up to 50 million Americans were being secretly transferred to Google from a large healthcare provider. If true, this would be a breach of regulations put in place by the US Health Insurance Portability and Accountability Act (HIPAA).

Regarding its acquisition of Fitbit, Google has stated that it does not plan to sell the personal health information it will gain in the purchase. However, given Google’s history in this arena, it’s not surprising that Fitbit users may be concerned about what it means. Extra precautionary steps towards cybersecurity taken by Google will go a long way in establishing trust among users while retaining a strong market presence in the wearables space.

For more insight and data, visit the GlobalData Report Store.