alt Hacker NewsOura says it gets government demands for user data
Comments
"In my previous blog, I revealed that Oura data is not end-to-end encrypted. That means that an Oura user's health data can be unscrambled at certain points as it travels from a person's ring, through their phone app, over the internet, and as it lands on Oura's servers."
Very strange -- it seems to be conflating end-to-end encryption with encryption-in-transit.
Is it from the evil govs of China or Russia? Oh, no...
What will the government even do with my heart rate and blood oxygen data?
"Mr Smith has been running again, we better bring him in for questioning!"
Edit: to be clear, the government is requesting the data, so clearly they're doing something with it... But what? I don't see it!
All this said I'm more concerned about Automatic Content Recognition (ACR) on smartTV you buy in the store and never even realize it's phoning home with everything you watch...
It's been over a decade since the Snowden revelations. We know full well that the large tech companies collect massive amounts of your personal data and secretly share it all with the US government. Not requests, not occasionally, not some - everything. And there are even formal mechanisms for this, like National Security Letters, which essentially guarantee silence.
So, why are we seeing articles like this, which raise suspcision that maybe a wearable smart-device company _might_ be sharing _some_ data, _sometimes_? Or expectations of voluntary transparency?
Yes, the government spies on you. Not because you're important, but because they spy on everybody. It's cheap, convenient and has no negative political consequences (so far).
References:
* https://en.wikipedia.org/wiki/National_security_letter
* https://www.pcmag.com/news/the-10-most-disturbing-snowden-re...
What in god's name possesses someone to buy (and pay a subscription for) a device that gathers and sells their health data in exchange for a placebo dashboard of numbers...
Why is it even necessary to save this data in the cloud?
I considered an Oura but went with an Apple watch instead. I turned on Advanced Data Protection on the paired iPhone for peace of mind. No other large data providers really provide anything equivalent to ADP’s E2EE protection with zero access encryption, especially in the consumer space for activity trackers.
This is why although I don't love my Apple Watch, I'm not using anything else. It's very sensitive data and Apple is the only company worth trusting with it. They're not perfect but compared to others there's no competition.
IPOing soon at $11B btw
Oh! The Audacity!
We can not trust any government here.
Another reason to add to my list to justify not wearing my Apple watch and moved to a mechanical watch.
Oura doesn't even have GPS does it?
Government can already get ALL your celltower locations without a warrant
AND read all your emails and text messages that are over 6 months old, without a warrant
OURA is a joke. My GF bought two for us and after a week I made her return them due to non stop dark patterns coming out of that company.
Everything about that company is disgusting.
Such a shame, too. I was eager to learn more about my health.
I was definitely interested in some sort of comprehensive sensor bundle for my healthcare.
But every one of these devices demands some Android/Apple app, and shipping all my health data to basically non-HIPAA data brokers.
Id be all over a local-only no-data-exfiltration health tracker. But the companies do NOT want to provide that.
I, uh, guess, "go surveillance capitalism", for more choices?
> the once-responsive Oura has not yet replied to any of my inquiries, or committed to releasing the numbers
Illinois has a tight biometric-privacy law [1]. I’d bet Oura isn’t particularly careful about prohibiting e.g. a Texas police department querying the protected information of Illinois residents.
[1] https://en.wikipedia.org/wiki/Biometric_Information_Privacy_...