Vienna-based Noyb (None Of Your Business), the digital rights
group founded by privacy activist Max Schrems, has already filed
hundreds of complaints against big tech companies ranging from
Alphabet Inc's Google to Meta over privacy violations, some
leading to big fines.
Fitbit forces its users to consent to data transfers outside the
EU and does not provide the possibility to withdraw their
consent, violating GDPR's requirements, Noyb said.
Fitbit sells watches that track activity, heart rate and sleep.
It also offers a subscription service starting at $9.99 a month.
"Given that the company collects the most sensitive health data,
it's astonishing that it doesn't even try to explain its use of
such data, as required by law," said Bernardo Armentano, data
protection lawyer at Noyb.
Fines for violating GDPR rules can reach up to 4% of a firm's
global annual revenue. Google's annual revenue was $280 billion
in 2022.
The advocacy group wants Fitbit to be forced to share all
mandatory information about the data transfers with its users
and allow them to use its app without having to consent to the
transfers.
While GDPR allows every person to withdraw their consent,
Fitbit's privacy policy states that the only way to withdraw
consent is to delete an account, which means losing their
previously tracked workouts and health data, Noyb said.
(Reporting by Supantha Mukherjee in Stockholm; Editing by
Kirsten Donovan)
[© 2023 Thomson Reuters. All rights
reserved.] Copyright 2022 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
|
|