Privacy of Fitness Applications and Consent Management in Blockchain

Abstract: The rapid advances in fitness wearable devices are redefining privacy around interactions. Fitness wearables devices record a considerable amount of sensitive and private details about exercise, blood oxygen level, and heart rate. Privacy concerns have emerged about the interactions between an individual's raw fitness data and data analysis by the providers of fitness apps and wearable devices. This paper describes the importance of adopting and applying legal frameworks within the fitness tracker ecosystem. In this review, we describe the studies on the current privacy policies of fitness app providers, heuristically evaluate the methods for consent management by fitness providers, summarize the gaps identified in our review of these studies, and discuss potential solutions for filling the gaps identified. We have identified four main problems related to preserving the privacy of users of fitness apps: lack of system transparency, lack of privacy policy legibility, concerns regarding one-time consent, and issues of noncompliance regarding consent management. After discussing feasible solutions, we conclude by describing how blockchain is suitable for solving these privacy issues.