Securing wearable technology and the personal data they generate, store, and transmit is key to their successful use.

Wearable technology plays a critical role in how people communicate, take notes, and even afford health insurance. Smart devices like Fitbits and Apple Watches have broken new technological ground. The increasing use of augmented reality (AR) and virtual reality (VR) devices expands wearable technology even further. Using them in the metaverse adds to the magnitude and types of data these devices collect. Still, questions persist about the security and confidentiality of the personal information wearables receive, store, and transmit.

The Federal Trade Commission (FTC) reports potential security risks could be exploited to harm consumers by:

• Enabling unauthorized access and misuse of personal information
• Facilitating attacks on other systems
• Creating risks to personal safety

Wearable devices generate tremendous personal data, including biometrics, location, login credentials, app activity, and occasionally recorded audio. This data is often stored in cloud servers, which are already vulnerable to hacking or abuse and subject to privacy and security regulations. Investment in data privacy is crucial for wearable vendors. Device manufacturers must push regular fixes and updates to keep their technology secure. Vendors must ensure that the data collected is anonymized. Failure to protect consumers’ data from being illegally accessed threatens wearable tech vendors’ reputations, commercial success, investor confidence, and regulatory status.

Securing Wearable Technology for Businesses

Companies that provide wearables to employees should vigorously vet potential wearable providers. To start, they can determine if their application program interface (API) is open and if wearable users can revoke data access at any time. Further, savvy companies will segregate these devices on their network and not allow them to connect directly to the internet.

Manufacturing vendors often debate regulatory risks and consumer protection of wearable technologies. Nevertheless, safer devices would help expand the wearables market to cybersecurity-savvy wearers. As of mid-2023, several state attorneys general have meanwhile sent a comment letter to the Department of Human and Health Services supporting an update to the HIPAA Privacy Rule that would strengthen privacy protections of health information. At the same time, wearable technology will only be an innovation that genuinely adds value to consumers’ lives when this lack of regulations is addressed.

Consumers should do their due diligence when selecting wearables and updated them routinely. However, it is still ultimately up to manufacturers to make their devices safe. They can do this with far more success if they conduct regular privacy and security risk assessments of their devices to ensure consumer data is appropriately anonymized and secure.