Wearable devices are all the rage, from smart watches to fitness trackers to portable music system they're invading our life. Sometimes they're even sewn into our clothes.
But security firm Context Information Security recently released research that suggests gadgets that use Bluetooth Low Energy (BLE) — the default standard for most wearables — can be tracked, and can lead to severe security and privacy risks.
The report outlines the increasing use of beacon technology, which uses wireless signals to serve up location-dependent content. Major League Baseball and Apple are particularly advanced in the way they use beacons, as are many retailers.
Yet Bluetooth Low Energy has beacon technology built into the spec which means that any device that uses BLE is broadcasting location data and an identifying tag.
These tags range from just a number to semi-random data like “Jawbone3244-101.” or even an ID like “Mike's Fitbit.”
As you wander around with your favorite wearable it broadcasting this ID and increasingly lots of people are listening. There's even companies, like RetailNext, Accenture and Tableau, that specialize in collecting as much of this data as possible.
While the discoverability of devices can be a social and business good, such as an improved shopping experience with only the products you like or walking into a party and being able to tell who in the crowd is a LinkedIn or Facebook contact and where in the room they are, there are broad privacy concerns, especially with who is tracking what, exactly, and how to opt out if you don't wish to be tracked.
So keep in mind that if you're wearing an activity tracker, it’s not just activity that it’s tracking. It's you, too.