Oura Ring: The privacy-protecting fitness tracker

‘Tis the season, everyone! As the year wraps up, many of us are likely thinking about New Year’s resolutions. And what’s on the top of everyone’s list, basically every year? Fitness! Yeah, I know, I know; this is the year you’re really going to commit to a workout routine. Well, while you’re psyching yourself up to meet that commitment, might I suggest investing in an Oura Ring to help?

When my partner got an Oura — which is a fitness tracker that looks like a very chunky wedding band — I teased him and called him a cyborg. And, to be fair, this was the third fitness tracker he’d added to his body in under a year’s time. (What can I say? He likes gadgets.)

But as my Fitbit started to wear out — and we started going out again, post-vaccination — the simple design of the Oura became more appealing. You can’t tell it’s a fitness tracker by glancing at it, making it easier to wear when I’m dressed up. I considered an Apple Watch, which also has a nice design, but I didn’t want all of the bells and whistles. So I decided to give Oura a try. 

What does Oura track?

Unlike other fitness trackers, the Oura’s main focus is on my “readiness,” which they determine by combining information about my heart rate, body temperature, activity information, and sleep data. It’s not as good as the Fitbit at automatically detecting and inputting workouts but, as my partner points out, none of these tools are exactly perfect when it comes to that. It gives a “Readiness Score” every day and recommends an activity level based on their composite. 

Kind of cool, right? It’s not about calorie tracking (although there is a calorie tracker) or food logging or calories burned. I might be getting a little bit California-woo-woo, but it seems like a more holistic approach to fitness tracking.

In simpler terms, though, the Oura tracks:

  • Sleep duration
  • Sleep phases (deep, light, REM, awake)
  • Activity levels throughout the day
  • Body mass index (calculated based on height and weight)
  • Gender
  • Birth date and year
  • Height and weight
  • Activities
  • Notes and tags
  • Heart rate
  • Movement data
  • Temperature data

And on a technical level, it tracks:

  • IP address and high-level location
  • User ID (randomly generated)
  • Metadata regarding app use
  • Email address

What does Oura do with my data?

The primary thing Oura does with my data is give it back to me. I’m still pretty new to this device, but so far it feels like a less intrusive, potentially less obsession-inducing fitness tracker than the Fitbit. It also doesn’t integrate to many other services, which was annoying at first but now feels kind of like a blessing. Remember: the more third party services you connect to any device or tracker, the more your data is spread out, the more likely it is to be compromised or used to serve you ads. 

The Privacy Policy does say that they “may aggregate and anonymize data collected via the app” and they “may use this type of anonymous data for analytics, statistics, research, communications and PR purposes as well as for trend detection and for benchmark data.” In other words: They might use my data to help their company run better. Which, TBH, is totally fine with me. 

The only mention of using data for advertising is that they might “show or send you advertisements within the app or by using push notifications,” with permission. They also say they “will never use your health-related data for advertising without your explicit consent.”

And if I were in the EU — which, I’d note, Oura is (they’re a Finnish company) — I would be covered by the GDPR and would have the rights given under that law, including the rights to access, withdraw, correct, erase, object to, and restrict the processing of my data. Oura also wants EU users to know that they primarily transfer personal data within the European Economic Area, but might sometimes transfer outside the EU.

Is Oura worth it? Are the privacy tradeoffs justified?

I’m going to come out with a strong yes on this one! As far as I can see, Oura collects the data it needs to give me the service I paid for. It doesn’t work with third-party advertisers; its Privacy Policy is clear and written in plain English; and the company is based in the EU, which means they’re likely to be more aware of privacy law than an American company. 

Plus, it’s not ugly. Which, let’s be real, seals the deal for this one.

*** This is a Security Bloggers Network syndicated blog from EN authored by Avast Blog. Read the original post at: