Apple says your health data is encrypted so even they can't read it. But their own law enforcement guidelines show they can hand over iCloud backup data — which can include health records — to police with a court order. Most users don't enable the extra 'Advanced Data Protection' setting that actually makes this end-to-end encrypted. Apple approved 93% of government data requests. Apple says its Watch has top-tier security with advanced encryption and on-device processing. But government-grade spyware called Pegasus has already been used to break into Apple Watches without the owner even touching their device — just receiving a specially crafted iMessage was enough. More spy-grade vulnerabilities were found being exploited in 2025. If surveillance companies can break in, so might others.
What they claim: Apple Watch Series 9 contains advanced security features including the S9 SiP with Neural Engine for on-device processing and encrypted data handling.
What we found: Despite Apple's security architecture, the Apple Watch has been successfully targeted by NSO Group's Pegasus spyware via the BLASTPASS zero-click exploit chain (CVE-2023-41061 + CVE-2023-41064, both critical severity). Citizen Lab discovered this exploit could compromise fully-patched Apple Watch devices (watchOS before 9.6.2) without any user interaction via iMessage. Additional actively-exploited WebKit vulnerabilities in 2025 (CVE-2025-43529, CVE-2025-14174) demonstrate ongoing susceptibility to sophisticated surveillance attacks.
What they claim: Apple Watch companion app (built into iOS) requests access to extremely sensitive data categories: HEALTH_RECORDS, HEALTH_SHARE, HEART_RATE, BLOOD_OXYGEN, ECG, WRIST_TEMPERATURE, MENSTRUAL_CYCLE, SLEEP_ANALYSIS, FALL_DETECTION, CRASH_DETECTION, plus LOCATION_ALWAYS.
What we found: Apple's privacy policy states it processes health data on-device and doesn't sell personal data. However, the always-on location tracking (LOCATION_ALWAYS) combined with continuous health monitoring (heart rate every few minutes, wrist temperature, blood oxygen) creates an unprecedented surveillance dataset. While Apple claims not to sell this data, it flows through Apple's servers and is available to law enforcement. Third-party apps on watchOS can also request granular access to health data.
What they claim: Apple Watch Series 9 includes NFC for Apple Pay and always-on location tracking (GPS/GNSS with L1 GPS, GLONASS, Galileo, BeiDou, QZSS) plus optional cellular connectivity.
What we found: Apple's privacy policy does not specifically disclose the scope of location data retention from Apple Watch. The device tracks precise location via five satellite navigation systems (GPS, GLONASS, Galileo, BeiDou, QZSS), records exercise routes, and combines this with always-on health monitoring. Emergency SOS and crash detection features require location sharing with emergency services, and Apple's policy permits data disclosure 'for purposes of national security, law enforcement, or other issues of public importance.' The combination of health + location + payment (Apple Pay) data creates a comprehensive surveillance profile.
What they claim: Apple claims zero trackers in the Apple Watch companion system, contrasting with virtually all other smart device apps which contain multiple advertising and analytics trackers.
What we found: The Apple Watch iOS companion app (com.apple.Bridge) contains 0 third-party trackers — a genuine distinction from competitors. However, Apple's own first-party analytics (xp.apple.com, health-evidence.apple.com) serve similar functions to third-party trackers. Apple collects 'app launches, browsing history, search history, crash data, performance diagnostics' according to Mozilla's Privacy Not Included review. Apple's analytics are opt-out rather than opt-in, and most users don't know they exist.
What they claim: Apple claims health data is end-to-end encrypted and 'not readable by anyone — even Apple.' Apple's privacy page states: 'Apple does not sell your personal data.'
What we found: Apple's own law enforcement guidelines (updated October 2025) confirm Apple can provide iCloud account data, iCloud backups, device registration details, and 'other data as required by law.' Health data stored in iCloud backups (without Advanced Data Protection enabled) is accessible to Apple and thus to law enforcement with valid legal process. Apple complied with 93% of government data requests in H2 2020. In 2022, Apple admitted providing user data to hackers who forged emergency law enforcement data requests.
What they claim: Apple markets the Apple Watch as a privacy-respecting health device with end-to-end encryption protecting sensitive data including menstrual cycle tracking.
What we found: After the Supreme Court's Dobbs v. Jackson decision (2022) ended federal abortion protections, menstrual cycle tracking data became legally sensitive. Apple's encryption protections depend on users enabling specific settings (passcode, two-factor authentication, Advanced Data Protection). Without Advanced Data Protection, iCloud-synced health data including menstrual cycle logs can be accessed by Apple and provided to law enforcement with valid legal process. In states where abortion is restricted, this data could theoretically be subpoenaed.
What they claim: Apple Watch health data is protected by Apple's encryption and not accessible to third parties.
What we found: In September 2021, GetHealth — a third-party health data aggregation company — exposed 61,053,956 fitness tracker records in an unsecured, password-free database, including 17,764 Apple HealthKit records in a limited sample. Exposed data included first/last names, dates of birth, weight, height, gender, and geolocation in plain text. This demonstrates that when users share Apple Watch health data with third-party apps and services, Apple's encryption guarantees no longer apply.
What they claim: Apple privacy policy states that health data shared with Apple is protected and Apple 'does not sell your personal data.'
What we found: Mozilla Foundation's Privacy Not Included review rates Apple Watch as 'somewhat creepy' and notes Apple's track record 'needs improvement.' Mozilla flags that Apple shares data with 'service providers, partners, developers, and publishers.' Mozilla also documents that Apple gave user data to hackers who faked being law enforcement in 2022, and notes the 2021 GetHealth breach of 61 million fitness records including Apple HealthKit data. Apple's security reputation is built on marketing rather than a flawless track record.
What they claim: Apple positions itself as the privacy-first alternative for health wearables, stating it 'minimizes data collection by processing as much of your health data on your device as possible.'
What we found: The Apple Research app shares Apple Watch health data — including heart rate, activity, sleep, menstrual cycles, audio levels, and ECG readings — with third-party university and pharmaceutical researchers. Apple states 'certain third-party researchers who are approved may access limited Study Data.' The scope of approved researchers and data access is buried in study-specific informed consent documents, not in Apple's main privacy policy. Apple retains the ability to re-identify research participants.
What they claim: Apple claims health data processing happens on-device via the Neural Engine, minimizing data transmission to the cloud.
What we found: Firmware analysis reveals 12 hardcoded communication endpoints including health-evidence.apple.com, gateway.icloud.com, xp.apple.com, and configuration.apple.com. The Apple Watch continuously syncs health data to iPhone and then to iCloud by default. Heart rate is measured every few minutes at rest and every second during workouts. All this data flows through Apple's cloud infrastructure unless the user specifically disables iCloud Health sync — a setting most users never change.