Google told the European Commission it would keep Fitbit health data walled off from its advertising machine for 10 years. That was the deal -- the only reason regulators approved a $2.1 billion acquisition that gave Google 30 million people's heart rates, sleep patterns, and menstrual cycles. Two years later, Google required every Fitbit user to migrate to a Google account. Your heart rate data now lives in the same account as your search history, your YouTube habits, your Gmail, your location history. The silo Google promised? It's a policy document, not a technical wall. And Google already paid $170 million for breaking its promise to protect children on YouTube. A promise from Google to regulators is a press release with an expiration date. Richard Dabate told Connecticut police an intruder killed his wife Connie. Her Fitbit said otherwise -- it showed her walking around for an hour after he claimed she was dead. He was convicted of murder in 2022. Karen Navarra's Fitbit recorded the exact moment she was killed -- a heart rate spike, then nothing. Insurance companies subpoena Fitbit data to prove you're not as injured as you claim. Divorce lawyers request it to prove infidelity -- your heart rate and GPS location during those unexplained evenings. Fitbit markets a private wellness journey. The courts see a 24/7 surveillance device that records your heart rate, your location, and the exact time you stopped moving. Every step you log is evidence waiting for a subpoena.
What they claim: Fitbit markets itself as a personal health companion: "Find your reason to get active, sleep better, and stress less" -- positioning health tracking as a private wellness journey.
What we found: Fitbit data has been used as evidence in criminal prosecutions and civil litigation. In Connecticut, Richard Dabate told police an intruder killed his wife Connie in December 2015. Her Fitbit showed she was walking around for an hour after he said she was dead. He was convicted of murder in 2022. In San Jose, Karen Navarra's Fitbit recorded a dramatic heart rate spike followed by a sudden stop, establishing the time of her murder in 2018. Insurance companies have subpoenaed Fitbit data in personal injury and disability claims to challenge claimants' reported activity levels. In divorce proceedings, Fitbit data -- heart rate spikes and GPS locations during unexplained absences -- has been sought to prove infidelity. Every step, heartbeat, and location logged by Fitbit can be subpoenaed.
What they claim: Fitbit Health Solutions states that corporate wellness programs help employees "improve their health and wellbeing" with privacy-respecting aggregate reporting that does not identify individuals.
What we found: Fitbit Health Solutions provides health data to employers and insurance companies through corporate wellness programs. While marketed as aggregate data, academic research has demonstrated that in small teams (under 20 people), aggregated health data can identify individuals -- the person who runs at 6 AM, the one with irregular sleep, the pregnant employee whose resting heart rate increases. UnitedHealthcare offered Fitbit devices through its Motion program, tying insurance premiums to activity data. Employers using Fitbit wellness programs receive dashboards showing workforce health trends that, in small departments, amount to individual health surveillance. Employees who decline to participate face implicit pressure -- wellness program participation is often tied to insurance premium discounts of $500-$1,500 per year. The "voluntary" wellness program costs you money if you refuse to be monitored.
What they claim: Fitbit states it collects continuous heart rate data to help users "understand your heart health" and provides resting heart rate trends, cardio fitness scores, and heart rate notifications.
What we found: Continuous 24/7 heart rate monitoring creates a comprehensive biometric surveillance record. Heart rate variability reveals stress levels, alcohol consumption, illness onset, emotional state, and sleep quality. Combined with GPS data, heart rate can indicate what a user was doing at any given time -- elevated heart rate plus stationary location could indicate sexual activity, panic attacks, or confrontations. Fitbit stores this data on Google servers with no maximum retention period defined for active accounts. The Fitbit app requests permissions for: precise location, body sensors, phone state, camera, contacts, storage, and background activity recognition. Research published in the Journal of Medical Internet Research demonstrated that wearable heart rate data can predict mental health conditions, substance use patterns, and relationship stress with clinical accuracy.
What they claim: Fitbit states that Premium subscription data is used to provide "personalized insights and guidance" to help users reach their health goals.
What we found: Fitbit Premium ($9.99/month or $79.99/year) processes health data through Google's cloud AI infrastructure to generate wellness reports, sleep insights, stress management scores, and readiness scores. This means detailed health analytics -- derived from heart rate, sleep stages, activity, and biometric sensors -- are processed on Google's servers rather than on-device. The Premium tier creates additional incentive for deeper data sharing: users pay Google to process more of their health data more thoroughly. Google's AI infrastructure is shared across products; the same cloud that processes Fitbit Premium insights also powers Google's advertising AI, search ranking, and YouTube recommendations. While Google commits to not using Fitbit data for ads (per EU conditions), the technical infrastructure is shared, and the commitment expires in 2031.
What they claim: Google told EU regulators it would keep Fitbit health data siloed from Google's advertising infrastructure for 10 years as a condition of the $2.1 billion acquisition approval.
What we found: Starting in 2023, Google required all Fitbit users to migrate to Google accounts, linking Fitbit health data to Google's broader identity graph: search history, YouTube viewing habits, Gmail content, location history from Google Maps, and Chrome browsing data. The European Commission approved the acquisition in December 2020 specifically because Google committed to maintaining a data silo. A monitoring trustee oversees compliance, but Google's compliance is largely self-reported. Google has a documented history of breaking regulatory commitments -- the company paid $170 million for violating COPPA on YouTube after promising to protect children's data. The account migration creates a single identity across all Google services, making the "silo" boundary a policy choice rather than a technical barrier.
What they claim: Google stated the Fitbit web dashboard was discontinued to provide "a more streamlined experience" through the mobile app.
What we found: The Fitbit web dashboard was discontinued in 2025, forcing all users to the mobile app. The mobile app collects significantly more data than the web dashboard ever did: device advertising identifiers (GAID/IDFA), precise GPS location, app usage patterns, installed app lists, Bluetooth device proximity, Wi-Fi network names, and accelerometer data. The web dashboard required only a browser cookie. The mobile app requires persistent background access to sensors, networks, and device identifiers. Users who specifically chose web-only access to minimize data exposure -- including privacy-conscious users who avoided installing the app -- lost that option entirely. The "streamlined experience" added at least six new categories of data collection that the web dashboard never required.
What they claim: Fitbit promotes its menstrual health tracking feature as helping users "better understand your cycle" with logging for periods, symptoms, and fertility windows.
What we found: Fitbit stores menstrual cycle data on Google's servers -- period dates, flow intensity, symptoms, and fertility window predictions. After the Supreme Court overturned Roe v. Wade in June 2022, reproductive health data became potential evidence in abortion prosecutions. Google announced it would auto-delete location history near abortion clinics, but made no equivalent commitment for Fitbit menstrual data. Unlike dedicated period trackers that faced public scrutiny (Flo, Clue), Fitbit's menstrual tracking attracted less attention despite collecting the same reproductive data. The data is now linked to Google accounts through forced migration, meaning a subpoena for Google account data could yield menstrual cycle history alongside search queries, location history, and email content. Google complied with 81% of US government data requests in 2023.