Wearable fitness devices are widely used to track an individual's health and physical activities to improve the quality of health services. These devices sense a considerable amount of sensitive data processed by a centralized third party. While many researchers have thoroughly evaluated privacy issues surrounding wearable fitness trackers, no study has addressed privacy issues in trackers by giving control of the data to the user. Blockchain is an emerging technology with outstanding advantages in resolving consent management privacy concerns. As there are no fully transparent, legally compliant solutions for sharing personal fitness data, this study introduces an architecture for a human-centric, legally compliant, decentralized and dynamic consent system based on blockchain and smart contracts. Algorithms and sequence diagrams of the proposed system's activities show consent-related data flow among various agents, which are used later to prove the system's trustworthiness by formalizing the security requirements. The security properties of the proposed system were evaluated using the formal security modeling framework SeMF, which demonstrates the feasibility of the solution at an abstract level based on formal language theory. As a result, we have empirically proven that blockchain technology is suitable for mitigating the privacy issues of fitness providers by recording individuals' consent using blockchain and smart contracts.
The rapid advances in fitness wearable devices are redefining privacy around interactions. Fitness wearables devices record a considerable amount of sensitive and private details about exercise, blood oxygen level, and heart rate. Privacy concerns have emerged about the interactions between an individual's raw fitness data and data analysis by the providers of fitness apps and wearable devices. This paper describes the importance of adopting and applying legal frameworks within the fitness tracker ecosystem. In this review, we describe the studies on the current privacy policies of fitness app providers, heuristically evaluate the methods for consent management by fitness providers, summarize the gaps identified in our review of these studies, and discuss potential solutions for filling the gaps identified. We have identified four main problems related to preserving the privacy of users of fitness apps: lack of system transparency, lack of privacy policy legibility, concerns regarding one-time consent, and issues of noncompliance regarding consent management. After discussing feasible solutions, we conclude by describing how blockchain is suitable for solving these privacy issues. CCS CONCEPTS• Security and privacy; • Networks;
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.