The Best and Worst Wearables for Privacy, According to a New Study
Smartwatches and fitness trackers know a lot about you. They track how you sleep, how you move, and how your heart responds to stress. That kind of insight can be powerful. It can help you train smarter, recover faster, and better understand your body. But it also means handing over some of your most personal data. Often, without knowing exactly where it goes or how it’s used. Most privacy policies are long, vague, and written in a way that’s tough to navigate. So, can we really trust that our wearables are keeping our data safe?
A new study published in npj Digital Medicine takes a closer look at that question. Researchers analyzed the privacy practices of 17 major wearable brands, including Apple, Google, Fitbit, Huawei, and Xiaomi. They used a checklist with 24 criteria to rate how each company handles data privacy, how clear they are about it, and how much control they give users.
The results aren’t great.
Many brands are falling short, with unclear data sharing practices and weak protocols for handling breaches. Again, that matters because these devices collect more than just step counts. They log heart rate trends, sleep cycles, workout intensity, and, in many cases, menstrual health data. It is information that is far more sensitive than most people realize.
The Privacy Risk Leaderboard: Who’s Really Watching You
Here’s how 17 major wearable brands stack up, ranked from best to worst based on their privacy protections:
| Ranking Position | Brand | Privacy Risk Score |
|---|---|---|
| 1 | 33 | |
| 2 | Apple | 35 |
| 3 | Oura | 38 |
| 4 | Polar | 38 |
| 5 | Withings | 39 |
| 6 | Garmin | 41 |
| 7 | Fitbit | 43 |
| 8 | Ultrahuman | 44 |
| 9 | Samsung | 47 |
| 10 | Fossil | 48 |
| 11 | Coros | 50 |
| 12 | Whoop | 50 |
| 13 | Wahoo | 52 |
| 14 | Suunto | 53 |
| 15 | Huawei | 58 |
| 16 | Wyze | 60 |
| 17 | Xiaomi | 60 |
Xiaomi and Wyze land at the bottom of the list, with Huawei not far ahead. These brands scored poorly for their lack of clear data-sharing disclosures, limited user control over data collection, and failure to offer vulnerability reporting programs.
At the top, Google, Apple, Oura, and Polar performed relatively well. Their policies show stronger commitments to encryption, user access, and controls around targeted advertising.
Let’s take a closer look.
Popular Wearable Brands at the Bottom
Huawei and Xiaomi scored the lowest in the privacy risk ranking, despite being two of the best-selling wearable brands worldwide. According to Counterpoint Research, Huawei holds about 16 percent of the smartwatch market, while Xiaomi controls roughly 10 percent. Both are major players, especially in the budget and midrange space.
In early 2025, they saw a 53 percent jump in shipments compared to the year before. That kind of growth shows just how many people are buying these devices. It also makes it more important than ever to understand how these companies handle user data.
And that is where the concerns begin. While both companies are doing well in sales, the study found serious gaps in how they manage user information. Huawei and Xiaomi do not clearly explain what kind of data they collect, how long they keep it, or what users can do to access or delete it. That is troubling, especially when these devices collect deeply personal information like heart rate, menstrual cycles, and location.
Take the Huawei Watch Fit 4 Pro, which I recently tested. It is marketed as a more affordable alternative to the Apple Watch Ultra and costs nearly $500 less. That makes it an attractive option for users who want premium features without paying top dollar. The same is true for Xiaomi. In my review of the Xiaomi Redmi Watch 5, I pointed out how much the design resembles Apple’s, while staying in a much lower price range.
But according to this study, that lower price may come with a hidden cost. Users might save money, but they could be giving up more control over their personal data than they realize.
Strong Privacy Claims, Weak Follow-Through
A lower risk score might look reassuring, but that doesn’t always reflect real-world behavior. Even top-ranked companies have had lapses.
Apple recently settled a 95-million-dollar lawsuit over undisclosed Siri recordings, some of which were captured through Apple Watches. Google, despite its first-place ranking, paid 391.5 million dollars in 2022 after it was caught tracking users even when “location history” was turned off.
It is not surprising to see Google and Apple at the top of the list. These companies face constant scrutiny because of their dominance in the market. That level of attention pushes smaller brands to catch up, but it also gives the big players a strong reason to keep their privacy practices in check.
As I’ve noted before, privacy policies often raise more questions than they answer. Reading them takes time, legal fluency, and a lot of patience. In my guide to data protection in digital health, I offered a few practical ways to cut through the confusion, because most people click “agree” without knowing exactly what they’re agreeing to.
What You Can Do
If you’re not ready to ditch your smartwatch, there are still ways to protect your data and take back some control:
- Choose brands that let you access, delete, and export your data with minimal hassle.
- Turn off features like continuous location tracking unless you really need them.
- Be selective with third-party integrations.
- Before buying, ask the basics: Who owns the data? Where is it stored? Can you opt out of sharing?
And most importantly, stay informed. This research is part of a living review, which means the privacy scores will continue to change as companies update their policies. The more we know, the better we can hold them accountable. I will keep referencing this list in my future reviews so you can stay aware of where each brand stands.
Are you using a wearable from one of the companies mentioned in the ranking? How do you feel about their position on the list? If any of it raises concerns, I strongly recommend reading the full study for yourself.