UnderArmour data breach should raise questions about extent of data collection
This latest breach (as reported in the Washington Post story below)is more evidence that consumers need to have a choice NOT to automatically share their sensitive personal information with the vendors of wearable devices. While at least in this case the company told people about it, we really must wonder if companies like Under Armour need to be accumulating such vast stores of sensitive personal data in the first place.
Looking at the terms of service, it is clear that consumers must agree to all of the company’s policies if they want to use the service:
This type of clause (which is fairly typical) deprives consumers of any meaningful ability to give informed and knowing consent to the collection, use and storage of their personal information.