Professional Athletes and Wearables

I haven’t thought about the privacy issues surrounding professional athletes and wearables.

Wearables present serious privacy issues for “Average Joe” consumers, who are entrusting tech companies to safely store and protect their biometric data. Imagine the stakes for a professional athlete, whose entire livelihood could be affected by a single biometric data point. To give one of many realistic hypotheticals: a basketball player has a terrible game, and the coach wonders if they showed up to the gym hungover. The coach has access to the player’s wearable data, and checks to see when they went to sleep, as well as what their heart rate looked like during the night. Should the player have been out partying before a game? No. Should the coach be able to surveil them? Definitely not.

It will not surprise you to learn that there’s an emergent gambling angle here: sports leagues would love to commercialize players’ biometric data, and sharp bettors would love access to data about, say, a hungover player. “We’re going to get to a spot where people are betting not just on the velocity of the puck that was shot by a player in the NHL playoffs, but on what the heart rate of a certain player is going to be running down the field,” said Helen “Nellie” Drew, the director of the University of Buffalo’s Center for the Advancement of Sport, and a professor of practice in sports law.

There are other practical considerations, too. What if wearable data reveals that a player isn’t as speedy as they were before, and a team uses that data against the player during contract negotiations? What if a wearable reveals a player is favoring their leg, or is at greater risk of injury? This information is potentially beneficial to a training staff and an athlete, so long as it’s disclosed and used in a responsible manner—­a critical, mostly unresolved caveat. “Aging and injured players are the most at-risk” of wearable data being used against them, said Michael LeRoy, who researches sports labor laws and AI, and is a professor at the University of Illinois’s School of Labor and Employment Relations.

The bit about gamblers is particularly scary.

I have often said that surveillance tech is generally deployed first against people with diminished rights: children, prisoners, military personnel, the mentally impaired. This is another early use case with different dynamics. The surveilled are wealthy and powerful, and—in many cases—unionized.

Posted on June 22, 2026 at 7:02 AM12 Comments

Comments

Rontea June 22, 2026 9:16 AM

The WNBA’s new labor contract is a landmark victory for the players, but as Julie Cohen might observe, the shine comes with a shadow. The league now has a foothold in the most intimate corners of an athlete’s life: her heartbeat, her sleep, the quiet, vulnerable data points that make her human. On the surface, this is a story of triumph—better pay, better travel, better protection for mothers. But tucked into the fine print is a question that lingers like a cliffhanger: what price will be paid for progress if your body becomes the league’s property in all but name? Sometimes the story doesn’t end with the buzzer—it follows you home, pulsing in your wrist, whispering in the dark.

Dave June 22, 2026 9:23 AM

The problem with wearable is that it is 90% marketing fluff. Most of the metrics are not actionable in any way that is meaningful to a professional athlete. The most meaningful metrics are resting heart rate and HRV but these metrics are only useful longitudinally. A single reading over night tells one nothing; Tossed and turned in the night and the watched slipped two cm down the wrist and the RHR and HRV goes wonky. The claim that one can tell if an athlete was partying or drunk from their wearable is utter tosh. Too many false positives.

The average purchaser of a Garmin smartwatch walks slightly over 3000 steps a day. It’s a status symbol, not a health device. Same as shoes.

The part about gambling is as scary as the adage that a fool and his money are soon parted.

Q June 22, 2026 11:06 AM

The wearables don’t need to be online. They don’t need to communicate all their data to a central server. They have more than enough capability to store the data locally and/or connect only locally to the buyers system for backup and analysis.

There is no need to involve any third parties.

But they do, of course. The manufacturers choose to make the devices dependant upon the their servers. It isn’t a necessity, it is a choice. And the choice isn’t made by the buyer, it is imposed by the maker as some sort of need that it can only work if the maker keeps themselves in the loop.

Don’t buy these kind of things. Don’t fall for the fancy marketing. If someone still decides they really need one then look for one that doesn’t tether itself to someone else’s computer. Look for one that allows people to keep their own data and make their own choices about who to share the data with.

TimH June 22, 2026 12:01 PM

@Q: another reason not to buy a product that requires manufacturer communication to operate is that the manufacturer can obsolete a perfectly fine product by disabling the server. Google, Amazon…

Anna June 22, 2026 1:09 PM

I would take security and privacy considerations of smartwatches and activity monitors seriously even while not a pro athlete. If the company you work for, or your insurance company, gives you a smartwatch or activity tracker, who owns the data, and do you even have a reasonable way to ensure your health data is yours? As long as the sports, partying or actions focused on continuation of the human species happen outside of one’s work hours, it should not be of relevance to the employer or insurance firm at all.
I guess the legislation depends also on the country.

lurker June 22, 2026 1:49 PM

@Bruce

Should the player have been out partying before a game? No. Should the coach be able to surveil them? Definitely not.

I hope whoever wrote that has lawyered up. @Rontea already said it in their own special way: Professional athletes are hired on a contract. A contract binds the behaviour of both parties. Check the fine print.

@Q
indeed, don’t play is the answer to most of these “smart” devices, but what if the player’s contract says they have to wear one, and its data has to be accessible to someone else?

Clive Robinson June 22, 2026 3:09 PM

@ Bruce, ALL,

With regards,

“I haven’t thought about the privacy issues surrounding professional athletes and wearables.”

Just replace the “professional athletes” with “people” some of whom have no choice in being “sources of telemetry”.

But remember that the data from wearables has been used by the prosecution in criminal cases to argue that it “shows the crime in progress” due to heart and breathing rate.

Also consider that some implanted medical electronics works not just as a source of data but a sink of commands that could easily kill you without attracting any attention at autopsy etc.

In most cases the telemetry is not protected by any meaningful security, and neither are the commands that could kill you…

I’m sure you remember the “US Administration” at the begining of this century, and the “vice-president” who took security to the point he did not have an office or other base in the White House to avoid having everything he said and did “recorded for posterity”

Dick Cheney had a family history of bad cardiac events and had multiple heart attacks in his life and at one point “had no pulse” for nearly 20 months…

However in June 2001 he had a Medtronic GEM III AT ICD fitted which was kind of “state of the art” at the time. However his 2007 June physical noted that the device needed a battery replacement…

In of it’s self not a serious issue, but knowledge had moved on and it was realised that his ICD had become a “National Security” issue due to the fact it used not just insecure data protocols but was easily “wireless accessable”.

So in some respects it was thought that his ICD could be used as a “lie detector” as well as having adverse commands sent to it thus making him a potential “assassination target”.

All very “james bond evil villain” sounding, but sufficient for it to be used as a plot line in the show Homeland. Mr Cheney when interviewed in 2014 he told ABC News,

“I found [it] credible ….”

“… because I knew from the experience that we had assessing the need for my own device that it was an accurate portrayal of what was possible.”

So yes for more than two decades now it’s been well known that,

“Electronics used for measuring and controling the human body is a National Security level threat.”

Clive Robinson June 22, 2026 3:15 PM

@ Moderator, Bruce,

Your Auto-mod has pulled out a fairly innocuous post I’ve tried to make.

Rather then send it in a half dozen parts can you just moderate it and post it.

KC June 22, 2026 4:29 PM

The variations in CBAs between athlete unions and their respective sports leagues is interesting.

For example, the NBA CBA blocks in-game use of wearables, data commercialization, and would impose a $250,000 fine if wearable data is mentioned in contract negotiations.

The WNBA / WNBPA will be setting up a committee to negotiate wearables.

The invasiveness of what the the data reveals would have me questioning the current state of privacy safeguards and why athletes would want to commercialize this data – some CBAs conditionally allow for it, and some players opt in.

I’ve seen people mention that pregnancy tanks HRV, as does a portending illness. I was surprised to learn that alcohol can too.

With these devices there are so many metrics that can be calculated and tracked over time: VO2 max, exercise load (TRIMP/EPOC), average vertical oscillation and on and on. And although there is variation in the precision across devices, many aren’t too far off.

Kind of surprised to learn the PGA is broadcasting the live heart rate data of professional golfers. Has anyone seen this?

Steve June 22, 2026 6:25 PM

We treat athletes like chattel already with unannounced drug testing and mandatory reporting of whereabouts.

A wearable monitor is just an extension of surrendering urine in a bottle on demand.

Expect it to be implemented “for the good of the sport.”

Privacy June 23, 2026 7:00 AM

It will probably be used by manufacturers to monitor employee activity, are the employees meeting their daily quota of widgets?
Likewise it will be used by delivery services such as UPS and ride-hailing services such as Uber and Lyft, to monitor daily output.
The problem is there’s a default attitude of collect as much data as possible, instead of collect data only when truly required and inform the person whose data is collected that the data is being collected, give a chance to opt-out and also ensure the privacy and security of that data, instead of selling it to a third party who sells it to a…

Leave a comment

Blog moderation policy

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.