Oura confirms receiving government demands for user health data
Original: Oura says it gets government demands for user data
Why This Matters
Highlights privacy risks in health wearables as billions in sensitive biometric data remain accessible to authorities
Health wearable maker Oura admits to receiving government requests for user data but won't disclose frequency or compliance rates. Company stores unencrypted health data from 5.5M users including heart rate, sleep patterns, and location.
Oura, maker of health-monitoring rings, confirmed it receives government requests for user data but declined to share how many or how often it complies. The company's rings track sensitive health information including heart rate, sleep patterns, menstrual cycles, and location data from over 5.5 million users. Security analysis revealed Oura data is not end-to-end encrypted, allowing staff access and making it vulnerable to government warrants, hackers, or insider threats. An Oura spokesperson said the company reviews each request "for legality, scope, and necessity" and pushes back on invalid or overbroad demands. However, Oura refused to disclose request volumes or compliance rates, unlike many tech companies that publish transparency reports. The $11 billion company faced controversy last year over a Department of Defense partnership involving data analytics firm Palantir.