Is Your Heart Rate Monitor Snitching on You?

Tech & PrivacyConsumer RightsLegalRetail

You bought it to optimize your sleep. You wear it to track your “strain.” You trust it to tell you when your body is fully recovered so you can crush…

by Companies Behaving Badly

You bought it to optimize your sleep. You wear it to track your “strain.” You trust it to tell you when your body is fully recovered so you can crush your next workout.

But according to a recent class action lawsuit, the fancy strap on your wrist might be doing a lot more than just coaching you — it might be snitching on you.

And let’s be honest: You didn’t pay a monthly subscription fee to hand-deliver your biological secrets to an ad agency.

The Allegations: Lomeli v. Whoop Inc.

In a complaint filed in the Northern District of California (Lomeli v. Whoop Inc., Case No. 3:25-cv-06828-KAW), the plaintiff alleges that WHOOP — the darling of the fitness tech world — has been sharing users’ sensitive health data with third-party analytics firms without explicit, transparent consent.

We aren’t just talking about your step count here. The lawsuit claims that highly personal metrics — including resting heart rate, sleep cycles, respiratory rates, and even blood pressure data — were intercepted by third-party trackers (such as Segment) embedded in the WHOOP app.

Why You Should Be Mad

Most of us have accepted the grim reality that when we use a “free” app (like Facebook), we are the product. But WHOOP is a premium subscription service. You are paying them specifically to analyze your data for you.

The expectation of privacy should be significantly higher when you are the paying customer. Instead, it seems “innovation” is just a fancy word for “finding new ways to monetize your pulse.”

The lawsuit alleges violations of the Video Privacy Protection Act (VPPA) and the California Confidentiality of Medical Information Act (CMIA).

The “Medical Grade” Gray Area

This lawsuit comes hot on the heels of FDA scrutiny regarding “medical grade” claims made by wearable tech companies. If a device claims to know your body better than you do, it shouldn’t be leaking that info like a sieve.

What Should You Do?

  • Check Your Settings: Open your WHOOP app (or any fitness app) and navigate to Privacy > Data Sharing. Look for “Third Party” or “Analytics” toggles and turn them off immediately.
  • Audit Your Phone: For a complete guide on locking down your device, read our Data Detox Guide.
  • Watch Your Cycle: If you use these apps to track your period, you need to be even more careful. Read why in our Reproductive Privacy Guide.
  • Stay Vigilant: We will be tracking the progress of Lomeli v. Whoop Inc. closely. If a settlement is reached, subscribers could be eligible for compensation.
Written by: Companies Behaving Badly

The team behind it all.

Check Your Case

Been harmed by corporate negligence? Our legal partners can help you understand your rights and pursue justice.

I understand by submitting this form that I am providing my consent to be contacted by Sokolove Law and its co-counsel, potentially using automated technology, at the number provided regarding my potential claim/their services. Consent is not required to use their services. Msg frequency varies, and message and data rates may apply. Reply HELP for help or STOP to unsubscribe. SMS Terms of Service. I understand and agree that by submitting this form I agree to the Privacy Policy and Terms of Use and that this form does not create an attorney-client relationship and is not confidential or privileged and may be shared.

This isn’t just outrage. It’s action.

If you’ve been harmed by corporate negligence, you may be entitled to compensation. Check your eligibility now.

Check Your Case