Privacy Ref Blog

Information Underload

For the holidays, I bought my wife a Samsung Gear Fit.  She is training for a 10k run and a half marathon next year, so she wants to track her progress prepare for these events.  When the Gear Fit arrived in the mail, my wife asked that I set it up for her while she was putting our son to sleep.  I got right to work playing with yet another piece of wearable tech, fumbling with it as I got it ready.  It was at the first stages that I was face to face with a crazy scenario.

Additional Software Required

In order for the device to work, you need to download a specific app for Gear Fit.  This app comes directly from Samsung’s app manager.

Now, I like to think I am good at following directions, but I messed up.  I went straight to the Google Play Store looking for the app.  I found an app from ZERO Labs named “Gear Fit File Manager,” but it wasn’t free; it cost $1.48.  My eyebrows were raised.

I started reading reviews.  I would say I read 5 star reviews, but they lacked any text, just a 5 star rating.  I did find plenty of 1 star reviews though.  “It doesn’t work with my device,” “It does nothing,” and “I want a refund” were everywhere.  This app shows ten thousand downloads, and was one of, if not the top result for the search “Samsung Gear Fit.”  I was even more curious how this could possibly happen.

Check the app’s permissions

The permissions for the app sealed the deal for me on avoiding the Samsung Gear Fit File Manager.  All the app wanted was access to the SD card, but I knew already the Gear was Bluetooth.  So, I read the instructions again.

You need to go to a specific site, written out in the instructions, for the app specific to the watch.  I had to laugh at myself a bit, seeing as it was my failure to read the entire instruction that led to this.  I still wondered why others had downloaded this with their reviews reflecting their similar confusion.

I read the description of the Gear Fit File Manager app again, and if you click “read more” in the store page you find the fact that you need to have the Samsung app mentioned in the instructions for the device already installed in order to make Gear Fit File Manager work.  How could this happen and more importantly how can companies avoid this with their devices?


It is important to be clear in your instructions.  Not providing clear direction may lead to other company’s riding your coat tails and obtaining personal information from your customers. Of course, negative experiences will be your responsibility, even if they are caused by the user’s own confusion or lack of understanding.  This can also be applied to any policy, such as your privacy notice, as well.  When you are unclear, you leave room for human error and misinterpretation.  When that interpretation, no matter how off base or wrong it is, is made by a judge or regulator, it is then that you will feel the full weight of this mistake.


Privacy Ref provides consulting and assessment services to build and improve organizational privacy programs. For more information call Privacy Ref at (888) 470-1528 or email us at

Posted on December 3, 2015 by Ben Siegel

« »

No Responses

Comments are closed.

« »

Subscribe to our mailing list

Please fill out the form below.


Want to find out more?

Simply go to the contact page, fill out the form, and someone from Privacy Ref will be in touch with you. You can also send an email to or call (888) 470-1528.


August 19, 2016

New Offering for Adaptive Privacy
Privacy Ref is now offering the Adaptive Privacy Office. This offering allows you to utilize the services you need to bring your program to the next level. Read more about the offering here.

Latest Blog Posts

October 14, 2016

Facebook knows a lot
A few weeks ago, I was auditing a CIPP/US class that Bob Siegel was teaching on behalf of the IAPP.  Someone brought up the idea of openness and allowing individuals access to the data you have about them.  At this point, Bob discussed the principles behind this, such as how the OECD Guidelines approach it.  Bob also mentioned that under GDPR (and the EU Privacy Directive) a user should be able to see and correct information an organization has about them. Bob then mentioned it would be interesting to see what would happen if I asked a company about what data they had about me.  I immediately thought of Facebook. Continue reading this post...

July 25, 2016

Social Engineering is a Massive Problem
Recently, a large number of YouTubers and other celebrities have been “hacked” or lost control of their accounts.  The truth of the matter is that they aren’t being hacked, but instead the person taking control of these accounts is just having others do it for them.  The people and groups helping them are not who you think.  They are not hackers, black market data dealers, or even criminals, but they are customer service representatives and other professionals who are meant to protect your data. Continue reading this post...

Other Recent Posts