All products featured are independently chosen by us. However, SoundGuys may receive a commission on orders placed through its retail links. See our ethics statement.
Headphones are collecting too much personal data
Published onJanuary 10, 2025
Trading personal data for useful software features is nothing new, but do we really need them in headphones? One of the biggest ongoing debates in tech right now is regarding privacy. There’s a lot of money in data aggregation, and while companies like Google have done a decent job at showing how all of that data can be put to practical use (i.e the Assistant), others don’t seem to be making as strong of a case.
Editor’s note: This article was updated on January 10, 2025, to add real-world examples of data collection problems.
What kind of personal data are they collecting?
While reviewing the Soul Run Free Pro Bio fitness earbuds, which come with an associated app to help users get the most out of them, I found myself clicking “Accept” a few too many times. Granted, the earbuds in question are marketed to runners and are supposed to provide biometric feedback to improve everything from your posture to your gait, so I was expecting to have to accept a privacy policy or two. I eventually decided to actually read what I was agreeing to, which led to this article.
Besides the usual information like access to height, weight, age, and sex, the app also requests a few, let’s say, rather unique bits of information. Some of the additional information the app collects includes things like leg length, the shoes you wear, and whether you’re right or left-footed. It’s weird, but not completely unrelated, as this is a running app, after all. Plus, the entire shtick of these headphones is that they’ve partnered with a company called Beflex Inc. to provide you with next-level information about your workouts. However, it gets weirder.
The app also noted that it collects “wellness-related information” such as alcohol usage, injury history, and even menstruation history. Yeah, menstruation history. Now, I’m no lawyer, but alcohol usage, injury history, and menstruation history sound like stuff that some people might not be too keen on making public. This is especially concerning because should this data become a target for criminal data breaches, or government authorities demand access to it, Soul Electronics wouldn’t have much of a say in keeping your data private. All of this for a pair of workout earbuds doesn’t seem worth it to us.
What other headphones companies collect personal data?
I read through dozens of privacy policies from the biggest headphone manufacturers to see if excessive data collection was an isolated incident or common practice. Unfortunately, many large audio tech companies collect personal data to some extent, though none seem as extreme as Soul Electronics. Most companies only collect the basic data that you provide, like your name and address. That said, there was one major company that collects a bit more: Bose.
If you don’t remember, Bose already had a fairly mainstream data collecting scandal back in 2017 where the Bose Connect app was found to be tracking what users were listening to and sending that data back to the company to be sold. Think of it like Shazam, but for all the audio that plays through your headphones. Throw in the fact that users were unaware it was even happening, and it became a pretty big deal. Although it has been quite a few years and the heat has simmered down a bit, Bose makes it perfectly clear that this is still happening.
According to its official privacy statement, which was last updated on July 13, 2021, Bose is able to collect and use your personal data once you hit “I Agree” during setup:
- Usage and interaction information, such as date and time spent using different features of your product or software, sensor data (e.g., head orientation and movement), button presses, volume levels, system presets, and environmental data (e.g., noise levels and audio frequencies of sounds around you).
However, the Bose app allows you to opt out of data sharing whenever you want. The company has made the process relatively straightforward—you’re never more than two clicks away from reading their privacy policy and opting out.
You don't normally think of data collection when it comes to headphones, but it's happening.
The average person might not complain about providing headphones apps with your personal data because, usually, you get something worthwhile in return. If you let Google track you for a week, you’ll get updates about how long your morning commute to work is going to take. Give location access to a weather app and you might get a notification in the morning reminding you to bring an umbrella because it’s going to rain. Sure, it’s creepy if you think about it for too long, but it’s dead useful.
On the flip side, I don’t know what I get in return for letting my headphones know what I’m listening to. Furthermore, I can’t think of a single reason why a pair of workout earbuds need access to someone’s menstrual history. We should just call it what it is because, at that point, it doesn’t feel like a transaction anymore. It’s just spying.
Third-party breaches
Even if everything is handled correctly and the company making the app doesn’t collect data themselves, if an app allows ads: it isn’t as secure as you think it is.
In early 2025, it came to light that a hacking group had gained access to the data of thousands of apps to track users’ locations. This data was then collated and sold to several entities, including governments. A decent amount of this information was gained not from the app itself, but from the ads that these apps ran to monetize their existence.
The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps across both Android and iOS. Because much of the collection is occurring through the advertising ecosystem—not code developed by the app creators themselves—this data collection is likely happening both without users’ and even app developers’ knowledge.” — Joseph Cox, 404media
While there haven’t been many (if any) headphone apps on the list of offenders for this particular breach, there are a number of voice recorders, free music players, and lots of household names in the list of apps leaking your data. Developers probably don’t even know this is going on, and I have to imagine they’re quite upset about this as well. As resistant as you might be to pay money for an app, investing in ad-free or pro versions might be an investment into security for yourself. But it’s a win-win: supporting the devs and artists you like means they get to keep doing what you both love.
Frequently asked questions
We also discussed headphone data collection on the SoundGuys podcast! Check it out below.
In 2021, Spotify had a patent approved for a piece of technology that records and analyzes data from user’s microphones in order to further personalize music recommendations. Luckily, there was a significant uproar from Spotify users against this technology being implemented, and Spotify stated that they had not implemented the technology despite the patent being approved. The company did not commit to never utilizing this technology, but as of August 2022, we have no reason to believe the technology is in use.