When you next lie down to sleep, the bed may not your secrets keep. So-called “smart” beds, mattress pads, sleep apps, and fitness trackers with sleep options are collecting data on those who use them and sending that personal information back to manufacturers. The data gathered can include biometric information (i.e., heart rate, respiration), sleep positions, and movement (think about that one for a minute). Some even include microphones to track snoring.

According to an article by Julie Appleby published in Kaiser Health News, “Consumers are flocking to mattresses and under-mattress sensors aimed at quantifying sleep as well as sleep-tracking devices; sleep apps are among the most popular downloads on Apple and Android smartphones.” While such products can be useful to people interesting in monitoring their sleep patterns, consumers might not think about what personal data are being collected and how they are being used.

For example, the article reports that Sleep Number, a manufacturer of popular “smart” beds, collects more than 8 billion biometric data points every night, gathered each second and sent via an app through the internet to the company’s servers. Sleep Number reportedly analyzes the data not only to help consumers learn more about their health but also to support algorithms and improve their product. Company spokespersons state that Sleep Number goes to great lengths to protect consumers’ privacy and does not share biometric information outside of the company. However, according to the article, the company’s privacy notice states that personal information—potentially including biometric data—“may” be shared with marketing companies or business partners, and also that the company can “exploit, share and use for any purpose” personal information with names or addresses withheld or stripped out, known as “de-identified” data.

The privacy policies of many other devices that track and transmit personal information allow for the sharing of such de-identified data. Privacy experts, however, have shown it is “not terribly difficult to use or combine such information to ‘re-identify’ people.” Further, the article reports that information gathered by sleep trackers is not protected by federal privacy rules. And some sleep trackers or apps can connect with other “smart” devices in your home, such as a thermostat or coffee maker, which raises the possibility that those devices could be sharing information as well as increasing the risk of it being hacked.

This potential loss of privacy may be scarier than the monster under the bed. People who use “smart” sleep devices and applications are well advised to use encryption, strong passwords and additional authentication whenever possible. Consumers also should read privacy policies to better understand what information is being collected and shared, and may want to consider whether the value of information gained regarding their sleep habits is worth the privacy risk.

To read the full article, click on this title: “Your Wake-Up Call On Data-Collecting Smart Beds And Sleep Apps.” The publisher, Kaiser Health News, is a nonprofit news service covering health issues. It is an editorially independent program of the Kaiser Family Foundation, which is not affiliated with Kaiser Permanente.