Data Use and API Requirements involved in the European Commission’s approval of Google’s Fitbit acquisition

The regulator has set a list of requirements for the tech companies that must be followed for at least a decade.

The $2.1 billion purchase of the health-wearable-maker Fitbit, by Google, has finally been officially signed off on by the European Commission, after many months of regulatory investigation. However, to actually go ahead with the purchase there is a number of commitments required from the tech company. These commitments focus on its competitive practices across advertising, smart device interoperability and digital health APIs.

The Commission’s EVP, that is in charge of competition policy, Magrethe Vestager, stated that they can approve the acquisition proposal of Fitbit by Google because the commitments will guarantee that the market for wearables and the developing digital health landscape will remain open and competitive.

She continued by saying that the commitments made will regulate in what ways Google can utilize the data collected for advertising reasons, how Android will be safeguarded, how users will be able to continue to share health and fitness data, if that is what they wish to do, and interoperability between competing wearables.

The European Commission executed a thorough investigation that was officially launched in August. The aim of the investigation was to collect extensive information and feedback from the competition that the merging companies have, including global competition and the European Data Protection Board, said the regulator.

During the initial probe, Google will be offering initial concessions regarding the ways it would use Fitbit-collected health information, however, promises to isolate the data did not suffice for the Commission.


The worst case scenario for Fitbit and Google would be a blocked deal, so the approval saves the companies from that. Tech companies though, will surely have their eyes wide open over the next decades.

When it comes to Google’s applications in advertising, the company has made some agreements. Firstly, they have agreed not to use Fitbit sensor data or user-submitted data for its Google Ads product, which is limited to users in the European Economic Area only. Secondly, they agreed to keep the data collected from Fitbit users siloed from its data for advertising. Finally, Google agreed to provide users in the EEA to choose whether they want their health and wellness data that is stored in their Google or Fitbit account to be accessed by the other Google services or not.

The above agreements need to be kept for at least a decade, when the Commission wil choose whether to extend them for another decade or less if they find it necessary to do so.

Also, no access fees can be added and the Fitbit Web API must be maintained. There are many API-focused agreements that are set for the next decade. These involve: ensuring that Google does not seek to exclusively funnel Android smartphone users to Fitbit or Google wearables, continuing to license public Android APIs for free to Android manufacturers, maintaining feature and functionality parity across its core interoperability APIs, not degrading users experiences with third-party devices, and ensuring that these APIs are accessible to manufacturers of Android.

In order to guarantee that Google will comply to these agreements made, there will be a trustee appointed before the transaction closes to monitor Google’s implementations. This trustee will have access to a variety of internal records, other assets and personnel.

Most likely, a number of these commitments made with the European Commission will have some impact on consumers located outside of the region too. This was seen in the E.U.’s General Data Protection Regulation (GDPR) IN 2018.

It is noteworthy however that the language for specific requirements is specifically restricted to EEA consumers only. Requirements such as the ones involving the use of data regarding an individual’s health and wellness, for advertising.


The announcement of the acquisition was made in November 2019, by Fitbit and Google. Back then, they made a point of noting that the Fitbit devices would still be platform agnostic and that the companies would show transparency in regards to their use of consumers’ health and wellness data. However, Amnesty International, warned the European Commission in a letter, of the potential human rights risks posed from not having proper data safeguards.

The deal has been scrutinized not only by the investigation done by the European Commission but also by U.S. regulators that have been holding internal discussions. Moreover, the Australian Competition and Consumer Commission recently made the announcement that it has also begun to look into the deal’s feedback as well as putting forward three data and interoperability requirements of its own.

Alphabet, Google’s parent company, as well as fellow tech enterprises such as Amazon, Facebook and Apple has also received a lot of attention from government regulators recently, as each have been called to congressional hearings to testify regarding their business practices through 2020. Google has also received a formal accusation by 10 state attorneys general. This new lawsuit accuses Google of abusing its online advertising monopoly.