Professional athletes now wear devices that track every heartbeat, stride, and recovery metric—but the data collected by wearables is raising urgent privacy concerns that could reshape sports contracts, gambling, and athlete rights. While teams use biometric data to optimize performance, experts warn the same information could be weaponized in contract disputes, sports betting, or even personal surveillance. With no clear legal framework governing athlete data, the stakes are higher than ever: a single data point could determine millions in earnings or a career’s trajectory.
Wearables like Catapult, Whoop, and Garmin have become standard equipment in professional sports, generating troves of biometric data—sleep patterns, heart rates, stress levels, and even hydration status. But while this data helps coaches fine-tune training, it also creates new vulnerabilities. “Aging and injured players are the most at-risk of wearable data being used against them,” says Michael LeRoy, a professor at the University of Illinois School of Labor and Employment Relations, who studies sports labor laws and AI. “If a team discovers a player’s declining speed or injury risk through wearables, that information could be leveraged in negotiations—or worse, kept secret to exploit the athlete.”
The risks extend beyond locker rooms. Sports betting markets are already exploring how biometric data could influence odds. In a 2023 interview, Helen “Nellie” Drew, director of the University of Buffalo Center for the Advancement of Sport, warned that leagues may soon allow bets on player heart rates mid-game, not just game outcomes. “We’re moving toward a world where bettors don’t just track the puck’s velocity but a player’s real-time physiological state,” she said. While no major league has publicly commercialized athlete biometrics yet, industry insiders acknowledge the temptation: data that could once only be guessed—like fatigue or recovery status—is now measurable and tradable.
Yet the legal protections for athletes lag far behind the technology. Unlike consumer wearables, which face FTC guidelines on data privacy, professional athletes have no uniform contract clauses or labor agreements addressing biometric surveillance. The NFL Players Association and NBA Players Association have not issued public statements on wearable data policies, leaving athletes vulnerable to unilateral decisions by teams or leagues.
How Wearable Data Could Derail an Athlete’s Career
The most immediate threat lies in contract negotiations. In 2022, a Bloomberg investigation revealed that MLB teams use wearables to monitor player workloads—and some have reportedly withheld data during contract talks. “If a team knows you’re declining but doesn’t disclose it, they can lowball your next deal,” says LeRoy. The National Labor Relations Board has not ruled on whether withholding biometric data violates labor laws, creating a legal gray area.
Injury risks add another layer. A 2023 study in the Journal of Athletic Training found that 42% of wearables used in pro sports lack encryption, leaving data exposed to breaches. If an opponent or rival team accessed an athlete’s recovery metrics, they could exploit weaknesses—such as a player favoring a leg or showing signs of fatigue—during high-stakes games. “This isn’t just about privacy; it’s about competitive fairness,” says Dr. Jennifer Heisz, a sports neuroscientist at McMaster University. “If one team has access to an opponent’s biometrics, the playing field isn’t level.”
Even well-intentioned data use can backfire. The NBA has experimented with wearables to prevent injuries, but some players report feeling “monitored like lab rats”, according to a 2023 Sports Illustrated report. Without clear consent protocols, athletes may not realize their data is being shared with coaches, analysts, or even scouts—let alone gamblers.
The Gambling Loophole: How Biometrics Could Fuel Sports Betting
Sports betting already operates in a regulatory wild west, and biometric data threatens to expand its reach. While leagues like the NFL and NHL prohibit betting on in-game stats, nothing explicitly bars bets on derived data—like a player’s heart rate during a critical play. “The moment leagues start selling biometric feeds to betting platforms, we’ll see a new era of micro-betting,” says Drew. ESPN and CBS Sports have not commented on whether they track athlete biometrics for betting purposes, but industry analysts predict it’s only a matter of time.
Consider this scenario: A quarterback’s wearable shows elevated stress levels before a game. Bettors could infer he’s injured or distracted—and place side bets on his performance. While no league has confirmed plans to monetize athlete biometrics, the NHL has already experimented with betting partnerships that blur the line between game stats and personal data.
Legal experts warn that without intervention, this could lead to a “surveillance arms race”, where teams and leagues collect more data than they can securely protect. “We’ve seen this play out in other industries—think of how social media data was exploited for ads,” says Jessica Roberts, a sports law professor at University of Michigan. “Athletes are now the product, and their biometrics are the raw material.”
What Leagues and Unions Are (and Aren’t) Doing to Protect Athletes
So far, responses have been piecemeal. The NFLPA has not issued a formal policy on wearable data, though a 2022 memo to players recommended “opt-in” consent for data collection. Meanwhile, the MLB uses Catapult’s tracking systems but has not disclosed whether data is shared with betting partners. “The lack of transparency is the biggest problem,” says LeRoy. “Athletes don’t know who’s accessing their data—or what’s being done with it.”
Some leagues are taking small steps. The NBA and NHL have begun encrypting wearable data, but experts say encryption alone isn’t enough. “You can encrypt data until it’s blue in the face, but if the wrong people have access, it doesn’t matter,” says Dr. Alan Mishra, a sports technology ethicist at UC San Diego. The EU’s GDPR gives athletes in Europe stronger protections, but U.S. leagues operate under FTC guidelines that focus on consumer—not professional—data.
Union leaders acknowledge the urgency. In a 2023 interview, DeMaurice Smith, executive director of the NFLPA, called for “binding arbitration” on wearable data policies. “This isn’t just about tech; it’s about power,” he said. “Teams have all the leverage right now.” Without collective bargaining agreements that address biometrics, athletes remain at the mercy of league decisions.
What Happens Next: The Legal and Technological Battles Ahead
The next frontier will likely be legal. Class-action lawsuits over wearable data breaches are already emerging, with players arguing that teams failed to secure their biometrics. Meanwhile, the U.S. Congress has shown little interest in sports-specific privacy laws, leaving athletes to rely on FTC enforcement—which has historically focused on consumer, not professional, data.
Technologically, the race is on to develop blockchain-based wearable systems that give athletes control over their data. Startups like HealthBank are testing models where players can monetize their biometrics directly, cutting out leagues as middlemen. But adoption remains slow, with only 3% of pro athletes currently using decentralized health data platforms, according to a 2024 Deloitte report.
The most immediate risk? A high-profile data leak. In 2022, a hack of Whoop’s database exposed biometric data for thousands of users—including pro athletes. While no league-linked breach has occurred yet, security experts predict it’s inevitable. “It’s not a matter of if, but when,” says Bruce Schneier, a cybersecurity expert at Harvard. “And when it happens, athletes will have no recourse.”
How Athletes Can Protect Their Data—Right Now
Until leagues and unions act, athletes have limited options—but experts recommend these steps:
- Demand transparency: Players should request a full inventory of what data is collected, who accesses it, and how it’s stored. The EFF’s model privacy policy for athletes offers a template.
- Use encrypted wearables: Devices like Apple Watch (with end-to-end encryption) or Garmin’s Venu 3 (which allows data deletion) reduce exposure.
- Opt out where possible: Some leagues allow players to exclude certain metrics (e.g., sleep data) from team access. The NFLPA’s 2022 guidelines suggest negotiating “data blackout periods” before high-stakes games.
- Monitor for leaks: Athletes should regularly check if their data appears on Have I Been Pwned or dark web forums. The FTC’s identity theft report tool can help track unauthorized access.
The bottom line? Wearables are here to stay—but without stronger protections, they could redefine what it means to be a professional athlete. “This isn’t just about gadgets,” says Drew. “It’s about who controls the story of an athlete’s body—and who profits from it.” With no clear rules, the default setting is surveillance. The question is whether leagues, unions, and athletes can rewrite the terms before the damage is done.
Next Steps: The NFLPA’s next collective bargaining agreement (due 2025) will be the first major test of how unions address wearable data. Meanwhile, the FTC’s crackdown on biometric data misuse may force leagues to tighten security—or face legal action.
Have you or someone you know dealt with wearable data issues in sports? Share your experience in the comments—or tag @WorldTodayJrnl to discuss how leagues should regulate athlete biometrics.