Abstract digital composition of a smartphone silhouette dissolving into biometric data particles against a dark background, suggesting private health data being consumed by AI
News

Samsung Threatens to Delete Your Health Data If You Refuse AI Training

Samsung's new AI training consent toggle blocks cloud backups and threatens permanent data deletion for users who opt out. A corporate first in coercive AI data harvesting.

SamsungAI PrivacyData RightsHealth Data

Samsung has begun forcing users of its Samsung Health app to consent to their personal health data being used for AI model training — and if they refuse, the app threatens to delete their data entirely.

The new “Consent to the Use of Health Data for AI training and modelling” toggle, buried deep in Samsung Health’s settings, gives the company the right to use personal metrics — heart rate, sleep patterns, step counts, reproductive health data — for training and algorithm refinement. Turning it off triggers a warning that cloud backups will be disabled and existing data may be permanently deleted.

🔍 THE BOTTOM LINE

This is the most aggressive AI data-grab by a major consumer electronics company to date. Samsung isn’t asking politely. It’s holding your years of health history hostage: agree to let us train our AI on your body’s data, or we erase it. The coercion is the product.

How the Coercion Works

According to reporting from Neowin, the consent toggle appears deep in the Samsung Health app settings. When a user attempts to disable it, the app displays a warning dialog:

Withdraw from this agreement? If you withdraw, your data will no longer be backed up to Samsung Cloud and may be deleted.

The threat is explicit. Samsung Cloud is the only backup mechanism built into the app — there is no third-party alternative. Users who have spent years building a health profile through Galaxy Watch devices and phone sensors face a binary choice: surrender the data for AI training, or lose it.

The toggle covers a sweeping range of personal metrics. Samsung Health tracks exercise, sleep, heart rate, stress levels, body composition, reproductive health, nutrition, and medication logs. All of it falls under the consent umbrella.

The story climbed to 248 points on Hacker News within hours, with 66 comments debating whether this crosses a line that even Google and Apple have not approached.

Why This Is Different From What Apple and Google Do

Apple Health and Google Fit both collect health data, and both use some of it for product improvement. But neither company has made AI training consent a precondition for cloud backup. Apple’s approach has been to keep health data encrypted on-device by default, with iCloud sync requiring explicit, separate opt-in. Google Fit allows users to delete data at any time without losing access to the app’s core functionality.

Samsung’s move is categorically different. It transforms a previously free feature — cloud backup of health data — into a bargaining chip for AI training rights. The user’s accumulated data becomes leverage, not a service.

Samsung has been positioning its Galaxy Watch line as an “AI-powered everyday health companion,” but the companion apparently works for Samsung, not the user.

The Regulatory Time Bomb

Under the EU’s GDPR, health data is classified as a “special category” requiring explicit, freely given consent. Coercive consent — where refusal results in data deletion — is unlikely to qualify as “freely given” under Article 7 of the GDPR, which states that consent must not be bundled with access to a service in a way that makes refusal disproportionately consequential.

Australia’s Privacy Act reforms, currently being debated in Parliament ahead of Prime Minister Albanese’s AI speech, would similarly classify health data as sensitive, requiring explicit consent that can be withdrawn without penalty.

New Zealand’s Privacy Act 2020 already requires purpose-specific consent for health data. A Samsung Health user in Auckland who opts out and loses their data could arguably file a complaint with the Privacy Commissioner on the grounds that the consent was not freely given.

The Broader Pattern: Your Data as Ransom

Samsung’s move fits a growing pattern of tech companies using their most vulnerable users as training data pipelines. Meta quietly changed its privacy defaults to opt users into AI training across its platforms. Google’s Gemini integrates with Gmail and Docs by default. The difference is one of degree and brazenness — Samsung is the first to make the threat of deletion explicit.

The underlying logic is the same: AI models need data, consumer trust is cheaper than licensing deals, and the companies that control the data tap can set whatever terms they like. When Samsung is the only entity with five years of your heart rate history, “freely given consent” becomes a legal fiction.

NZ Angle

New Zealanders using Samsung Galaxy devices should check their Samsung Health settings immediately. The toggle is live and rolling out globally. If you’ve been building a health profile, consider exporting your data before the update reaches your device — Samsung Health allows CSV export under Settings > Data Permission > Download My Data. Once the consent screen appears, the clock starts ticking.

For users who have already encountered the toggle and opted in under pressure, a complaint to the Office of the Privacy Commissioner citing Section 22 of the Privacy Act 2020 (collection of health information) may be worth filing. The Act requires that collection be “necessary for a lawful purpose” and collected “directly from the individual concerned” — but it also prohibits making consent a precondition for a service in ways that are not reasonably necessary for that service.

❓ FAQ

Can I export my Samsung Health data before the toggle appears? Yes. Go to Settings > Data Permission > Download My Data in the Samsung Health app. You’ll receive a ZIP file with CSV exports of your tracked metrics. Do this before updating the app.

Does this affect Galaxy Watch users specifically? Yes. Galaxy Watch is the primary input device for Samsung Health data. If you’ve been using a Galaxy Watch for sleep, heart rate, or exercise tracking, your accumulated data is what Samsung wants for training.

Is this legal under GDPR? Legal experts are divided, but the consensus leans toward “probably not.” GDPR Article 7 requires consent to be freely given, and tying it to data deletion is coercive by definition. Expect regulatory challenges in the EU.

What about Apple Health? Apple Health data is encrypted on-device and syncs through iCloud with end-to-end encryption. Apple does not currently require AI training consent for cloud backup. This is a Samsung-specific problem — for now.

Should I switch health tracking platforms? If data sovereignty matters to you, consider open-source alternatives like OpenScale or Apple Health with iCloud sync. The risk is that other platforms may follow Samsung’s lead if this goes unchallenged.

🔍 THE BOTTOM LINE

Samsung has drawn a line that the rest of the industry was approaching but hadn’t crossed. Your health data — the most intimate digital record of your body — is now conditional. Opt out of AI training, and Samsung erases what you’ve spent years building. The question for regulators, in New Zealand and everywhere else, is whether “consent” under threat of deletion is consent at all.

📰 Sources

Sources: Neowin, Hacker News, Samsung Newsroom