No Watch lock possible?

Generally, I agree that an optional (!) locking of the device, after it was removed from the wrist for certain time (again the timeout being an option) would be handy. I recommend suggesting it to Garmin at Share Ideas | Garmin.  

Otherwise, personally I always remove activities from the watch after having synced them. So if you do it alike, you can at least limit the risks of spying on your whereabouts too much.

So you need to lose the watch and that's already not so easy.

Then you need to lose it and don't notice it, even more complicated.

If the first 2 happen then a top spy needs to, casually, find it and then he/she will analyze it to do what?

People are sharing such data everywhere and I don't see much problems around the world(yes, I understand that it's your choice in the case of strava, connect, Instagram, or whatever else).

If a stalker wants to attack someone or if a government agency wants to kidnap someone I think there are a lot easier ways than hoping that that person has an unlocked watch and that he/she loses it without noticing.

I see. now, also the comment of the other user from 2 years ago about how military bases were discovered due to sport heat maps, etc. Well that doesn't have anything to do with the watch being unlocked? I guess there are reasons if in certain places you are not allowed to bring smartphones, smartwatches, etc and if you're allowed to do it in something that should be top secret then it's your fault in any case.

I can imagine how some FBI agents or terrorists are using fitness watches in top secret places and then sharing the activity online...yeah, makes sense.

Not trying to make fun of the situation...it just looks too stretched and this is, of course, just my personal opinion.

Let's also consider that someone is not sharing anything online and it's using only the watch and keeping everything there...not syncing at all with Connect. Probably that person will delete each activity from the watch too or start them not from the doorstep of where he/she is living. I would also fake the time on the watch so that the activities start at the wrong time.

I just hope that none will ever be able to get my maxHR value or even worse my "fitness level". What would I do in that case?

People are giving the address and even their apartment number to random uber eats drivers but, once again, that's their choice like when you share activity data on socials so doesn't fit into the discussion but it's just to say that a lot more sensitive data are shared randomly and the world, for the moment, is still not so dangerous.

I agree that there should be an optional lock, leaving it up to the customer to decide if such security is necessary.

Garmin is a large enough company to be well aware of this issue. I am convinced they have deliberately chosen not to address it, perhaps because they don't view it as a real problem. Therefore, I have no intention of offering suggestions to Garmin. However, I get the impression that there is a lack of proven security experts within the company—particularly those knowledgeable in data correlation, data aggregation, and OSINT (Open Source Intelligence). This leads me to believe that the potential for profiling has either not been considered or not fully understood by Garmin. Possibly because the “average consumer” is unaware of this risk and therefore doesn't raise any concerns?

I don’t need to be a specialist to extract the information I've outlined. This is about data protection. The degree to which the potential exposure of this information poses a risk is highly individual. It's also pointless to debate the likelihood of my watch being stolen or lost and falling into the wrong hands. That discussion isn’t necessary. The fundamental rule here is: it’s not about what the finder of the watch will do, but what they can do with it!

That said, I shouldn’t get too upset about it because it’s ultimately my responsibility to inform myself before purchasing a product. In this case, I didn’t. I’m just surprised Garmin hasn’t addressed such an obvious issue.

I would like to bring an example of the POSITIVE side, if you can read the device (in this case an Edge bike computer) without a lock:
Here in Germany some time ago, a professional triathlete was deliberately hit by a car while training on a forest road. The driver kidnapped her (and the bike) and held her captive in his house in the woods for several hours. He then drove her (and the bike) somewhere else by car and released her with her bike.
During the entire time, the Edge computer recorded the track. Since the device was freely accessible, the police had no problem (and no time delay) reading the device. As a result, the kidnapper's house was found on the same day and the man was arrested without delay.

If the device had been locked, the man could not have been arrested so quickly and might have had enough time to escape.

A terrible case, but one that was solved quickly thanks to the accessible data on the computer.

bluefish said:

If the device had been locked, the man could not have been arrested so quickly and might have had enough time to escape.

In fact the device could have been locked, and still broadcast its location to Garmin's servers (and hence to any approved users including the authorities). Frankly told, the security features are indeed not at all where they could be, at Garmin, but unlike other posters, I do not see any conspiracy or intention in it. Garmin simply has very limited developer resources, and their priorities are elsewhere.

trux said:

In fact the device could have been locked, and still broadcast its location to Garmin's servers

If livetracking had been activated.
1) it was not.
2) the woman had left her phone at home..

The activity was read out directly from the device when she was back in safety. The police were then able to find the location of the house.

It is not that difficult to allow authorities to access a locked device. Just in the same way phone operators cooperate with the authorities, and offer their data when needed, although it is not available to a random dude.

trux said:

It is not that difficult to allow authorities to access a locked device.

Yes, I know that. But when a crime happens, the time factor can play an important role.

bluefish said:

If the device had been locked, the man could not have been arrested so quickly and might have had enough time to escape.

In this case, the device was not locked.

trux said:

And that's the problem. It should have been.

Not in THIS case.

I don't understand what you're trying to say. I just wanted to give an example to show that - even in isolated cases - direct access to a device can be a positive thing.

If the device had been locked, it would have cost valuable TIME.

Time in which the perpetrator could have fled.
I don't want to go into this case any further. The victim was scared to death, the perpetrator was violent.
The fact that he could be caught on the same day because of the GPS data certainly made it SOMETHING easier for the victim to deal with the trauma.

Let's end this discussion. It's getting a bit offtopic.