Hearing aid companion apps collect location, health, and usage data with murky consent

Modern hearing aids from Phonak, Oticon, ReSound, Widex, and Starkey require companion smartphone apps for full functionality -- adjusting programs, updating firmware, enabling remote care, and accessing AI features. These apps collect granular personal data including GPS location history, daily wearing time, listening environments visited, sound preferences, step counts, fall detection events, and in some cases the hearing aid's serial number and audiogram-derived hearing profile. So what? This is intimate health data -- your hearing loss severity, how often you wear your aids, what acoustic environments you frequent, and whether you've fallen -- flowing to manufacturers' servers. So what? Hearing aids are classified as medical devices, but their companion apps often fall outside HIPAA protections because the manufacturer is not a 'covered entity' under HIPAA (only healthcare providers, plans, and clearinghouses are). So what? Users cannot fully use the devices they paid $4,000-$7,000 for without agreeing to data collection terms they cannot meaningfully negotiate. So what? Unlike a free social media app where data collection is the business model, hearing aid users have already paid thousands of dollars and still have their health data harvested. This persists because hearing aid apps are regulated as wellness apps rather than medical device software, manufacturers use data for product development and algorithm training, and there is no hearing-aid-specific data privacy regulation.