In a column for The Washington Post, Mary Lee, a mathematician for the RAND Corporation, warns that “the line between human and machine is blurring — and creating new concerns about consumer safety and privacy rights.”
These high-tech health care solutions are part of an emerging sector of medical technologies that monitor personal health data by essentially connecting your body to the Internet. These devices are members of the “Internet of Bodies,” a nod to the Internet of Things — a term coined in 1999 to describe the thriving network of everyday smart gadgets, appliances and cars that are connected through the Web. If retroactive privacy laws for the Internet have taught us anything, we should consider establishing rules to govern the legal, privacy and ethical issues that are already arising from smart medical and biometric devices.
While having a device directly attached to the body heightens the potential havoc that hacking or intentional malfunction could wreak on these devices, data from Internet of Bodies devices is beginning to be used in criminal investigations. There was a man in Ohio who was indicted on felony charges of aggravated arson and insurance fraud for allegedly starting the fire at his house on Sept. 19, 2016. It was the data taken from Compton’s pacemaker included his heart rate, pacer demand and cardiac rhythms prior to, during and after the fire that helped lead to his indictment.
A cardiologist who reviewed that data determined “it is highly improbable Mr. Compton would have been able to collect, pack and remove the number of items from the house, exit his bedroom window, and carry numerous large and heavy items to the front of his residence during the short period of time he has indicated due to his medical conditions,” the court documents state.
Legal, policy and tech experts have started discussing the privacy and ethical implications inherent in advances related to the Internet of Bodies, asking questions such as who should have access to the data, how it can be protected from those who shouldn’t have access, how tech companies can protect clients from malicious hackers who could remotely wreak havoc on someone’s body, and what role, if any, health information privacy rules should play. Questions such as whether insurance companies should be able to deny coverage based on poor health habits revealed through these devices should be asked.