55°F
weather icon Cloudy
Las Vegas, NV
Ad 320x50 | 728x90 | 1200x70
Health

Tracking your health with a device? Here’s what could happen with the data

Apple Watch Series 10 are seen on display at the Fifth Avenue Apple Store on new products launc ...
Apple Watch Series 10 are seen on display at the Fifth Avenue Apple Store on new products launch day on Sept. 20, 2024, in New York City. (Michael M. Santiago/Getty Images/TNS)
By Hannah Fry Los Angeles Times
November 29, 2024 - 7:09 am
 

Every day millions of people share more intimate information with their accessories than they do with their spouse.

Wearable technology — smartwatches, smart rings, fitness trackers and the like — monitors body-centric data such as your heart rate, steps taken and calories burned, and may record where you go along the way. Like Santa Claus, it knows when you are sleeping (and how well), it knows when you’re awake, it knows when you’ve been idle or exercising, and it keeps track of all of it.

People are also sharing sensitive health information on health and wellness apps, including online mental health and counseling programs. Some women use period tracker apps to map out their monthly cycle.

The devices and services have excited consumers hoping for better insight into their health and lifestyle choices. But the lack of oversight into how body-centric data is used and shared with third parties has prompted concerns from privacy experts, who warn that the data could be sold or lost through data breaches, then used to raise insurance premiums, discriminate surreptitiously against applicants for jobs or housing, and even perform surveillance.

The use of wearable technology and medical apps surged in the years after the COVID-19 pandemic, but research recently released by Mozilla indicates that current laws offer little protection for consumers who are often unaware just how much of their health data are being collected and shared by companies.

Raising alarms

“I’ve been studying the intersections of emerging technologies, data-driven technologies, AI and human rights and social justice for the past 15 years, and since the pandemic, I’ve noticed the industry has become hyperfocused on our bodies,” said Mozilla Foundation technology fellow Júlia Keserú, who conducted the research. “That permeates into all kinds of areas of our lives and all kinds of domains within the tech industry.”

The report recommends that existing data protection laws be clarified to encompass all forms of bodily data. It also calls for expanding national health privacy laws to cover health-related information collected from health apps and fitness trackers and making it easier for users to opt out of body-centric data collections.

Researchers have been raising alarms about health data privacy for years. Data collected by companies are often sold to data brokers or groups that buy, sell and trade data from the internet to create detailed consumer profiles.

Body-centric data can include information such as the fingerprints used to unlock phones, face scans from facial recognition technology, and data from fitness and fertility trackers, mental health apps and digital medical records.

One of the reasons health information has value to companies — even when the person’s name is not associated with it — is that advertisers can use the data to send targeted ads to groups of people based on certain details they share. The information contained in these consumer profiles is becoming so detailed, however, that when paired with other data sets that include location information, it could be possible to target specific individuals, Keserú said.

Location data can “expose sophisticated insights about people’s health status, through their visits to places like hospitals or abortions clinics,” Mozilla’s report said, adding that “companies like Google have been reported to keep such data even after promising to delete it.”

‘We need a new approach’

A 2023 report by Duke University revealed that data brokers were selling sensitive data on individuals’ mental health conditions on the open market. While many brokers deleted personal identifiers, some provided names and addresses of individuals seeking mental health aid, according to the report.

In two public surveys conducted as part of the research, Keserú said, participants were outraged and felt exploited in scenarios where their health data were sold for a profit without their knowledge.

“We need a new approach to our digital interactions that recognizes the fundamental rights of individuals to safeguard their bodily data, an issue that speaks directly to human autonomy and dignity,” Keserú said.

Gaps in existing laws have allowed the widespread sharing of biometric and other body-related data.

Health information provided to hospitals, doctor’s offices and medical insurance companies is protected from disclosure under the Health Insurance Portability and Accountability Act, known as HIPAA, which established federal standards protecting such information from release without the patient’s consent. But health data collected by many wearable devices and health and wellness apps doesn’t fall under HIPAA’s umbrella, said Suzanne Bernstein, counsel at Electronic Privacy Information Center.

“In the U.S. because we don’t have a comprehensive federal privacy law … it falls to the state level,” she said. But not every state has weighed in on the issue.

Nevada, Washington and Connecticut all recently enacted laws to provide safeguards for consumer health data. Washington, D.C., in July introduced legislation that aimed to require tech companies to adhere to strengthened privacy provisions regarding the collection, sharing, use or sale of consumer health data.

‘A big issue’

Health information has become a prime target for hackers seeking to extort health care agencies and individuals after accessing sensitive patient data.

Health-related cybersecurity breaches and ransom attacks increased more than 4,000 percent between 2009 and 2023, targeting the booming market of body-centric data, which is expected to exceed $500 billion by 2030, according to the report.

“Nonconsensual data sharing is a big issue,” Keserú said. “Even if it’s biometric data or health data, a lot of the companies are just sharing that data without you knowing, and that is causing a lot of anxiety and questions.”

MOST READ
Exco Sidebar
Don't miss the big stories. Like us on Facebook.
MORE STORIES
THE LATEST
The Food and Drug Administration has said the expiration dates of rapid COVID-19 tests are subj ...
What you should know about expired COVID tests
By Morayo Ogunbayo The Atlanta Journal-Constitution

You probably have a cabinet full of rapid COVID-19 tests you’ve accumulated. The expiration dates have come closer and closer

There are two new RSV immunizations available. Babies are protected by either their mother bein ...
What are the options for protecting babies from RSV?
By Mary Caserta American Academy of Pediatrics

RSV is the most common cause of hospitalization in infants under 1 year old. The infection can spread to the lungs and cause serious breathing problems.

Diets that emphasize nutrient-rich, whole foods such as fatty fish, colorful fruits and vegetab ...
The 3 best foods for brain health, according to doctors
By Emily Laurence | Parade

When it comes to aging, most people don’t just want to survive into old age, they want to thrive. Part of that means staying mentally sharp.

Cynthia Erivo poses for photographers upon arrival at the premiere of the film 'Wicked' on Mond ...
Cynthia Erivo sees ‘Wicked’ wish come true
By C.L. Gaber Special / RJ

“It feels like things happened really fast, but the truth is it has taken a long time to get to this point in life,” she says of starring in the movie musical.

 
Opening date set for Henderson’s newest hospital
By Emerson Drewes / RJ

Valley Health System says the new hospital serving West Henderson will open with 150 beds but has been master planned to expand to 450 beds.