Google acquiring Fitbit: Opportunity or Risk?

Everyone knows that living a healthy lifestyle has a huge impact on your health. It’s why we try and choose apples over cupcakes, take walks after dinner, and generally try and adopt good habits and work at shedding the old. It’s why roughly 40% of New Year’s resolutions go something like this:

“This is the year I’m finally going to lose weight!”

Or…

“I’m going to train for a marathon this year”

Just visit an gym this month and you’ll see living proof that in general, people do care about their health.

But as we all know, changing your behavior about as easy as building a dam with icing sugar. That’s why most resolutions fail. In just a few weeks, those packed gyms will empty out again, paving the way for the diehard regulars who’ve somehow managed to make fitness a way of life.

Enter the billion-dollar industry of fitness trackers. Innovation in the wearable tech industry has given us Fitbit and its imitators. These devices, essentially small computers on a bracelet that looks like a watch, aim to help those who’ve fallen by the wayside with their health habits… brands like Fitbit, Alexa, and Apple shipped 172.2 million devices in 2018 and 53 million smartwatches. That’s enough for the entire population of Canada… six times over.

Wearables are fun, popular, and for some, they actually work. With alerts, friendly messages, and data tracking they somehow do coax a select few people who use them to actually start moving more. They have, however, created a lot of discussion in the privacy world. Some of that discussion revolves around the way that some organizations are leveraging people’s natural desire to get fit – in order to amass health data and, in turn, save money and improve the bottom line. It all has to do with wellness programs and the incentives they use to get people to sign up and start submitting their health data.

The Opportunity

Both your health insurance’s wellness perks and your employer’s wellness program are cleverly-disguised ploys to cash in on your desire to get fit and your willingness to embrace technology to do so. Backed by government incentives to encourage wellness, both entities offer rewards for healthy behavior.

Sometimes those rewards come in the form of cash. The Blue Cross Blue Shield health insurance company, for example, developed the Blue365 program for its members. Those rewards range from discounts on healthy snacks to deals on sneakers to discounted gym memberships and cold, hard cash. Complete a nutrition quiz and earn $10. Watch a video on healthy living, take the quiz afterwards, and earn another $10. It’s not uncommon for members to rack up rewards and receive pre-paid visa cards worth $125 and up. Get points when you log in. Get even more when you schedule a wellness visit with your doctor.

What do employers and insurance companies get out of this? Well for starters, in some countries, such as the U.S., they are allowed to incentivize wellness and health. They do this by charging their employees more for health insurance if they don’t participate in wellness programs or offering the type of rewards mentioned above if they do.

The Risk

On common perk in such programs is Fitbit discounts which, given the affiliation of the rewards program with the health insurance company, raises a red flag. Suddenly, that seemingly innocuous pedometer data seems powerful. In the hands of an insurance official, your (lack of) steps taken each day can prove incredibly insightful when paired with the data they have on you about your family history of diabetes. You can just hear them now: “You are prone to diabetes? You don’t exercise enough? You never use your gym membership? OK we’ll simply adjust your monthly premium – upwards, of course, to reflect our prediction that someday, you will be costing us a lot of money when you have a chronic disease.”

The risk, of course, is that you are putting your own health data at risk.

Canadians and others are well aware of how often breaches occur, just in the health care space. Yet, despite the Health Privacy Act, some of what you or I might consider “health data” isn’t necessarily protected to the degree that we think or hope. Selling medical data is big bucks and, some would argue, is important if we ever want to cure cancer or solve other health-related problems using ML and AI.

Fitbit Data = Health Data, No?

So, what could be the problem with selling your daily footstep count, you say? Isn’t it trivial, compared to actual medical records – the kind collected and stored by your doctor? Some governments say yes, and their data privacy laws reflect this sentiment: that the type of data collected by fitness trackers is different from health data.

In the U.S., for example, the data that Fitbit and other fitness trackers collect (steps, heart rate, temperature, etc.) are not classified as health data and therefore are not protected by the government’s Health Insurance Portability and Accountability Act (HIPAA). HIPAA aims to safeguard medical information with privacy and security measures as well as granting people the right to easy access their own health information. Facebook, which collects untold data points on its users, is not classified as a health device and as such, is not subject to HIPAA either.

Facebook and other tech giants do, however, mine that data for health insights. There’s a word for this, when you mine trivial data for health insights: phenotyping. Phenotyping carries heavy implications, if you think about it in terms of privacy.

The Solution?

One way to keep fitness tracker data from falling through privacy regulation loopholes is to declare all data as health data – a suggestion offered by a New York Times columnist who describes some Orwellian examples of how “metadata” can be used to predict a host of health concerns, such as Parkinson’s Disease, Pregnancy, and depression.

In the meantime, you can look at the privacy policy of your fitness tracker, your wellness program, and any other vehicle that transmits your data, and look for HIPAA compliance (if you’re in the U.S.). The Canadian government has a page about it on the website of the Office of the Privacy Commissioner of Canada. It’s a bit dated but it gives good in-depth description of the discussion around wearables.

Irish Tech News https://ift.tt/2wMXh73