18.8 C
Canberra
Tuesday, January 26, 2021
Independant Liquor

‘Who owns the data?’: Fitbits and private health data give pause for thought

Australians who unwrapped a Fitbit at Christmas likely plan to use the data it collects to improve their health; however, researchers warn there are data privacy concerns to consider.

Heralding from San Francisco since 2007, wearable tech giant Fitbit offers increasingly advanced technology to track vital signs like heart and breathing rates, and encourages customers to use its app to set goals around exercise, weight, daily activity, sleep, water and food consumption.

As described on the Fitbit website, the inconspicuous wristband “tracks every part of your day”.

Demonstrating its power, Fitbit launched a COVID-19 study in May 2020 aimed at building an algorithm that detects the virus before an infected person notices symptoms.

So far, the study has detected nearly 50% of cases one day before COVID-19 positive participants reported the onset of symptoms, with 70% specificity.

Alongside celebrations of this kind of technology as a force for good, others remain vigilant about its potential misuse.

One year since Google announced its plans to purchase wearable tech giant Fitbit for $2.1 billion USD, Australian academics voiced concerns that Google will monetise the health data of about 30 million active users.

Australian academics oppose Google’s acquisition of Fitbit

Researchers warn Google’s acquisition of Fitbit could be problematic. Image: Unsplash

In November 2020, research from the Monash Business School was presented to the European Commission and the Australian Competition and Consumer Commission (ACCC), attempting to block Google’s acquisition of Fitbit.

One month later on 22 December the ACCC announced it did not accept a long-term behavioural undertaking offered by Google that sought to address competition concerns.

Google offered the Australian regulator the same court enforceable undertaking recently accepted by its overseas counterpart, the European Commission, including that it would not use health data for advertising and, in some circumstances, allow competing businesses access to health and fitness data.

Monash Associate Professor Zhijun Chen said Google’s bid for Fitbit was consistent with its strategy to expand into health care, life sciences and insurance.

And Monash Professor Chongwoo Choe, director of the Centre for Global Business, said Google’s proposed acquisition of Fitbit was not just about a gadget being brought into Google’s ecosystem, it was also about highly sensitive data that was likely to harm consumers in health insurance, medical services, and even labour markets if it was misused.

“All too often, academics and policymakers look back and lament a failure to intervene more decisively and bemoan their hopeful reliance on remedies that just don’t work,” Professor Choe said.

“Blocking the merger doesn’t solve all problems related to health data, but it avoids amplifying already existing problems.”

Following an in-depth investigation of the proposed transaction, the European Commission approved the acquisition of Fitbit by Google on 17 December 2020.

Google made several commitments, including to store Fitbit data in a ‘silo’ which will be separate from any other Google data used for advertising.

The ACCC was set to announce its decision about a similar offer from Google on 9 December; however, an announcement was delayed, with a new decision date to be announced “in due course”. 

Our health in our hands

A Fitbit is just one example of wearable technology, a rapidly advancing area of medicine and health science.

In Canberra, a multidisciplinary research project created by the Australian National University and ACT Health, Our Health in Our Hands (OHIOH), explores the ways miniaturised technologies can improve the accuracy of medical diagnosis, assist to precisely target treatment plans, and monitor patients without invasive sampling procedures.

With a focus on health data analysis and security, ANU Associate Professor Hanna Suominen said there were many privacy and security concerns to consider when rolling out new technologies that collect health data.

“Some of the risks with these technologies are: who owns the data? What will be done with it when it’s connected with other purposes? What if my insurance company or future employer gets hold of this data?”

Professor Hanna Suominen

In 2017, almost 500,000 pacemakers were recalled after it was revealed they were vulnerable to hacking, meaning an attack could reduce the battery life or increase device activity, endangering patients’ lives.

The following year, the Guardian reported that fitness tracking app Strava gave away the location of secret US army bases. 

Professor Suominen said the security of medical data cannot be compromised, and her research on the subject indicated data privacy was an issue that concerned Australians.

“That’s a risk people really recognise,” she said.

“I’m really proud of the digital literacy of Australians, that they do know the risks.

“They emphasise that they need to be able to trust the technology.”

She said the rigour of the ethics clearance process from academia should have a place in the commercial world.

“Know who is responsible, have a risk management plan, have an ethics committee.

“That clearance doesn’t mean everything will go smoothly, but it’s a good starting point,” Professor Suominen said.

Follow this link for the most recent news stories from Canberra Weekly.