Our Blog: Stuff we think you should know

Who Should Regulate Wearables?

Who Should Regulate Wearables?

Wearable technology, or “wearables”, have been around for decades, technically first becoming popular with Pulsar’s Calculator Wristwatch in the 1970s. Since then, our wearables have become much more capable, accumulating detailed profiles on us as we use them. This begs the question… who is in charge of regulating them?

Wearable Technology Has Been a Successful Mixed Bag

Crunching the numbers, it is clear that wearables as a whole are a successful and appreciated technology by consumers. The number of connected devices around the world, which had reached the not-inconsequential amount of 526 million in 2016, is anticipated to exceed 1.1 billion in 2022. 167 million units of smartwatches and their wristbands are also projected to be shipped that same year.

Clearly, wearable technology has been a commercial success, so there is no reason to anticipate that manufacturers will slow down on their research and development anytime soon. However, it must also be said that wearables have created a few concerns that hadn’t needed to be addressed in the past - especially when it comes to security.

The Dangers of Data

It has been clearly demonstrated that wearables can also create considerable security concerns - in more ways than one might initially think. One only has to look back to the beginning of last year, when the heat mapping feature of the Strava fitness application revealed the classified locations of military bases, thanks to the activity trackers the soldiers would wear during their workouts. Wearables are also notorious for being updated very infrequently (if ever), which makes them perfect devices to be taken over and used as part of a botnet, or as an easy access point into the rest of an otherwise protected network.

One also has to consider what is being done with the data that these devices collect, and how that data could potentially be used to the possible disadvantage of the consumer.

The Regulations that Have Been Put in Place (and Which Matter)

Naturally, such a potentially explosive technology ought to be subject to some regulations. However, the governing bodies and organizations typically responsible for imposing these regulations may not be in a position to do so.

The FD&C Act

The Federal Food, Drug, and Cosmetic Act likely has no power to regulate wearables, as the Food and Drug Administration doesn’t include wearables in its classifications of medical devices, instead describing them as a “low-risk general wellness product.” Basically, the manufacturer’s intended use of a device is what designates it as a medical device or not, which means that (unless wearable manufacturers make the call) these consumer-focused devices won’t need to meet the FD&C Act’s standards.

HIPAA

The Health Insurance Portability and Accountability Act is intended to secure an individual’s rights to their health information. However, while it does provide some protections, HIPAA’s scope doesn’t really cover wearables, which are considered non-covered entities. Furthermore, wearable manufacturers are probably untouched by the secondary use of health data, which is the use of personal health information beyond the direct delivery of healthcare. Because all data is produced by a consumer, and not by a covered entity, secondary use of health data doesn’t apply.

The FTC Act

This act allows the Federal Trade Commission to go after companies that are carrying out deceptive practices, including a failure to comply with their own privacy policy. As it covers entities both covered and not covered by HIPAA, the FTC Act serves as the primary federal statute that dictates how non-covered entities handle their health information-related security practices. The FTC itself is also capable of bringing legal action against those organizations who play fast and loose with consumers’ information, whether they have violated privacy rights or failed to maintain sufficient security.

Where wearables are concerned, the FTC has already spoken up. In 2017, the FTC reported that very few companies discussed their cross-device tracking practices in their privacy policies. Cross-device tracking allows multiple devices to be associated with a single user by linking that user’s activities across these devices. This example shows how the FTC Act is currently one of the more effective means of keeping wearable companies accountable.

What do you think about wearables? Are they something you see as needing to be regulated? Share your thoughts in the comments!

Tip of the Week: 5 Handy OneNote Features
Bringing Enterprise Solutions to the Small-to-Medi...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, June 26 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Cloud Privacy Business Email Hackers User Tips Malware Business Computing Computer Network Security Microsoft Hosted Solutions Productivity Google Software Internet Tech Term Data Small Business Efficiency Communication IT Services Backup Ransomware Mobile Devices Workplace Tips Hardware Windows 10 Smartphone Microsoft Office Cloud Computing Saving Money Android Data Recovery IT Support Productivity Facebook Windows Upgrade Browser Social Media Business Continuity Gmail Managed IT Services Data Management Managed IT Services Innovation Mobile Device Server Users Data Backup Phishing Word Office 365 Information Internet of Things Outsourced IT App Windows 10 Disaster Recovery Smartphones Passwords Encryption Network Chrome Vulnerability Cybersecurity communications Employer-Employee Relationship Artificial Intelligence Miscellaneous Business Management Remote Monitoring Managed Service Provider VoIP Gadgets Office Tips Spam Save Money Website Virtual Reality Hacker Apple Tip of the week Analytics Content Filtering IT Support Apps Big Data Managed Service Government Money Applications Infrastructure BYOD The Internet of Things IT Management Customer Service Augmented Reality Virtualization Maintenance Settings Tablet Two-factor Authentication Data storage Paperless Office Employee-Employer Relationship Display Antivirus Bandwidth YouTube VPN Unified Threat Management Access Control Education Firewall Robot Risk Management Router Wireless Printing Development WiFi Automation Avoiding Downtime Mobile Security Bring Your Own Device Touchscreen Wi-Fi Office Computing Wireless Technology Google Drive Laptop Password Document Management Recovery Telephone Systems Mouse Vendor Management LiFi Quick Tips Safety Scam Computers Business Intelligence Storage Downtime Retail Solid State Drive Hosted Solution SaaS Networking Company Culture Outlook Hacking Hard Disk Drive Data Security HIPAA Monitors Holiday Search Data loss Business Technology IBM Virtual Private Network Presentation Operating System Chromebook Mobile Device Management Administration Customer Relationship Management End of Support Server Management Value sip Smart Office Co-Managed IT Buisness Specifications Compliance Marketing How To Charging Mail Merge Private Cloud Online IoT Digital Signage Unified Threat Management Lithium-ion battery Downloads IT Technicians Application Wires Software as a Service Disaster Shortcut Tech Support IT solutions Monitoring Hard Disk Drives Spyware Superfish File Sharing Cooperation Bitcoin Network Congestion Solar Print Toner Statistics Computer Care Break Fix Cookies Address Hotspot Professional Services Best Practice telephony Work Content Samsung 5G Black Friday Regulations Information Technology Messaging Microsoft Excel Star Wars Google Docs Desktop User Error Halloween Multi-Factor Security Mirgation Writing Voice over Internet Protocol Entertainment Uninterrupted Power Supply Patch Management Websites Identity Theft Cortana Spying Solid State Drives Staff Windows 8 Shortcuts Bluetooth Training Fun Dark Web Nanotechnology Corporate Profile Automobile Language USB Business Growth Optimization Streaming G Suite Cyber Monday Social Networking Hard Drives Google Wallet Analysis Employee-Employer Relationships Blockchain Cost Management Troubleshooting VoIP Scary Stories Google Calendar Chatbots Current Events FinTech iOS Legal National Security How To IP Address Cybercrime Printer Wearable Technology Security Cameras Net Neutrality Screen Reader WannaCry Computing Infrastructure Dongle User Alt Codes Dark Data Recycling Human Error IT service Heating/Cooling Smart Technology Motherboard Refrigeration Drones Students Knowledge Permissions Assessment Public Speaking Time Management Remote Computing Sports Legislation Identity Going Green Social Engineering MSP Scalability Competition PowerPoint Updates Firefox Update Mobile Office Social Managing Stress Managed Services Cabling FCC Smart Tech Mixed Reality Alerts Service Level Agreement Typing eWaste Device BDR Servers Distributed Denial of Service Experience Unified Communications Fraud Internet Exlporer Deep Learning Humor LED Network Management Comparison Migration Digital Payment Onboarding Techology Running Cable SharePoint Hacks Cables Laptops Managed IT Politics Title II Connectivity Slack Data Breach Digital Lenovo Collaboration Licensing Cryptocurrency Continuity Mobility Google Maps Virtual Desktop Managed IT Service Modem Undo Budget Alert CCTV Windows 7 Emoji Webcam Electronic Medical Records Work/Life Balance Error Regulation Black Market Point of Sale Mobile Computing Physical Security CrashOverride Travel Law Enforcement Notifications Upgrades Domains Twitter Botnet Supercomputer Motion Sickness Gadget Staffing Personal Information Emergency Administrator Crowdsourcing Taxes 3D Printing Printers Web Server Machine Learning IT Budget GPS Computer Repair IT Consultant Unsupported Software Processors Cameras Relocation Meetings Tracking Health Cleaning Mobile Data