In an earlier post, I discussed how wearables are becoming prominent in modern life, with Toronto being a notable hotspot for technology development and related interest. From a legal perspective, there are two main concerns with wearable technology: privacy and product liability. This instalment in the Toronto Wearables Series will focus on the former.
The primary issue with smart clothing is that the articles are constantly collecting, transmitting, and storing data, which means that they have information that is often considered personal, private, sensitive, or confidential. This makes smart clothing’s data mining abilities extremely strong. This is compounded by the fact that this information can easily be posted on social media networks, making it available to not only “friends” of the user, but possibly also to unknown or untrusted parties. Furthermore, wearables are able to collect information discreetly, otherwise known as data mining, which results in the users not actually knowing what data is being collected. This often means that users underestimate their privacy risks. In fact, a recent study showed that there is “a significant gap between reported concerns and actual users’ behaviors, reinforcing that users often sacrifice their privacy in exchange of benefits.” Put simply, the non-invasive biomedical, biochemical, and physical measurements of wearables have invasive implications for a user’s privacy. However, given the novelty of smart clothing, the extent of the impacts of these privacy concerns has not yet been fully understood. It is for this reason that empirical studies are necessary.
The same study collected a variety of online comments from users of wearables. Based on the consumer feedback, the study concluded that the primary privacy concerns are linked to the type of personal data that a given wearable device collects, stores, processes and shares. For example, there is a lower level of concern regarding smart accessories that are seen as a gadget (e.g. Fitbits), versus smart clothing that covers a large part of the body. Furthermore, embedded sensors, such as cameras and microphones, pick up data about the user and even people nearby, often without their awareness or consent. The nature of this data is frequently personal and confidential, which implicates privacy issues, especially with respect to surveillance. Other functions of wearables, such as heart rate monitors, glucometers, and activity trackers, can also be intrusive.
Interestingly, even though users perceived wrist-mounted devices as a non-invasive accessory from a privacy perspective, the study found a high associated risk. Indeed, there have been findings of an increased feeling of safety and confidence due to the user’s dependence on this type of wearable to track both biomedical data as well as daily movements that assist the user, such as the user’s location when in an unknown area. The ability to track location seems appropriate because of the convenience of having GSP at the ready. However, the communication of a user’s location information, without the control of the user, poses a substantial threat because once location is sensed and stored, it can then be shared online, in real time, through live social media feeds. Yet, given an appearance that is akin to a watch or a bracelet, wearables’ presence is often unnoticed, which means that the underlying privacy risk is not seen as a concern on a daily basis. Rather, a user more acutely senses its convenience benefits. This is in stark contrast with the more common smartphone, with which the user has a more conscious interaction.
In fact, integration is one of the primary selling points of smart clothing, which allows users to synchronize their clothing with their phones for the sake of convenience. From a privacy perspective, however, this means that all of the implications associated with smartphones are then added to the list of concerns regarding smart clothing. For example, more technologically-advanced smart clothing inventions could have access to a user’s photos, contacts, bank information, and applications, making all of the data, in addition to the collected biometrics, vulnerable to being shared publicly. Another notable example is that embedded speech recognition applications in both smartphones and smart clothing allow the convenience of hands-free interaction. However, the heightened sensitivity that is needed to be able to pick up on such demands means that even when a user is not alone, a potentially confidential conversation between the user and another party can be captured and stored, once again without knowledge or consent.
The above suggests two concerning points about the privacy risk associated with smart clothing. First, users are already anxious about a host of privacy issues, but the (perhaps more noticeable) benefits offered by these devices causes them to become more willing to sacrifice their privacy. Second, even though users have articulated some concerns, these are often misdirected or underestimated. This means that users do not know precisely what to worry about, and are therefore ill-equipped to protect themselves. Indeed, new applications, such as facial recognition software embedded in smart technologies offer such a profound sense of convenience and marketable novelty that consumers willingly allow a device to repeatedlycapture and store every inch of their face. This misplaced sense of trust in smart technologies, and particularly smart clothing, presents a significant barrier to technological advancement, as users’ engagement is difficult to predict.
This is the second post in the Toronto Wearables Series in IP Osgoode’s IPIlogue.