BNMC Blog

Who Should Regulate Wearables?

Who Should Regulate Wearables?

Wearable technology, or “wearables”, have been around for decades, technically first becoming popular with Pulsar’s Calculator Wristwatch in the 1970s. Since then, our wearables have become much more capable, accumulating detailed profiles on us as we use them. This begs the question… who is in charge of regulating them?

Wearable Technology Has Been a Successful Mixed Bag

Crunching the numbers, it is clear that wearables as a whole are a successful and appreciated technology by consumers. The number of connected devices around the world, which had reached the not-inconsequential amount of 526 million in 2016, is anticipated to exceed 1.1 billion in 2022. 167 million units of smartwatches and their wristbands are also projected to be shipped that same year.

Clearly, wearable technology has been a commercial success, so there is no reason to anticipate that manufacturers will slow down on their research and development anytime soon. However, it must also be said that wearables have created a few concerns that hadn’t needed to be addressed in the past - especially when it comes to security.

The Dangers of Data

It has been clearly demonstrated that wearables can also create considerable security concerns - in more ways than one might initially think. One only has to look back to the beginning of last year, when the heat mapping feature of the Strava fitness application revealed the classified locations of military bases, thanks to the activity trackers the soldiers would wear during their workouts. Wearables are also notorious for being updated very infrequently (if ever), which makes them perfect devices to be taken over and used as part of a botnet, or as an easy access point into the rest of an otherwise protected network.

One also has to consider what is being done with the data that these devices collect, and how that data could potentially be used to the possible disadvantage of the consumer.

The Regulations that Have Been Put in Place (and Which Matter)

Naturally, such a potentially explosive technology ought to be subject to some regulations. However, the governing bodies and organizations typically responsible for imposing these regulations may not be in a position to do so.

The FD&C Act

The Federal Food, Drug, and Cosmetic Act likely has no power to regulate wearables, as the Food and Drug Administration doesn’t include wearables in its classifications of medical devices, instead describing them as a “low-risk general wellness product.” Basically, the manufacturer’s intended use of a device is what designates it as a medical device or not, which means that (unless wearable manufacturers make the call) these consumer-focused devices won’t need to meet the FD&C Act’s standards.

HIPAA

The Health Insurance Portability and Accountability Act is intended to secure an individual’s rights to their health information. However, while it does provide some protections, HIPAA’s scope doesn’t really cover wearables, which are considered non-covered entities. Furthermore, wearable manufacturers are probably untouched by the secondary use of health data, which is the use of personal health information beyond the direct delivery of healthcare. Because all data is produced by a consumer, and not by a covered entity, secondary use of health data doesn’t apply.

The FTC Act

This act allows the Federal Trade Commission to go after companies that are carrying out deceptive practices, including a failure to comply with their own privacy policy. As it covers entities both covered and not covered by HIPAA, the FTC Act serves as the primary federal statute that dictates how non-covered entities handle their health information-related security practices. The FTC itself is also capable of bringing legal action against those organizations who play fast and loose with consumers’ information, whether they have violated privacy rights or failed to maintain sufficient security.

Where wearables are concerned, the FTC has already spoken up. In 2017, the FTC reported that very few companies discussed their cross-device tracking practices in their privacy policies. Cross-device tracking allows multiple devices to be associated with a single user by linking that user’s activities across these devices. This example shows how the FTC Act is currently one of the more effective means of keeping wearable companies accountable.

What do you think about wearables? Are they something you see as needing to be regulated? Share your thoughts in the comments!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, June 19 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Cloud Email Business Computing Privacy User Tips Malware Productivity Hackers Network Security Google Business Microsoft Software Computer Hosted Solutions Tech Term Communication Data Ransomware Internet IT Services Efficiency Mobile Devices Small Business Cloud Computing Data Recovery Workplace Tips IT Support Backup Hardware Smartphone Android Saving Money Innovation Managed IT Services Microsoft Office Business Continuity Data Backup Data Management Internet of Things Mobile Device Users Social Media Managed IT Services Browser Windows 10 Windows Information Productivity Vulnerability Upgrade Facebook Server Cybersecurity Phishing Office 365 Gmail App Business Management Windows 10 Word Outsourced IT Passwords Smartphones Chrome Remote Monitoring communications Artificial Intelligence Network Disaster Recovery Encryption VoIP Employer-Employee Relationship Miscellaneous Managed Service Provider Virtual Reality Gadgets Analytics Applications BYOD Infrastructure Website Money IT Support Managed Service Tip of the week Save Money Google Drive Content Filtering Bandwidth Automation Apps Settings Apple VPN Education Access Control Paperless Office IT Management Government Router YouTube Risk Management Hacker Data storage Unified Threat Management Company Culture Office Tips Employee-Employer Relationship Display Maintenance Antivirus Robot Big Data Administration Downtime Solid State Drive Mouse Wireless Networking End of Support HIPAA Hard Disk Drive Mobile Security Storage Data Security Server Management Business Technology SaaS Printing Business Intelligence Virtual Private Network Touchscreen Holiday Quick Tips Computers Virtualization Tablet Data loss Retail Alert Telephone Systems desktop Spam Computing Outlook Augmented Reality Two-factor Authentication Managing Stress Bring Your Own Device Operating System Laptop Firewall WiFi LiFi Vendor Management The Internet of Things Avoiding Downtime Monitors Hosted Solution Development Document Management Scam Chromebook Heating/Cooling Multi-Factor Security Social Engineering Motherboard Cables Computer Care IBM Best Practice Alerts USB File Sharing Current Events Co-Managed IT Identity Continuity Software as a Service Break Fix Websites Fraud Cost Management Cybercrime Onboarding Time Management Printer Print Toner Search Black Friday Screen Reader Charging Identity Theft Cryptocurrency Slack Hard Disk Drives Marketing Smart Office Content Servers Google Calendar Safety Wires Training Corporate Profile Google Docs Messaging Emergency Licensing Dongle IT solutions Going Green Remote Computing Solar G Suite Entertainment Dark Web Assessment Automobile Hacks Digital Signage Network Management Dell Google Wallet Shortcuts Cyber Monday Smart Tech Bitcoin Monitoring Solid State Drives Network Congestion Work Streaming Legislation Voice over Internet Protocol WannaCry Business Growth Employee-Employer Relationships Cooperation Service Level Agreement Halloween Cabling Writing Compliance Legal iOS Microsoft Excel Wi-Fi Hotspot Internet Exlporer Google Maps Password Troubleshooting SharePoint IT Technicians Optimization Unified Communications Drones Security Cameras Managed IT Smart Technology Connectivity Windows 8 Spying National Security Techology Human Error Statistics Modem FinTech Analysis Students How To Lenovo Dark Data Update Staff Leominster Scary Stories Regulations Deep Learning Scalability Mail Merge Blockchain Language Value Running Cable Mobile Device Management Downloads Mirgation Recycling Buisness Managed Services Shortcut Distributed Denial of Service Politics IoT Digital Payment VoIP Unified Threat Management Device Bluetooth Comparison Cookies MSP Virtual Desktop Digital Alt Codes Mixed Reality Firefox Superfish Customer Service K-12 Schools Sports Disaster Office Samsung Social Networking Migration Address Permissions Private Cloud Computing Infrastructure Professional Services Collaboration LED Chatbots eWaste Budget Laptops Patch Management Managed IT Service Tech Support Star Wars Social PowerPoint User Error Information Technology Mobility Specifications Nanotechnology Spyware Typing Humor Data Breach Customer Relationship Management Wearable Technology Network upgrade Uninterrupted Power Supply Notifications Windows 7 Electronic Medical Records Physical Security Error Twitter Point of Sale Ben McDonald shares Upgrades Gadget Emoji Crowdsourcing BDR Travel Personal Information Botnet 3D Printing Regulation Supercomputer CrashOverride Cortana Staffing Motion Sickness Processors Taxes Machine Learning Administrator Web Server what was your? Unsupported Software IT Budget GPS IT Consultant Computer Repair Relocation Printers Cameras Mobile Data Updates How To Work/Life Balance Tracking Recovery Meetings Cleaning Health Mobile Computing CCTV Black Market Law Enforcement Webcam

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3