☲☰CRYPTED
Editor’s Note: For most of us, the wide world of technology is a wormhole of dubious trends with a side of jargon soup. If it’s not a bombardment of startups and tech trends (minimum viable product, Big Data, billion dollar IPO!) then it’s unrelenting feature mongering (Smart Everything! Siri!). What’s a level-headed guy with a few bucks in his pocket supposed to do? We’ve got an answer, and it’s not a ⌘+Option+Esc. Welcome to Decrypted, a new weekly commentary about tech’s place in the real world. We’ll spend some weeks demystifying and others criticizing, but it’ll all be in plain english. So take off your headphones, settle in for something longer than 140 characters and prepare to wise up.

Last month New York Times writer Ron Lieber wrote on his experience allowing State Farm to track his driving as part of their usage-based insurance policy. These types of systems are in their infancy, but they allow drivers to lower their insurance premiums based on safe driving, as determined by data points like acceleration, velocity and g-forces during turns. “For me, it turned driving into a game that could yield real money through safer behavior,” wrote Lieber.

Driving data is one part of the new, so-called “quantified self”, in which car sensors, home thermostats and omnipresent on-person devices gather objective information to create a viewable, digital portrait of someone’s life. Data collection is quickly becoming popular due to the effectiveness and objectivity of using data to adjust premiums, target advertisements and generally operate a consumer-facing business better. The immediate incentives for early stage adopters like Lieber of any tracking device are clear: understanding and motivation. In the case of auto insurance, this digital portrait has so far led “participants in the program [to] get an average of 10 to 15 percent off their premium”. But for consumers, there are also troubling implications looming concerning how a person’s digital portrait can be used and the security of important data.

The worries aren’t exactly new. At the advent of popular location services such as FourSquare, the excitement users felt seeing where they’d been and their ability to keep tabs on their friends was a draw soon tinged by the risks of oversharing (which can be quickly summed up by the aptly named Please Rob Me, a site that serves to show people how information they post online can be used against them). Currently, in an exact parallel, fitness trackers are gaining popularity because of their ability to help users visualize and track their fitness and compare themselves to their friends, not to mention the motivation inherent in having every one of their steps counted (doubters need to look no further than David Sedaris’s experiences). While the danger in the first instance of being “located” appeals readily to a person’s hard-wired sense of caution, the potential dangers inherent in the recent rise of tracking health data using wearable devices and smartphone apps is more real, and much more insidious.

The potential dangers inherent in the recent rise of tracking health data using wearable devices and smartphone apps is real, and insidious.

To see these dangers one can look again to the car insurance example. Currently, according to Lieber, there’s no penalty for dangerous driving for those who opt into the program, only discounts for safe driving. But as more drivers agree to share their data, there will be a built-in relative cost for “private” driving, as rates will remain constant for holdouts. There’s also the potential that premiums for holdouts will rise if these drivers share similar characteristics (age, race, income level, location) with other drivers who have installed sensors into their cars and proven themselves risky drivers.

This same logic could ostensibly be carried over into other, more personal areas. Wearable companies like Fitbit and Jawbone have been an increasingly popular choice in capturing data for large shares of health-conscious consumers. But what they do with that data is up to them. In a series on privacy concerns held last spring, the FTC found that the “12 [health] apps tested transmitted information to 76 different third-parties”, including consumer health metrics along with identifying characteristics. These third-parties include data brokers, who keep tabs on millions of Americans.

While scrutiny has caused existing companies to change their privacy policies, including Fitbit, and companies new to the segment to stress privacy conscious policy — Apple dedicated a new section of their site to privacy considerations after they announced their HealthKit app — there exists no stringent set of laws dictating how these companies can use the data they collect. HIPAA and the Health Insurance Portability and Accountability Act do not extend beyond medical records to cover seemingly innocuous health data on your smartphone, and while these apps receive some FDA regulation, the agency is mostly policing safety, not privacy.

“Health data stored by patients in apps is typically not protected by federal health privacy laws, although some apps may be covered by state privacy laws, so historically consumers using these apps were protected to the extent the app vendors abided by any promises made in their licensing agreements or privacy policies”, Deven McGraw, a health care attorney for Manatt, Phelps & Phillips, recently told Politico.

To users, the future consequences of data tracking are far off and unknown, while the current benefits make data tracking actually a very appealing prospect.

And companies have huge incentives to gain, and keep open, access to these data. For insurance companies, the data allows them to more accurately adjust premiums and mitigate financial risks; in the case of advertisers, any available data helps to target adverts and sell products more effectively. In an interview in Forbes, Kelly Barnes, who tracks healthcare for PricewaterhouseCoopers, said she’s “very confident we’re all going to be on insurance marketplaces in the not-too-distant future”, via our digital selves.

Amplifying the danger is the present landscape. To users, the future consequences of data tracking are far off and unknown, while the current benefits make data tracking actually a very appealing prospect. In the coming years, those who allow access to health data for their insurance company and can prove high levels of fitness — and, although it’s still on the horizon, good eating habits via soon-to-be-developed glucose monitoring devices — will see their premiums shrink. Even if you don’t opt to give information to insurance companies, you might soon be convinced otherwise by your employer. Companies seeing the health benefits of “recommended” but not mandatory use of wristbands has led health tracking companies to target employers, pitching them on their ability to monitor their employees and motivate them to be healthier, or at the very least, take the stairs occasionally. Healthier employees are cheaper for insurance reasons, work harder and don’t take off as much. Insurance companies and employers will now be able to accurately assess risk and better motivate the health of their employees and customers. In short, everyone will be able to do their jobs better — which sounds great, unless you fall on the left side of the health bell-curve.

Doubtless, the future will hold online privacy legislation, like the kind President Obama urged in 2012. But the incentives to leave the door open to selling and using this data by Big Business are extraordinary, as indicated by businesses with an interest in data exerting their vast lobbying power in order to obstruct legislation in Washington. Stymied legislation has led states to take privacy law into their own hands, to limited effect.

Currently, available tracking technology is mostly harmless, and usually beneficial and fun. But the trend of big data is only going to expand. The future could see the rise of much more intimate and revealing data, such as genome mapping (some companies already offer genome sequencing services) or wearables that extend beyond obvious biometric data for more revealing, and therefore valuable, body chemistry. In these latter cases, data could reveal information and punish users based on the likelihood they’ll develop future conditions (the motivating reason behind the passage of the Genetic Information Nondiscrimination Act in 2008), in addition to addressing their day-to-day habits. But those worries are far off, and for now users who want to continue wearing a Fitbit should do so. They just need to keep in mind that they don’t have to be high profile for their data to be valuable.