|
META TOPICPARENT | name="FirstEssay" |
|
| Facing a situation such as Fitbit and Apple’s data breach, the question arises: what can the law do about this, if anything? The question is particularly problematic because these wearable devices lie at the intersection of several areas: health, data protection and personal fashion accessories.
There are many laws that partially apply to this issue: the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the FDA's Medical Device Tracking Regulation are the most relevant. However, this essay will not delve further into the current legislation. |
|
< < | What should the law do about it?: Problems with this case |
> > | What should the law do about it? |
| |
|
< < | After reading this essay, most people will reach the conclusion that the way forward is very easy: there just needs to be a piece of legislation passed which tackles smart devices and protects the data of the consumers. However, the answer is not as straightforward as it may seem. Firstly, these smart devices are considerably hard to define: is it a medical device? Is it just an accessory? Is it a learning tool? Every person that buys a smart watch, for example, has their reasons to do it, and they’re not always for health or medical reasons. The question thus arises whether the law should encompass every single device that has the potential to track health data, or only devices that are specifically designed to do so, leaving a big potential gap in the legislation. |
> > | After reading this essay, most people will reach the conclusion that the way forward is very easy: there just needs to be a piece of legislation passed which tackles smart devices and protects the data of the consumers. However, the answer is not as straightforward as it may seem. |
| |
|
< < |
No, the problem isn't finding the right words. The problem is that this the wrong scope of legislation. Are we trying to prevent poorly-designed technologies from causing environmental harm in the privacy environment? Are we trying to make businesses liable for inadequate security when criminals cause harm to them and their customers? Are we trying to engineer an insurance system against inevitable privacy damages, so as to spread the lesses across society rather than leaving them to lie where they fall? |
> > | One of the main issues regarding legislation around portable devices, such as smart watches, is that they often are reactive pieces of legislation. A problem happens, such as the data breach in Apple's and Fitbit's case, and then a piece of legislation arises which protects consumers from data breaches. Nonetheless, the real issues are not tackled: |
| |
|
< < | We are not mere bureaucrats: we don't make laws about devices. We are trying to understand the large contours of social change resulting from the political consequences of technological design and implementation. If we do that we can make law that shapes technological development rather than responding to it.
|
> > | Firstly, the law does not tackle the underlying issue of data centralization. Thus, the law is simply a reactive weapon against an issue that will keep on occurring if the main cause is not eliminated. The law should thus tackle the main root of the issue, rather than protect consumers against the consequences of it. |
|
Secondly, these devices evolve so fast that as soon as a potential piece of legislation is passed, it will likely already be obsolete. Very soon there will no longer be smart watches tracking our movements, but there will be implants on our bodies which will do that function. What then? Should we pass a new piece of legislation? Should we predict the future developments already and include them all in this potential piece of legislation? What about what we cannot predict? |
|
< < |
Precisely.
|
> > | So, what should the law do about it? The law should shape the change that we want to see in privacy concerns regarding portable devices. In other words, the law has the potential to create effective change and shape the technological development we would like to see in terms of data privacy concerns with portable devices. To conclude, by tackling the root cause of the data breaches, the law can shape how we want to protect consumers in cases of portable health trackers, and the general technological development we want and we must foster. |
| |
|
< < | As can be observed, this issue poses certain problems which are hard to overcome. The bottom line is, however, that we should all be aware of how our fitness data is tracked and the problems it may cause. The law should take into consideration that these devices go way beyond a mere fashion accessory, and it should look ahead into the future when regulating the potential data breaches these devices may cause.
A good first draft. It clears the brush away and locates the real questions. The next draft won't look much like this one, but it will have improved upon it mightily.
|
|
|