The “quantified self” movement—people who track everything from their sleep to the steps they take in a day with wearables—has made it from Palo Alto office complexes and into our courts and insurance system as evidence and the basis for incentives, respectively.
But can fitness data be trusted? According to a new report from researchers at security think tanks Citizen Lab and Open Effect, some of these devices can be hacked by users to display false information—for example, that the user was active and walking around during a certain time of day.
“For that interaction within the healthcare system, security is clearly important as well as trust,” Michelle De Mooy, deputy director of consumer privacy at the Center for Democracy and Technology, wrote me in an email. “Outside of a provider relationship, in an employee wellness program, for example, the implications of a wearable device being spoofed or hacked is concerning because the data may be shared more widely and there is no accountability for such violations.”
“As more devices related to personal health are hacked and the data they generate otherwise exploited, the wearable industry must be vigilant about using strong encryption and other security protocols, internally and externally,” she added.