Paper on user privacy in health monitoring wearables

Health monitoring wearables are a new type of mobile devices that are worn on the user’s body and are becoming a huge trend. These devices (and the respective software needed to run the services) can track data like heartbeat and blood oxygen level, which are rightfully considered as sensitive data. If these data fall into the wrong hands, this could have serious consequences.

Study and article

Four students of Tilburg University (Kiril Kalev, Jernej Mavrič, Sonja Pijnenburg and Anouk de Ruijter) carried out a study into privacy aspects of such wearables under supervision and guidance of Colette Cuijpers of Tilburg University/Tilburg Institute of Law, Technology, and Society (TILT) and Marianne Korpershoek and Tom de Wit of Louwers IP|Technology Advocaten.

They addresses questions like: (how) do the five selected wearables comply with current and proposed EU data protection legislation and (how) can this be improved?

Legislative framework

The EU is currently negotiating a new data protection regulation that will replace the Data Protection Directive.

Therefore, the focus will be on the new General Data Protection Regulation (Proposed GDPR). It turns out that most market players in the field of health monitoring wearables are not ready for the coming into force of the Proposed GDPR. The paper proposes a number of improvements to better prepare data controllers for the upcoming regulation and strengthen the privacy rights of consumers.

The study was also presented during the Dutch Technology Week.

An excerpt of the paper can be found here.

The full paper itself is available as well.

publicatiedatum: vrijdag 26 juni 2015