Privacy vulnerabilities introduced by reidentification in wearables

Wearables are excellent for the health care industry, industrial applications and personal use. However, these devices often collect biometrics and have demonstrated privacy vulnerabilities due to de-identification and reidentification of users. Increased attack surfaces mean higher susceptibility for smartwatches, biosensors or glucose meters. What can users and manufacturers do to protect their devices?

Finding solutions is necessary as the world gets more data and criminals become more sophisticated. In addition to thieves and hacks, the public must also be concerned about misuse by employers and other critical figures. While this information helps public health institutions, it could do more harm than good. How far can users go to protect their data?

Data and anonymity

Biometric capabilities in wearables uses biological data to track specific health metrics, such as heart rate or walking patterns. Some wearables could also rely on biometric identification — such as Face ID — to authenticate the current user. Manufacturers collect this information for trends and research and to improve the accuracy of their devices. De-identification is critical for protecting this information.

Companies can de-identify a device in several ways. The most reliable step may be anonymization, which removes any identifying information from the data. Aggregation combines users’ information with that of others to report trends, thus masking the information of individuals. Then, pseudonymization gives fake names to each person to protect their real identity.

While these tactics have merits, reidentification could compromise user privacy and security. Linkage attacks are a looming threat because a malicious actor could connect de-identified information with publicly available data to reidentify a person. While solutions to linkage attacks exist, researchers have found that nonnumerical sensitive information is vulnerable due to semantic relevance. Therefore, privacy protection is important for wearables.

Another threat for users is insider threats or people who should be trustworthy with the information. For instance, companies could discover de-identified health data and link it to one of their employees. Despite accidentally finding the data, the business owner uses it against the employee by reducing the company’s health insurance contribution.

Outside threats are another significant consideration. Data breaches could expose sensitive records regarding health identifiers, credit card numbers and other information shared with the manufacturer. Digital privacy company Array says 98 percent of Americans have information exposed on the internet, so people and companies must be more cautious when de-identifying data.

There’s also a chance the data ends up in the hands of stalkers or criminals. Stalkers could use data to track a person’s daily fitness routine and location, and criminals may corroborate de-identified information for targeted attacks. Users must also consider misuse by law enforcement. These instances raise questions about consent requirements and constitutionality.

Mitigation strategies for wearables

Protecting de-identified information and following privacy guidelines are critical to the integrity of wearables. Protection is also essential for compliance with the Health Insurance Portability and Accountability Act (HIPAA). Without it, companies could face penalties for mishandling user information. With that in mind, people have some control over their information, so what can users do to protect their data?

First, users should thoroughly inspect their wearable’s privacy settings and limit data sharing as much as possible. Location services are another helpful feature wearables users should turn off if it’s unnecessary to their goals. Most gadgets let the user customize what activity they track, so they should consider which options to toggle. For instance, research shows electrocardiograms (ECGS) risk reidentification, and are even used for biometric identity verification by companies like B-Secur, though people may overlook this aspect.

Manufacturers also have a responsibility to protect de-identified data and prevent reidentification. The first steps should include only collecting the information necessary for the intended purpose. In addition, wearable producers should also regularly delete their data and minimize the liability of data breaches if they occur. Transparent policies are necessary to inform users of their rights and demonstrate their data in action.

When wearable manufacturers de-identify data, they should follow expert guidelines to ensure compliance and user protection. For example, HIPAA sets de-identification standards for health information, such as expert determination and safe harbor. The latter requires removing identifiers like names, birth dates, phone numbers and other critical facets.

Protecting information also requires companies to protect their wearables with solid security measures. For de-identifying, manufacturers should encrypt data to thwart outside threats and protect users. With this method, wearable producers have more control over information and reduce risk if data breaches occur. Only authorized users can access the original data, making it useless to outside threats.

Manufacturers and wearable users share responsibility for regular software updates. Companies should devote time and resources to finding security vulnerabilities in privacy policies. Then, users should download these updates as soon as possible to protect their information from malicious actors.

Article Topics

biometric identification  |  biometric identifiers  |  biometrics  |  de-identification  |  reidentification  |  wearables