“Particularly in the wearables space, companies need to understand from the beginning what consumer data they are using, where it comes from, where it is stored, how long it is stored, who can use it or not. You need to know what is going on.”
Every new year brings increased purchases of workout equipment, blenders, gym memberships, and wearable devices of all shapes and sizes. Plans are created and uploaded to wearable devices such as smart rings, shoes, and bands and their accompanying apps to track progress. These devices and apps share information with each other and across platforms, tracking a person’s eating, sleeping, and even sexual activity.
In addition to well-known wearables for health and fitness, there are also wearable devices for Web3 experiences (sensory clothing such as tactile vests), inventory checking (smart glasses), and stress management (smart bands). Consumers love these devices, but they also want transparency about the data those devices collect and the consequences for those who misbehave or act dishonestly in the use of that data.
First: Know your data
Wearables collect a large amount of data, including your gait, heart rate, movement patterns, and fingerprints. This valuable data is governed by laws, regulations, and best practices that are aggressively enforced by regulators and consumers alike. Since 2018, the United States has seen a rapid increase in privacy and security regulations. California, Colorado, Connecticut, Utah, and Virginia have enacted omnibus privacy laws governing the collection of consumer data, and at least 10 other states have additional laws in place. Illinois, Texas, and Washington also have laws specific to the collection of biometric data. Health data for Washington, Connecticut, and Utah. Child data from Arkansas, California, Connecticut, Florida, Louisiana, Texas, and Utah. Minnesota education data. The United States also has federal laws specific to use cases for data types such as protected health data, online collection of children’s data, financial information, and education data.
What data is used, stored, purchased, and collected is a threshold study that should be done early in the development and commercialization process, perhaps before sending the first organizational email. We often refer to this as “privacy by design.” Particularly in the wearable space, companies need to understand from the outset what consumer data they use, where it comes from, where it’s stored and for how long, and who can or cannot use it. You need to understand it. Answering these questions will build your company’s data map and give you a starting point to accurately calculate the risks associated with your data.
Privacy compliance doesn’t just apply to consumer-focused companies. California is currently the only state that offers privacy protections to employees, but employees can pursue protection in their own ways, such as by suing employers for failing to protect data accessed in data breaches. ing.
Second: Protect your data
According to a report from the University of Maryland, a cyberattack occurs every 39 seconds. According to IBM’s 2023 Data Breach Cost Report, healthcare breach costs have increased by 53.13% since 2020, and organizations have high levels of regulation. non-compliance Experienced breaches cost an average of $5.05 million per incident, which is above average.
This means that companies involved in wearable gaming, especially those targeting health, children, wellness, and biometric (particularly gaming and sports) data, are prime targets for bad actors. It also becomes a target for regulators and plaintiffs’ lawyers if it is suggested that the breach occurred because the company failed to properly address security. The disruption to development, operations, and sales caused not only by the breach itself, but also by regulatory investigations, is massive and can have a devastating impact on morale and momentum. Business priorities can take a backseat to discovery requests and lengthy negotiations with attorneys.
It is of utmost importance to conduct a meaningful, live audit of security vulnerabilities. An assessment by a cybersecurity expert can help you identify, mitigate, and close gaps one by one. Yes, it takes time, effort, and resources. However, breaches reduce trust and cause consumers to leave untrusted platforms.
Third: Notify your users
The prevalence of data breaches, notices, and identity theft has led consumers to demand transparency, laws, and regulations regarding their personal data. To date, 15 states have passed new privacy laws. These new laws will help reshape how and when companies notify users about the use of their personal data. The tired “privacy policy” is now more interactive and user-friendly. There has been a steady increase in the adoption of “preference centers” and other tools that provide consumers with the opportunity to opt out of secondary uses of their data, consistent with consumer expectations about the use of their information. Chances are you won’t.
This means consumers need to be aware and make choices. A privacy notice will tell you what data is collected, where data about you is collected from, when it is collected, who owns it, how long it will be stored, and perhaps most importantly, First of all, you need to quickly and easily explain to your users how their data will be treated. used. Data “sharing” is losing favor with consumers and regulators when it comes to benefiting from tracking consumers for advertising purposes, especially when consumers are not given notice or choice. Additionally, “dark patterns,” or design practices that purport to subvert or impede user decisions or choices, are not only condemned as unfair or deceptive under consumer protection laws and regulations; , prohibited by many new state privacy laws.
Although this is by no means a comprehensive assessment of the risks associated with the use of wearable technology, it is a basic consideration when developing or marketing wearables, especially if the wearable collects biometric, health, or children’s data. We provide. Sure, there may be no limit to the great things wearables can offer, but businesses need to keep their technology private to navigate the growing minefield of privacy compliance.
Image Source: Deposit Photo
Author: masha_tace
Image ID: 65365057