Smart TVs . . . Fitness trackers . . . Automated thermostats . . . Self-driving cars . . .
The Internet of Things is the next frontier in digital technology which is why the Global Privacy Enforcement Network focused its 2016 Privacy Sweep on this emerging market. Sweep participants were especially interested in how companies communicate their personal information handling practices.
Given the sensitivity of the information that health and wellness devices, as well as their associated apps and websites, are capable of collecting, the Office of the Privacy Commissioner of Canada (OPC) focused its Sweep on 21 devices ranging from smart scales, blood pressure monitors and fitness trackers, to sleep and heart rate monitors, a smart breathalyzer and a web-connected fitness shirt.
The choice of devices dovetails with one of our four strategic privacy priorities—the body as information. Identified as an important area of focus during a priority-setting exercise that culminated in May 2015, the body as information refers to the mounting privacy concerns related to highly sensitive health, genetic and biometric information that is being used by organizations and governments in all sorts of new ways.
During the Sweep, our Sweepers—aka OPC staff—put the products to use to see first-hand what information the devices requested, compared to what privacy communications said would be collected. In some cases, they followed up with specific privacy questions for the companies.
Below is a brief assessment of how the devices stacked up.
Read the rest of this entry »