Law in the Internet Society

View   r3  >  r2  ...
WanTingHuangFirstEssay 3 - 07 Dec 2020 - Main.WanTingHuang
Line: 1 to 1
 
META TOPICPARENT name="FirstEssay"
Changed:
<
<

When Your Health Becomes Big Data, What’s Next?

>
>

When Your Health and Personal Behavior Become Big Data, What Happened?

 
Changed:
<
<
-- By WanTingHuang - 09 Oct 2020
>
>
-- WanTingHuang -second draft - 07 Dec 2020
 
Changed:
<
<
We enjoy the convenience of the era of Internet, carrying our cell phone or digital watch everyday and everywhere, and we give our behavior data and health data to technology companies and other corporations. However, have you imagined that what's next after your data being collected?
>
>
We enjoy the convenience of the era of Internet, carrying our smartphone or smart-watch everyday and everywhere, and we give our behavior data and health data to businesses so easily. However, do you consent to disseminate your data? Have you imagined that what's next after your data being collected?
 
Changed:
<
<

Turn Your Everything into the Gold

>
>

1. Turn Your Behavior and every Breath into the Gold

 
Changed:
<
<
What can be sold for money from you? In the early years, poor people might sell their blood for money, whereas nowadays we sell our emotions, our thought, our footprints, and our every movement for money. That's means, any of your behavior is the gold. Moreover, your heartbeats and your steps are valuable. Insurance companies collect clients' behavior and health data to analyze and calculate the insurance rate. This is what the so-call “InsurTech” does. Hundreds of insurance companies worldwide now launch InsurTech? to do better actuary.
>
>
Any of your behavior, movement, and even every breath is valuable in this era. Through people’s locations, walking steps, burned calories, diet log, personal, heart rate, sleep stage, weight and water intake, companies of varieties of the industry can predict a person more precisely. For example, hundreds of insurance companies worldwide now launch “InsurTech” to do better actuary. Insurance companies collect clients' behavior and health data to analyze and calculate the insurance rate.
 
Changed:
<
<
For example, there is an insurance company in my country, Taiwan, starting a personal insurance program in 2019 that if clients consent to give their everyday footprints and other data from their Apple health app or Google Fit and fulfill some requirements, then the company will give extra 20% of the claim. After one year, now there are eight insurance companies with more than 33 programs that have similar programs. Why those companies are so generous? Well, nothing comes for free! They collect clients’ data to evaluate risk, predict claims, and also automatically market from your life-event – the most valuable information and more precise than doing market surveys. That’s the “gold” for those companies.
>
>
In my country, Taiwan, there was an insurance company starting to sell a personal insurance policy in 2019 that if clients consent to give their everyday footprints and other data from their Apple health app or Google Fit and fulfill some requirements, then the company will give extra 20% of the claim. They also encourage clients to provide health data on their smart devices as much as possible. After one year, now there are eight insurance companies with more than 33 policies that have similar spillover effect policy. Why those companies are so generous? Well, nothing comes for free! They collect clients’ data to lower their risk, predict claims, and also automatically market from your life-event – the most valuable information and more precise than doing market surveys themselves. That’s the “gold” for those companies.
 
Added:
>
>

2. Gold for You, or Gold for Business

 
Changed:
<
<

Big Data & The Truman Show

>
>
In the digital era, "data" has become a "factor of production" alongside land, capital, and labor, and personal identity and behavior data are an important part of these data production factors. Data that can construct a person has becomes “gold.”
 
Changed:
<
<
People giving their personal data every moment even without conscious. You might ask how would that happen. Remember the complicated terms and conditions that you usually skip reading them and click “consent”? That’s the moment you give your “gold” for free to a company. Or, you sold them in exchange for the so-called “convenience.”
>
>
However, the key point is that there is an inequality in the usage of personal data. People think they own their data and enjoy the convenience of big data, but actually, most people are in “The Truman Show.” Those companies know you better than yourself, and they can predict your behaviors in advance.
 
Changed:
<
<
Those companies got your portrait from big data so easily, and those data have special characteristics that it is precise and hard to hide: After an entire day of hard-working, you went home, lying on the sofa. At this moment, you might think yourself hidden behind the screen or the cellphone, and nobody knows you are digging your nose or dancing nakedly in your bedroom. Nevertheless, to your surprise, people know exactly what you are doing know. They receive the behavior through your portable devices, your microphone and webcam. Furthermore, they can predict what is your next move, your next song, and even your next emotion. The more "gold" you sell to the social media or technology company, the deeper they can understand more than your imagination and especially know you more than yourself.
>
>
If you won’t give your money to a bank without signing or reading regulations, why you could give your personal data to technology companies or other businesses so easily? Even did not read the privacy policy carefully before giving your data to them. Moreover, those personal behavior and health data could be sold to other companies for advertising and marketing purposes and a lot of people might not likely notice that. Once your data was disseminated, you lose your “gold.”
 
Changed:
<
<
We all have a reasonable desire for privacy. Sitting at home without privacy is no difference from running nakedly on the street. In Silverman v. United States (1961), the Supreme Court held that “the ‘very core’ of the Fourth Amendment is the right to retreat into your own home and be free from unreasonable governmental intrusion.” Now, you are at your lovely home but you have no privacy at all. Just like “the Truman Show,” people are watching you. Unfortunately, it is constitutional because YOU consented.
>
>

3. Laws and Regulations Related to Health and Personal Behavior in Taiwan

3.1. General and Special Personal Data

Regarding to InsurTech? and people’s behavior collection, gig data is not utterly wrong. It could help our society only as we the people could have the alternative to decide whether we want to give, whom much we want to give, and when we want to call it off and get them back.
 
Changed:
<
<

Gold for You, or Gold for Millionaire

Who’s Gold

Every data is precious gold, and that’s what insurance companies and other consultant companies want to buy. But who owns those gold? The gold is owned by you. Imagine you have one million dollars, would you give it away on the street so simply? If not, why you give your data to others so simply?
>
>
The most well-known laws and regulations regarding to personal behavior and health data are General Data Protection Regulation (GDPR) in Europe or Health Insurance Portability and Accountability Act (HIPAA) in America. Because those laws are more protective for individuals.
 
Changed:
<
<

The Golden Mine for Insurance Company

Data has always been central to insurance companies. Online behavior and sensor data are analogized to the gold mine for insurance companies because they could provide more precise information about their clients than traditional surveys and questionnaires or your blood. They score you on the data which you give them, such as how many time your heart beats every minute, how many milliliters of water you drink every hour, how many steps you walk everyday, how many burgers you eat every week, and how many times you get angry every month.
>
>
However, so far, people’s information in Taiwan is only protected by the Personal Data Protect Act (PDPA), which is less protective than GDPR and HIPAA. Under PDPA, personal data divides into "general personal data" and "special personal data." General personal data includes information that could identify a person, such as name, ID number, whereas special personal data specifically means data pertaining to a natural person's medical records, healthcare, genetics, sex life, physical examination and criminal records. The major difference between general and special personal data is that special personal data shall not be collected, processed or used unless under some exceptions (PDPA Article 6).
 
Changed:
<
<
Nevertheless, YOU are the owner of your gold, and you are just too generous to share your wealth with insurance companies. Have you imagine that one day, when you suffer from cardio disease, and your insurance company won’t pay you a cent because they argue that you’re chronic suicide. You might think you’re just lazy but don’t know how to defense for yourself in front of those everyday data for your whole life.
>
>
In addition, about the personal behavior and health information on your smartphone and portable devices, such as your fingerprints, steps, calories, ECG and breathe, are “general personal data” rather thar special personal data in Taiwan. It's tricky that although those personal data are fragile, they are not done by doctors or medical personals, and thus they are not under special catalog under Taiwanese regulations.
 
Changed:
<
<

Time to Take Your Gold Back

>
>

3.2. Do You Consent?

One of the exceptions under PDPA Article 6 is that a person has consented to the collection, processing and use of his/her personal data in writing. Regarding “consent in writing,” it may be given in an electronic form with a digital signature. On the contrary, if it’s general personal data, a simple click of “consent” would fulfill the requirement under PDPA.
 
Changed:
<
<
We seem too get used to thinking like a businessperson. But actually we are not businessperson but slaves who are under control of big companies, giving our data without many choices. Big data is not utterly wrong; it could help our society only as we the people could have the alternative to decide whether we want to give our gold to others or not, how much we want to give out, and when we want to call it off and get them back.
>
>
Under PDPA, such fragile data are classified into general personal data because it dons not be done by doctors or any medical personal. However, with the development of technology, e-health data can be as important as medical records. Therefore, e-health data should be special personal data.
 
Changed:
<
<
So far, the Personal Data Protect Act (PDPA) in Taiwan is less protective than General Data Protection Regulation in Europe or Health Insurance Portability and Accountability Act in America, because there are too many exceptions, which are in favor of business corporates, exist in PDPA. We should not wait for the government to protect us; instead, it’s our right to protect ourselves including our personal data. Don’t just simply click on “consent” without reading. It’s time to get your gold back.
>
>

3.3. What’s next

When the purpose of collecting or processing personal data has been achieved and there is no need to keep the data, the data subject has the right to request the data controller to delete the data immediately, and the data controller is obliged to delete the data immediately. It should be people’s right to delete their data.
 
Changed:
<
<
This is a very good start. The draft coherently presents a "call to awareness" argument for a reader who hasn't given any previous thought to the subject.

For those of us who have, however, there's not a new idea in sight. Comparing Taiwan's PDPA with GDPR and HIPAA on the basis of counting "exceptions" doesn't provide any meaningful comparative analysis, or distinguish between the broad scope of GDPR and the narrow sectoral architecture of HIPAA, or discuss the difference between protecting data and protecting people.

Treating personal information as "gold," moreover, firmly drives the assumption that data is "property" into the language, making it harder rather than easier to see and criticize. If the issue you are contending with is monetization, than using property metaphors to describe peoples' rights makes monetization seem inevitable.

This draft therefore does what such a draft can do, leaving the next draft to accomplish another layer of learning. Let's try speaking not to people who haven't thought about these problems before, this time, but to readers who have. It helps us to "raise our game" to put ideas forward for the attention of people who are already familiar with the subject. Let's begin, as heal;th data is the subject of your interest, to ask what peoples' rights should be in the information about their bodies and their behavior. When we have done that, we'll probably find ourselves asking whether there is as much difference between information about physiology and information about behavior as the sectoral structure of US law makes it appear, and also asking whether "consent to use and exchange" approaches like those of the GDPR capture what we think is the proper treatment of rights.

>
>

4. Convenience and Privacy Are Not Contradictory

Technology is neutral. The key point is how people control the information acquisition and dissemination. Especially the data that could identify a person, it is so fragile that should require special protection. Moreover, there is a false dilemma between privacy and convenience. Privacy and convenience should not be opposed. We can improve our life through legal, educational, and technical perspectives. It’s not a black and white choice, and people can and should enjoy both of them at the same time!
 



Revision 3r3 - 07 Dec 2020 - 04:23:51 - WanTingHuang
Revision 2r2 - 05 Nov 2020 - 13:09:45 - EbenMoglen
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM