Who Owns The Data Collected About You From Devices Inside Your Body?

from the this-time-it's-really-personal dept

People have started to wake up to the fact that companies like Google and Facebook hold huge quantities of data about their users. That raises questions about who owns what there, and to what extent users should be allowed access. Now Hugo Campos is asking the same question about a different kind of personal data – that being collected by a cardiac defibrillator implanted in his chest:

"I have this complex little computer implanted in my body, but I have no access to it," says Campos. "The best that patients can do is get a printout of the report given to the doctor, and that's designed for doctors, not patients. Patients are left in the dark."
As the open data movement has shown, the great thing about releasing raw datasets is that it enables people to come up with new and unexpected uses for them. It seems likely that providing access to the data stream from implanted devices would similarly allow all kinds of innovation in the field of digital personalized medicine, which is currently developing rapidly.

That's likely to become more of an issue as the computing power of implanted devices increases, the data becomes richer, and as people start to monitor and even control aspects of their health through software running on smartphones, say. Naturally, they -- and the coders writing apps -- will want full access to the data pouring out of any equipment connected to them or inside them.

As Campos asks:

"Who owns the data collected in my body?" he says. "Should it benefit the company, so they can use it for post-market surveillance? Or me, so that I can make better decisions about my health?"

It's the same kind of question that people are increasingly asking about Google and Facebook, but this time it might literally be a matter of life or death.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: data, devices, privacy


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 7 Dec 2011 @ 11:54am

    It's like with cars. These days one needs proprietary equipment with proprietary software to collect data and fix problems with cars. Who owns the data collected by that equipment? Why should my car, that I own, have such artificial limitations that restrict me, but not someone else (who doesn't own the car), from doing certain things and collecting data?

    link to this | view in chronology ]

    • icon
      :Lobo Santo (profile), 7 Dec 2011 @ 12:00pm

      Re: Hood key

      At least they don't lock the engine compartment anymore--let's give car manufacturers a little credit for having crept closer to the modern age.

      link to this | view in chronology ]

      • icon
        Jay (profile), 7 Dec 2011 @ 12:06pm

        Re: Re: Hood key

        They still use patents to lock up alternative energy sources for gas. That's a major problem.

        link to this | view in chronology ]

    • icon
      ClarkeyBalboa (profile), 7 Dec 2011 @ 12:30pm

      Re:

      Your example actually works the opposite way. Cars past the early 90s are all required to use the same code diagnostic software (OBD-II). You generally need to buy a scanner, but it allows you to read the codes your onboard diagnostic system is storing. Your repair manual will have a section of codes listed to decipher them.

      Where the car example does mirror Campos' is that the codes and diagnostics are designed for trained technicians (doctors in his case) and can still be pretty cryptic to decipher.

      I feel it would be great to have data like this freely available. As long as it is not being used for marketting, i think the person who owns it should have free use. As long as it doesn't contain personal identifiers, it could be used to build apps to monitor your health in real time, and the data it collects over time could be used by researchers to study and make advancements in their field.

      link to this | view in chronology ]

  • icon
    A Guy (profile), 7 Dec 2011 @ 12:03pm

    I'm think an argument could be made that any data collected as a direct result of a medical procedure is a medical record, and therefore the patient is entitled to view it.

    I know there are laws in the United States that give you permission to view your medical records. I'm not sure about elsewhere.

    link to this | view in chronology ]

  • icon
    Ben (profile), 7 Dec 2011 @ 12:06pm

    Thorny

    Does it belong to the entity that created it, as in copyrights on artistic expression, or the owner of the device that captured it, as in the case of cameras and photography?

    Two good perspectives for some court to decide in 10 years.

    link to this | view in chronology ]

    • identicon
      New Mexico Mark, 7 Dec 2011 @ 12:48pm

      Re: Thorny

      Naturally, the courts will have to take into consideration whether your heartbeat in any way reflects rhythms from popular music while you listen. If so, and your defibrillator data are exported from your body, you will either have to pay licensing fees for public performance or pay fines for infringement.

      Makes sense to me.

      link to this | view in chronology ]

  • identicon
    ShellMG, 7 Dec 2011 @ 12:13pm

    I've mentioned it before on posts discussing whether implants can be hacked; I have a spinal cord stimulator by St. Jude/ABS for chronic pain management. Like the patient listed here, I can get a printout of which program settings my implant uses. It has a little schematic that shows where each one functions (feet, lower back) and the frequencies as well as "combo" programs that can be increased or decreased as necessary. I have a printout I keep in the case of my programmer so if I need a replacement part and the system is reset it can be reprogrammed quickly.

    The programming, done by a company technician, uses a PDA. I asked if they were going to be upgrading to iPhones or other smartphones in the future, but they're not connected to an actual phone device because of security issues. As to who "owns" the data...I'm not sure an argument needs to be made. It's not a diagnosis; it just shows the amount of energy applied to electrodes. The implant can't be activated or deactivated without a strong magnet or the programmer.

    I can definitely see where life-dependent devices would be a concern, but probably more of a security/HIPPA issue.

    link to this | view in chronology ]

    • icon
      Nathan F (profile), 7 Dec 2011 @ 12:17pm

      Re:

      If it isn't a diagnosis then it is treatment and must be documented. If it is documented then it is part of a clients medical record which the client can request and the health care provider is by law required to provide a copy of when asked.

      link to this | view in chronology ]

  • icon
    David (profile), 7 Dec 2011 @ 1:12pm

    IANAL, but..

    The data is factual in nature, and is Data. Databases are not copyrightable, as there is no creative expression involved. I don't think that is Mike's question.

    The question over ownership is more important in that the person whose body it was wants to see this data, not just the report results. I am not sure that this is covered by law, except the provisions mentioned in A Guy's post that the patient is entitled access to their medical records.

    It should be interesting if this becomes a test case...

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 7 Dec 2011 @ 3:02pm

    The physical records belong to the doctor and is required to maintain those records for a period of time. The information in those records belongs to the patient. The patient can request a copy of those records at any time but the originals are held by the physician (mainly for cya).

    link to this | view in chronology ]

  • icon
    TtfnJohn (profile), 7 Dec 2011 @ 9:42pm

    If the question of ownership of the data must come up, what comes from MY pacemaker is my data, it came from me and from my body. I certainly give my GP and other physicians access rights to it but that's about as far as it goes. I certainly see no reason for the manufacturer to have access to the data beyond that needed to make sure it still functions.

    I really hadn't thought about it much as I get the printout of the biannual checkup on it and a the same copy of the past 6 months of data my GP gets. In fact, I often end up giving it to her at my next appointment. I've also learned to read it and understand it. It does come in handy.

    As far as it goes, though, every Province in Canada mandates the I must be able to see my records, the amount of time they can be retained and that they must be given to me on request.

    I take the position that I own my body and any flaws, viri, and other things wandering around in or on me. I have no problem at all with data being used from stuff but heaven help you if you try to patent something you found in me without getting my permission first. That's largely an ethical stance on my part as I have zero use for pharmaceutical patents as, in my mind, they hinder innovation and discovery rather than promote either. And it's going to take a lot more than mere money to budge me off that. Dodges like changing a pill colour and applying that to the patent you hold to keep it from generic makers when the colour change has no value except to change the colour isn't my idea of research and development no matter what big pharma says.
    So, examine me, use me and my tissues, fluids or whatever all you want for research and teaching purposes but once you want to use what you found in me in the formulation of any medication remember it's mine, not yours. I expect to be fully informed and to consent before you get there and even think about applying for something like a patent. Got it? :-)

    Thanks.

    Yours truly

    John
    and do have a NICE day. ;-)

    link to this | view in chronology ]

  • identicon
    terrymaz, 12 Dec 2011 @ 8:13am

    ownership of private data colected by inplants in the body.

    I totally agree on ownership of private data. This topic is insignificant in the bigger picture, >>

    Hospitals and Doctors and Pharmacy are keeping files in PC as databases, or in case hospitals networks. Increasingly on regional databases, if not national databases, many of which are hosted by in my case an international Database (Can't say offshore as literal term yet) Not your every breath, but your medical history is in doctors files/databases, hospital databases’ increasingly networked and/or outsourced to special corporations who provide this specialty service. In the name of ; “providing better health care.” Insurance companies have pretty extensive records on anyone having claims, applying for certain insurance plans etc. accessible to all insurance companies And...???

    Though presently don't think possible or have any purpose, who owns, medical implant logs is a mute discussion. It's available anyone who has knowledge, connections, or resources to find or access them rightfully or not.

    It was once reported on major network, reporters in the USA found online sites that provided complete and very detailed information on many details of their lives including complete private medical records.

    Unless privacy laws are: Completely rewritten for the 21st century. The law is enforceable internationally. That it is restricted to individual himself that and can be seen read interpreted by attending physicians treating him for that purpose alone.

    Computers and networking has ended privacy in almost every way, and details are ever increasing. Soon not only God, Santa Claus, will know all; Big Brother, Big business will too

    We all enjoy latest technology, but remember data is food for computers, they collect, process interpret store forever and report to whoever has access.

    Why worry about implant data, unless you’re in divorce court and every Wednesday, your heart rate skyrocketed when you were supposed to be at the library.
    PS., your cell phone will probably give more data.

    link to this | view in chronology ]

  • icon
    Terrymaz (profile), 12 Dec 2011 @ 8:32am

    And any tech savvy kid etc

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.