The Internet of Bodies
- May 30, 2019
- Clayton Rice, Q.C.
The Internet. Then, the Internet of Things (IoT) with interconnected devices like thermostats, refrigerators and motor vehicles. Now, the human body is a technology platform. What, then, is the Internet of Bodies (IoB)? And what privacy and security implications does it pose as it blurs the line between human and machine?
On January 5, 2019, the Annual Meeting of the Association of American Law Schools held in New Orleans, Louisiana, presented a program titled The Internet of Bodies: Cyborgs and the Law. Professor Andrea Matwyshyn of Northeastern University, School of Law, one of the panelists, said the Internet of Things “is moving onto and into the human body” becoming the Internet of Bodies. She described the term Internet of Bodies as referring to “the legal and policy implications of using the human body as a technology platform.” Professor Robert Heverly of Albany Law School, another panelist, discussed a variety of legal questions, including debtor-creditor issues, as he pondered repo agents coming to repossess an imbedded body device from someone unable to pay their IoB bill.
Professor Matwyshyn divided IoB devices into three generations: (1) “body external” devices such as Fitbits and Apple watches; (2) “body internal” devices like pacemakers, cochlear implants and digital pills that are connected to the Internet; and, (3) “body embedded” devices that are “hard wired technology where the human brain and external devices meld, where a human body has a real time connection to a remote machine with live updates.” (See: David Horrigan. The Internet of Bodies: A Convenient – Yes, Creepy – New Platform for Data Discovery. LegalTechNews. January 7, 2019)
High tech health care solutions are part of the emerging medical technologies that monitor health data by connecting the human body to the Internet. In an Opinion published in The Washington Post edition of October 15, 2018, titled The ‘Internet of Bodies’ is setting dangerous precedents, Mary Lee, a mathematician at the RAND Corporation, described it this way:
“Smart contact lenses are being developed to monitor glucose levels and could eliminate the daily blood sugar pinprick for people with diabetes. You could even have an artificial lens implanted in your eye to correct your vision, but such lenses could also one day record everything you see. Bluetooth-equipped electronic pills are being developed to monitor the inner workings of your body, but they could eventually broadcast what you’ve eaten or whether you’ve taken drugs. And while you can restore hearing with a cochlear implant, be aware that it could log data on the audio environment surrounding you.”
Concerns about the implications of hooking up human bodies to the Internet, including profound ethical ones, are not new. In an older post to Motherboard dated March 13, 2014, titled The Internet of Bodies is Coming, and You Could Get Hacked, Meghan Neal also discussed the development of computers integrated into contact lenses as well as implanted sensors that display contact information when people shake hands. “It’s not crazy,” she said, “people are getting digital tattoos, biohackers are sticking computer chips under their skin, and there are several startups selling technology to annotate the world.” A Pew report titled Digital Life in 2025, also published in 2014, predicted that the Internet will become invisible like electricity. “We will grow accustomed to seeing the world through multiple data layers,” the report stated.
Now add artificial intelligence (AI) to the equation. Of particular concern to privacy specialists, AI is capable of instantaneously processing massive amounts of data and using machine learning algorithms to draw conclusions. It is not only the data itself that is important but the inferences that may be drawn from it. In an article titled Internet of Bodies: The Privacy and Security Implications published by CPO Magazine on December 14, 2018, Nicole Lindsey suggested that AI could be used to track all behaviours, edit or remove genetic anomalies and subject all citizens to constant 24-hour surveillance. “Imagine being required by the state to undergo behavioural modification training for committing a ‘health crime’,” Ms Lindsey wrote. “This futuristic Internet of Bodies scenario might sound entirely too dystopian, but top scientific, medical and ethics experts are already warning of such a future.”
Eleonore Pauwels of the United Nations University, Centre for Policy Research, and Sarah Denton of the Institute for Philosophy and Public Policy at George Mason University have warned that AI is evolving parallel with technical advances in genomics, epidemiology and neuroscience. “That means,” they have written, “not only are your coffee maker and your plane’s engine sending information to the cloud, but so are wearable sensors like Fitbits, intelligent implants inside and outside our bodies, brain-computer interfaces, and even portable DNA sequences.” As Ms Lindsay said, the merger of AI and other fields is creating an all-powerful ‘Cloudmind’ having the ability “to know what you are thinking, what you are doing, and how you are likely to react to any event or situation because it knows everything about your biology.” (See: Pauwels and Denton. Searching for Privacy in the Internet of Bodies. Wilson Quarterly. Spring 2018)
Ms Lee cautioned that the Internet of Bodies is “problematic by design” because connected devices are implanted, ingested or attached to the body. Many cybersecurity experts therefore argue that positive marketplace incentives should be used to cajole technology companies into building privacy and security safeguards into new products. But that is not enough. These devices raise concerns about privacy, data protection and cybersecurity that are all but overwhelming. “Having a device directly attached to the body,” Ms Lee wrote, “heightens the potential havoc that hacking or intentional malfunction could wreck.” Former U.S. Vice President Dick Cheney was so fearful of being assassinated by electronic shock to his implanted heart defibrillator that he had it replaced by a device without WiFi capability. While “assassination by pacemaker” may sound like something out if science fiction, data from a cardiac pacemaker has been used by American law enforcement in a criminal investigation involving insurance fraud charges.
What does all this mean? The Internet of Bodies heightens the need for a new legal regime governing a new data privacy framework. In a column for the Wall Street Journal titled The ‘Internet of Bodies’ Is Here. Are Courts and Regulators Ready? dated November 12, 2018, Professor Matwyshyn wrote: “For the first time, our physical safety, autonomy, and well-being can – and inevitably will – be harmed because of flawed software or lapses in security. Yet the law is unprepared to address the injuries that the internet of bodies will bring.” Professor Matwyshyn was commenting on the law in the United States. It appears, however, that the law in Canada is no better prepared. To say that the developing and unregulated Internet of Bodies is at a crisis point is not an overstatement.
Equally important, the Internet of Bodies also heightens the need for ‘privacy by design’ as these devices become more common and technology becomes increasingly sophisticated. The concept of ‘privacy by design’ must be at the forefront of digital advancements as advocated by Ann Cavoukian of the Privacy by Design Centre of Excellence at Ryerson University, and exemplified by the controversy surrounding the proposed Quayside smart city development in Toronto. As Ms Lee suggested, security must be built into these devices “from the get-go”. The protection of privacy and cybersecurity must be implemented before, not after, data breaches occur – as the Internet of Bodies changes the meaning of personal autonomy.
I will leave you, then, with this. The French philosopher Michel Foucault used the word biopower to describe the practices of states, and the regulation of their subjects, through “an explosion of numerous and diverse techniques for achieving the subjugations of bodies and the control of populations.” Pauwels and Denton have argued that the digital and AI revolution “magnifies his concerns”. Although we have not yet entered a dystopian episode of Black Mirror, they said, we cannot ignore the weakening boundary – and the weakening distinction – between what is private and what is public. (See: Michel Foucault. The History of Sexuality, Vol 1. London: Penguin (1976)