from the betrayed-by-my-robot-parts dept
When we talk about pacemakers here at Techdirt, the focus is usually on how the devices have paper-mache grade security, allowing anybody to assassinate the cardiac-challenged with relative ease. In fact we've reached the point where the FTC had to recently issue its first ever warning against a pacemaker vendor when it announced that hackers could comprmise pacemakers made by St. Jude Medical, sending "commands to the implanted device, which could result in rapid battery depletion and/or administration of inappropriate pacing or shocks."
But your pacemaker may just betray you in other ways, too. In Ohio a man was indicted this week on arson and insurance fraud charges after his Pacemaker data contradicted the story he was telling authorities. When the man's home burned down on September 19, Middletown resident Ross Compton told authorities he quickly packed some belongings in a suitcase and some bags, broke a window with his cane, and quickly fled through the window before carrying his belongings back to the car. The man also acknowledged at the time that he had a pacemaker.
So police obtained a warrant for the data stored on the device, and doctors quickly concluded that the story the man's heart was telling didn't match the narrative coming out of his mouth:
"A cardiologist determined that it was "highly improbable," due to his medical conditions, that Compton could do all the collecting, packing and removal of items from his house and then carry them in the short period of time he indicated, according to court records. Police have said statements they received from Compton were "inconsistent" with the evidence they gathered. They also have said that he gave statements conflicting with what he had told a dispatcher, the Hamilton-Middletown Journal-News reported."
Obviously there are numerous privacy questions at play here, since we're living in an era when your car, home, phone, and implant data can not only be used to support criminal charges, but will increasingly be used by giant corporations to determine everything from your insurance rates to your qualification for health care. As such, the Electronic Freedom Foundation was quick to warn the AP about the slippery slope of having your own body's data used against you in such a fashion:
"Stephanie Lacambra, a criminal defense staff attorney with the San Francisco-based foundation, said in an email Tuesday that Americans shouldn't have to make a choice between health and privacy. "We as a society value our rights to maintain privacy over personal and medical information, and compelling citizens to turn over protected health data to law enforcement erodes those rights," Lacambra said."
Internet-of-things devices are not only poorly secured, the privacy policies affixed to most of them are a dumpster fire. So remember folks: the next time you intend to commit a crime or apply for health coverage with a pre-existing condition, remember to wipe the data from all of your cybernetic implants -- and get the latest firmware update for your cerebral and coronary firewalls and intrusion detection systems.