Would you wear your AI? Privacy risks and considerations

In a predictable marriage, Artificial Intelligence (AI) has now paired with smart wearable devices, forming a new household of privacy concerns.  

For any person who had and then forgot a conversation with a friend or spouse, jotted down a quick note about something and then mislaid it, or has experienced a blur of a day and needed a reminder about the details, the benefits of an AI-paired wearable become clear. The question will be – how will makers of these devices, device wearers, and people proximal to the use of these devices consider and handle the privacy of all?  

The wearables with which we are all familiar already provide us a wealth of information – health data and alerts, Siri-driven information, actions like timer starts or alarm sets, directions, step counters, and more. Forbes estimates that the wearables market will reach over US $264 billion by 2026 and predicts that AI will drive wearables to a new stage in evolution. 

Jump to:

• The challenges of AI wearables
• When smart meets sensitive: The privacy risks of AI-powered wearables
• Transparency and consent
• Data retention and individual rights

The challenges of AI wearables

In that same article, Forbes also points out challenges that the industry will need to handle before the marketplace can truly realize the potential of that new pairing. Some of these challenges are technological in nature: 

• Battery life limitations, preventing current wearable devices from operating 24-7 
• Lack of trust in AI – given its history with hallucinations and similar issues, consumer acceptance can be difficult, especially for medical applications  
• Privacy and data protection – how is it managed and does it keep the consumer’s best interests in mind?

Even without AI, wearable devices bring privacy challenges. As health-related wearable devices have become more popular, including fitness trackers and smart watches, privacy concerns related to security, use, and sharing of sensitive information have also risen.  

Wearables of all types often link data with geolocation, which brings physical security and privacy concerns. Some critics have even proposed that wearables represent a sort of “surveillance capitalism” through which individuals essentially give up information about all that that makes us humans – our physical state, location, mental state, and behaviors – in return for some minor benefit, such as motivation to take more steps during the day.  

When smart meets sensitive: The privacy risks of AI-powered wearables

AI by itself also carries its own privacy burden into the AI-wearables relationship. The volume of data involved in AI analysis, the problem of data subject consents and transparency related to that data, and the lack of the ability to fulfil individual rights requests are just some of these privacy issues. 

AI plus wearables, with each component separately bringing hard-to-solve privacy issues, is a case of two plus two equals ten. 

One reason for the jump in privacy risk when combining AI and wearables is the boost in practical uses, including uses that go beyond today’s common wearables activities.  

As one AI-supported wearable maker claims, this new foray into AI-paired wearable devices will give us “Personalized AI powered by what you’ve seen, said, and heard.” These devices give us the ability to “Preserve conversations and ask your personalized AI anything.”  

This suggests that at least one variety of wearable device can and does record everything – conversations with others, locations visited, sights seen – and use all that information to respond to the wearer’s needs.  

In other words, if AI faces privacy problems related to volume, consent, individual rights, and transparency, and if wearables also have privacy issues related to security, data sensitivity, and data sharing, wearables powered with AI present even more challenges together. 

These challenges are solvable through sound privacy practices and technologies. To get there, however, the marketplace must be open to a thorough and thoughtful conversation about AI/wearables and personal data collection, use, and sharing.  

Though the privacy conversation can and should evolve as technology evolves, the following are a few initial thoughts to consider.  

Transparency and consent

People meeting each other on the street, in someone’s home, or in the workplace do not necessarily expect to leave behind the entire visit recorded in video and audio files. They will not have an understanding about how the individual with the wearable, the company providing the service, and any third parties involved in the process will receive, use, and share the information.  

The recorded data subjects will not know how the associated AI massages the information and creates new content based on that information, or how any following actions may impact them. The individual with the wearable may or may not ask for consent. Combine that recorded conversation with location information, plus AI-generated inferences about that person, and privacy risk shoots sky high.  

Before AI-enabled wearables can fully integrate into daily life, consumers (and regulators) will have to settle on a point of view regarding how people can become aware of and agree to wearable recordings, associated AI analyses, and third-party data uses/sharing.  

Perhaps there could be a technology standard similar to the GPC signal for websites that wearables transmit to one another, passing on information about the user’s preferences and blocking recordings of people whose preferences do not match a given wearable’s practices.  

Data retention and individual rights

Another set of privacy concerns related to AI and wearables relates to the volume and lifespan of data, and the amount of control that impacted data subjects can have on their data. It is easy to imagine a wearable device constantly running audio and visual recordings or gathering health data points.  

The associated AI also runs constantly, creating novel content and even triggering new processes, like launching emails or text messages. To be effective, AI needs a large amount of data, including historical data. However, the privacy portrait for the amount of data that can pile up if strong data retention/deletion standards do not apply is scary.  

There is also a practical question about how a data subject can easily ask to delete, correct, or access their data. It may not be practical to ask the wearable wearer, and the data subject may not even know the wearable provider to ask for data rights from that third party.  

The privacy conversation about wearables and AI will have to include discussion about conservative data retention/deletion, and how data subjects can easily exert control over their own data. Though perhaps with some tension related to AI and how far back AI tools can pull identifiable data to perform services for wearables users, one solution may be to anonymize or delete some information, like data about other people (external recordings), within a fairly brief period of time.  

Summary

Wearables powered by AI have the potential to help us become more efficient, knowledgeable, and make better decisions. These two technologies also bring not only their own unique set of privacy concerns, but the combination of the two creates additional, enhanced privacy concerns. However, a healthy conversation about these issues and solutions will help remove roadblocks to a better future.