Ethics of Wearable Technology: Privacy, PHI and IP Considerations

The session examined the growing ethical and legal challenges posed by wearable health technologies, focusing on privacy, personal health information (PHI), and intellectual‑property considerations. Speakers highlighted how these devices have evolved from simple pedometers to medical‑grade sensors that collect continuous biometric data, yet most of that information resides outside traditional HIPAA safeguards.

Key insights included the fragmented regulatory environment: federal oversight relies on the FTC’s unfair‑deceptive practices authority, while states such as California, Washington, and New York have enacted their own privacy statutes that label health data as sensitive personal information. Real‑world cases—Whoop’s unauthorized data sharing lawsuit, Strava’s 2018 heat‑map exposure of military sites, and the FTC’s consent order against Flo Health—illustrate how misuse can trigger enforcement and hefty penalties. Internationally, the EU’s GDPR treats wearable data as a special category, demanding explicit consent, as seen in Google’s Fitbit acquisition conditions.

Notable remarks from David Kappos underscored that “great power comes with great responsibility,” emphasizing the need for robust consent flows and transparent data‑use policies. Beth Bergin Waller and Ceren Canal Aruoba reinforced the ethical duty of lawyers to maintain technical competence, avoid dark‑pattern designs, and adhere to Model Rules 1.1, 1.2, 4.1, and 8.4 when counseling clients.

The implications are clear: companies must navigate a patchwork of state and international regulations, implement strong security controls, and provide users with meaningful choice over their data. Legal counsel plays a pivotal role in shaping compliant product designs, mitigating breach risk, and preserving consumer trust in an increasingly data‑driven health ecosystem.