Cyborg data mining

Cyborg data mining is the practice of collecting data produced by an implantable device that monitors bodily processes for commercial interests. As an android is a human-like robot, a cyborg, on the other hand, is an organism whose physiological functioning is aided by or dependent upon a mechanical/electronic device that relies on some sort of feedback.

Implantable cybernetics and biomechatronics are on course to be proliferated among the global population within the twenty-first century as the markets for implantable electronics are already huge and growing. The global market for artificial cardiac pacemakers (PMs) and implantable cardioverter-defibrillators (ICDs) was approximately €8 billion in 2015, and is growing at 10% per year. Over 350 million people worldwide experience endemic diseases, diabetes, cardiac and renal failure, hearing disorders, and neurological disorders, thus making implantable technologies specific to these uses susceptible to increasingly higher demand. However, for the millions of cyborgs already equipped with body-enhancing technologies, namely PMs and ICDs, the data mining of these technologies pertains to broader topics of data sovereignty, data ownership rights, privacy and security, and medical research and development.

Implantable technologies and their general uses
According to European Directive 90/385/EEC, an "active implantable medical device" is any device that is intended to be used for human beings in the: 1) diagnosis, prevention, monitoring, treatment, or alleviation of disease or injury; 2) investigation, replacement, or modification of the anatomy or of a physiological process; and 3) control of conception. The implantable device is to be totally or partially introduced, surgically or medically, into the human body, and is intended to remain after the procedure.

According to one definition of the term cyborg, basic technologies, such as implantable medical devices, that humanity has physical attachments with have already made humans into cyborgs. These technologies are responsible for enhancing people's cognitive abilities, or more importantly, keeping them alive. The three most common implantable technologies are cochlear implants, PMs, and ICDs. Cochlear implants aid in the process of hearing, and are used by more than 200,000 patients worldwide. PMs and ICDs keep people alive through the measurement of bodily voltage levels, measurement of regular and irregular heartbeats, and the delivery of electric impulses when irregularities are sensed in order to keep the person alive. There are about 3 million people worldwide with pacemakers, and each year 600,000 pacemakers are implanted. The data collected from these technologies, however, is not owned by the person whose body the technology is in, but rather the company who owns the intellectual property to that technology, as well as other third-parties.

Intellectual property and data brokerage
Companies are now able to mine the data exhaust from internet-enabled wearable and implantable technologies, such as medical and fitness tracking devices (Fitbit, Apple Watch Nike+, etc.), sensors, PMs, RFID (Radio Frequency Identification) microchips, and so forth. However, consumers in the U.S. do not have agency over their data due to current intellectual property law and the third-party doctrine. Intellectual property owners of the software, as well as the patented hardware and processes, of these devices acquire the data from the cyborg's bodily processes via these implantable devices, which become property of the owner, not the cyborg. Consumers surrender these massive pools of data via an End-User-License-Agreement (EULAs), terms of service agreements, and so forth. Companies then algorithmically arrange data, and consumers lose ownership of their data to the intellectual property owners and data brokerage firms to commodify, thus becoming a part of the larger Big Data economy. In a $300 billion-a-year industry, currently no legislation specific to the regulation of third-party data broker firms exists. Third-party data broker firms are not restricted by Federal Trade Commission regulations, including the Fair Credit Reporting Act, as well as the Gramm-Leach-Bliley Act. It is very difficult for consumers to opt-in and out of having data collected about them, whereby their data ownership rights become very limited.

Third-party doctrine
Under the third-party doctrine, an individual does not have a reasonable expectation of privacy with respect to information they voluntarily disclose to a third party. In the context of the PM, which monitors a patient's heartbeat, blood temperature, breathing, and heart electrical activity, this extracted data is voluntarily given to a third party, and thus subject to the third-party doctrine. The five largest PM manufacturers in the world are the U.S.’s Medtronic ($1.9 billion in global PM sales in 2013), St. Jude Medical (nearly $1 billion in global PM sales in 2013), and Boston Scientific ($514 million in global PM sales in 2013), Germany's Biotronik ($397 million in global PM sales in 2013), and Italy's Sorin Group ($219 million global PM sales in 2013). PM users have no agency over their data, nor over who has the ability to access it, and current laws impose no requirement for manufacturers to allow PM users access to their own data. The notable activist, Hugo Campo, has been fighting for the right to access the data collected by his own defibrillator for years without success due to the logic of PM data being covered by the third-party doctrine.

EU GDPR and cyborg data
In April 2016, the European Union tabled legislation for the General Data Protection Regulation (GDPR), which will replace the Data Protection Directive 95/46/EC of 1995, and comes into force on May 25, 2018. Internet-enabled wearable and future implantable technologies will fall under the purview of this legislation. The directive will implement tougher fines for non-compliance and breaches, and gives consumers more control over how their personal data is used. Some of these consumer rights are, but are not limited to, having the right:


 * To request data in monthly intervals;
 * To access any information a company holds on them;
 * To know why that data is being processed;
 * To know how long it is stored for;
 * To know who gets to see their data;
 * To demand that their data be deleted if it is no longer necessary to the purpose for which it was collected; and so forth

Surveillance and sousveillance
As cyborgs are comprehensive data subjects, they can also be used as a powerful instrument to facilitate surveillance and sousveillance through optical recording technology. Some data collection from cyborgs can be harmless, namely posting pictures to Facebook, or recording one's life experiences. However, cyborgs can serve as a means of surveillance on the overall populace via sousveillance. Sousveillance is the notion of a populace watching the state from below, whereby the notable University of Toronto professor and cyborg, Steve Mann, has advocated that sousveillant devices can “invert the panopticon” and challenge and balance the hypocrisy and corruption that is otherwise inherent in a surveillance-only society. Sousveillant technologies secure the cyborg and individuals, especially by deterring and documenting crime, but potentially infringes privacy on cyborgs and non-cyborgs as well. Google Glass, for example, is an optical recording device that presents concerns toward privacy in public. The ability for cyborgs to record everyday routines and interactions with others thus present the question of how society and laws are to respond to the advent of cyborgs being subjects and instruments of surveillance and sousveillance.

Public good
Data mined from bodily processes are able to help companies in their research and development endeavours in developing better technologies, and conducting invaluable medical research for identifying and managing various conditions. PMs and ICDs offered by major companies come with wireless capabilities that communicate with home transmitters, which then relay data to the physician, and thus allow for remote patient follow-up and monitoring. These systems for remote follow-up are used widely across the U.S. and Europe. Major PM and ICD producers have their own remote monitoring system networks, such as Biotronik's Home Monitoring, Medtronic's CareLink Network, Boston Scientific's Latitude Patient Management system, and St. Jude Medical's Merlin.net. The benefits of this data collection include a reduction of in-clinic visits, improved patient safety, increased patient satisfaction, and potential cost savings for consumers. The ability to remotely follow up because of PM and ICD data collection allows for tracking product performance in a large number of patients, and may allow earlier identification of issues with specific models.

The data collected from PMs and ICDs have the potential to facilitate critical medical research. Namely, Medtronic collects and analyzes the data generated by its pacemakers and defibrillators via the CareLink system. Medtronic is using the collected PM data and is working with researchers at Johns Hopkins Hospital and Washington University School of Medicine in order to help answer specific questions about heart disease, such as whether weak hearts cause arrhythmias or vice versa. Although this aspect of the technology is not widely proliferated yet, scientists and industry developers say that wireless devices could trigger an automatic treatment, which could range from electrical stimulation to the release of drugs.