It will be interesting to see how Google uses the fitbit data. I could see them synchronizing a user's searches with their heartbeat information to try to gauge emotional response to topics.
As someone who's taken the internal trainings a few times by now: NOPE. Health data is scary-scary and no team wants to taint itself with it, unless it's the core of the product.
I hope that's true. I suspect that if it is, it only is until one or two teams does it successfully and monetizes that outcome. Then it's open season.
That's a trend in computing. It's forever too hard, until all of a sudden it isn't for a very select few and they do amazing things[1]. Then a year or two later everyone is doing it.
1: Amazing is relative, and in this case may be less about customers getting something amazing and more about to the execs looking at amazing profit reports...
It's scary because HIPAA puts a lot of restrictions on what it can be used for and also puts a bunch of requirements in place for its safekeeping. My point is that once it's been shown that those issues can be dealt with profitably, others will see that as a new growth sector and follow.
Regulations are often implemented as a set of specific hard rules based on specific values (so it's easy to rule about them). The systems they regulate are almost always never so clear, and are based on competing gradients. Where these rules interact with natural systems (such as a free market) are often some of the most lucrative places for companies to develop new strategies.
Where some people see rules that prevent or kill existing businesses, other people see an opportunity for a new type of business. The whole financial sector is rife with companies that do just this. A simple example of how it could happen in this case is that there may be some non HIPAA covered data (that people may or may not think of as health data at this point in time) mixed in with the HIPAA data, and very carefully harvesting and monetizing that could be lucrative. Maybe later laws are updated to change this, or maybe it becomes the new normal.
Basically, any given health record is covered by HIPAA if it 1) includes personal health information, 2) includes personally identifiable information, and 3) is used by a Covered Entity or Business Associate for some health care purpose. Just being "data with health-related information in it" doesn't make it covered by HIPAA; it has to actually be used by a specific set of organizations for a purpose related to health care.
If Fitbit just stored your personal fitbit data in a data lake in the cloud, that's not covered by HIPAA. But if it then shared that data with a service that made suggestions about your health, now it's covered by HIPAA. But if Fitbit allowed your smartphone to download your data, and gave you an app that allowed you personally to see health-related information about that data, that is (afaik) not covered by HIPAA, because you and your phone alone are not a Covered Entity or Business Associate.
Fitbit has a "health solutions" department which seems dedicated to healthcare solutions based on Fitbit data: https://healthsolutions.fitbit.com/ My guess is anything HIPAA-related is solely done through that arm of the company. Example: https://healthsolutions.fitbit.com/healthsystems/ I take this as them saying, "Hey Covered Entities, sign a Business Associate contract with us, and you can hoover up Fitbit data directly from us". By writing some glue code and doing the HIPAA hokey-pokey, they make a tidy profit.
Health data is not that scary. You create a contract between each business associate, and you can have 20 different orgs in a chain of trust going back to a single care provider. A lot of the modern security best practices of tech companies (not to mention GDPR) fulfill most of the privacy and security requirements of HIPAA too.
Anyway, Health is the next up and coming tech market. That's why Amazon just acquired Health Navigator and is rolling it up under Amazon Care (https://amazon.care/). Google [Alphabet] isn't just going to leave money on the table (and healthcare is lotsa lotsa money)
It seems if they buy fitbit is because they are no longer really "scared" of it, they aren't going to buy it just to keep fitbit a completely separate product.
Have you noticed how terribly siloed Google is? How you cannot use Drive to sync Photos, how long it took to get "One Google" subscription that still doesn't cover all that many of the products, how after moving it takes forever to have all the various products to agree on which country you live in? Dang, a few years back every product was separately asking for my age. That's not only because integrations are hard, but most importantly getting access to another team's data is a whole ton of lawyering through the privacy working group.
Now, that is for data that has no special legal protections. Whereas medical data is, for good reasons, subject to pretty heavy handed laws. Differing quite dramatically across all the diverse jurisdictions Google runs in. Sure, I have no clue what my employer's grand plan is here, but it will surprise me very strongly if medical data starts finding its way to established products. And note this is "medical data" according to the conservative common denominator across all the jurisdictions Google has to care about.
It's not like they don't already have health data. Google Fit exists and plenty of people use it - Any android wear devices, but also plenty of third-party devices feed into Google Fit. Any data they'll be able to get from Fitbit they can already get from Google Fit - acquiring Fitbit will just mean they'll have that same data for a whole bunch more people.
What they currently do with the fitness data they collect is probably a pretty good guidepost for what they'll continue to do with fitness data they collect.
> acquiring Fitbit will just mean they'll have that same data for a whole bunch more people
And this is why you have to carefully read privacy policies. Pebble had a clause in theirs saying they could sell any personal data about you to anyone, either as part of a company acquisition or for any other reason. Pebble got bought out by Fitbit. If that data is part of Fitbit's sale then Google will now have all data Pebble ever collected on anyone (which was, at least potentially, a lot).
It's just as likely they want to use fitbit brand to set the bar for android wearable portfolio, like they do with the Pixel for phones, than harvesting your daily steps for targeted advertising.
Could opting into an app that uses heartbeat for non-health purposes (ex. music game with biofeedback) open the door legally for them to use the data for other non-health purposes?
This obsession of pervasive targeted ads, and A/B testing methods needs to stop.
I have stopped using all google services except for search and YouTube. Apple Maps is fine now, if you need a free email account, you can get one on iCloud.com.
Who are these soulless marketing execs that are OK with using this type of extremely personal health data!? There should be a moral objection, which evidently isn’t there. That’s more horrifying.
I guess moral only exists for things which were a problem for a long time. Mass data collection is a relatively new thing. So morals around data collection don't really exist; ask the average person on the street how much they care about this. Result is those non-existent morals weren't able to be codified in law hence no wonder somebody is out there 'exploiting' this.
> I guess moral only exists for things which were a problem for a long time.
If we eliminate homicides in the world, our morals wont change about killing another person. Eliminating the problem or how long it’s been a problem has nothing to do with morality.
Around 2005 or so, Google floated (and let sink) the creepy idea that you should let them listen to your mic, so that they could supply useful info, for instance about the football game you were watching.
This is now the new normal. Pretty sure whatever is now weird will soon be normal too, given a spreadsheet or two to push it through.
(Heinlein was not nearly imaginative enough about the Crazy Years, no one could be. Might as well blame him for not thinking of the "Walk on Your Hands" thing.)
It doesn't always have to be about linking everything to everything. They (Android) needs a decent watch/health device, one that Google has some control over. As it stands today, lack of 'Apple watch' support really kills their Pixel/Android sales.
No way is it simple - there are over a dozen OEMs each competing and advertising their Android phones with the co-branded messaging that they see fit.
The whole strategy behind the Pixel phone was to change the perception of the android brand as a cheap, bloatware'd device for tech dudes. Releasing a recognizable, high quality wearable line fits in with that strategy.
It is simple. Clone Apple's Messages and ship it on Pixel phones. Make it a download so that people can use it with their Google account on other phones.
The hard part for Google is delivering on end-to-end encryption for messages that don't leave their messaging system (similar to Apple's blue bubbles). They really, really want to see what people are saying to each other.
Doesn't have to but could be. And with Alphabet being the giant it is, anything that reasonably could be happening probably is. And I find it a reasonable and scary possibility, even if it's not the primary reason for the acquisition.
Considering that Google's primary revenue is through advertising, and digital advertising's two main problems are (a) identity and (b) context, yes, it is still very much about linking, even if they need to prop up smaller projects or loss-leaders to collect the appropriate data (the secondary value proposition acts as a stepping stone to the first).
the number of fitbit owners <<< number of google identities (for search traffic)
and
data and location from fitbit owners < what they can already get from the andriod phone.
I get the point you are making, I am not denying there is value, but it is a stretch that it is all about data.
In fact, I have heard about companies who had ties with Fitbit to sell location data to third parties. I would much rather have Google be that arbitrator.