What happens in an era when companies can force their employees to take blood tests and deny them health insurance if they don’t comply, when insurance companies use credit card purchases to track the health of their insured, and when drones can hover over private backyards or outside bedroom windows with little recourse for homeowners? Welcome to the many ways in which the technology revolution is reshaping privacy norms in the physical world.
In 2014 AOL CEO Tim Armstrong provoked a firestorm of criticism when he singled out two AOL employees and their “distressed babies” for damaging the company’s finances and requiring changes to its retirement plan. At the time many wondered how the CEO of a major company could know the private health information of his employees and their spouses. It turns out that large self-insured companies routinely provide their executives with detailed information about healthcare expenditures which may include the specific medical procedures being conducted and their cause.
A CNN article about the outcry noted growing concern with employee wellness programs, which at the time increasingly “collec[t] detailed health data that’s normally beyond the reach of insurers, including blood test results, drinking habits, weight and blood pressure.” Quoting the director of the Health Privacy Project at the Center for Democracy and Technology, Deven McGraw, the article noted “In the name of health and wellness, there’s an increasing amount of intrusion … It’s chipping away at the right to keep sensitive information private.” (Even the Dilbert cartoon parodied this in 1991 with the rise of employee drug testing.)
Fast forward a year and McGraw’s fears have become reality, with Bloomberg reporting yesterday on a company which made it mandatory for employees to participate in its health assessment and screening program, revoking the health insurance of an employee who declined to participate. As the Bloomberg article chronicles, companies are increasingly requiring their employees to undergo invasive blood and other medical testing, with the firm legally able to use compliance and the results of those tests to deny or adjust the charges of company-provided insurance, such as charging smokers a higher rate, or cutting off insurance entirely to those who opt not to participate.
At the time, CNN noted that companies were increasingly playing a proactive role in the health decisions of their employees, including monitoring “trends in employee claims for evidence of medical conditions or diseases, such as diabetes, heart conditions or pregnancy … [and] then proactively contact[ing] the worker to offer assistance in managing the issue, such as referrals to doctors or support programs or assistance in losing weight.”
Looking at trends in the sharing economy, companies like Uber have built an entire industry on the use of data-driven algorithms, with employment and pricing decisions based purely on the cold hard calculus of data. What might happen when this data-driven mindset reaches the world of healthcare? In the corporate pursuit of maximizing employee productivity it is not a far stretch to imagine a world in which companies use the results of all of this medical data to optimize the lives of its employees to squeeze every bit of work it can from them.
Imagine for a moment a company whose annual mandatory wellness blood testing determines that a particular employee is at his maximum stress level and is very likely to suffer a major health issue like a heart attack within the next 3 years. From a purely data-driven standpoint (ignoring the legal and ethical considerations) it would be financially prudent for the company to reduce the employee’s work load and move him out of any fast-track promotion programs and instead move him into a program that is about to be downsized so that he is separated from the company before his health issues arise.
Taken to its logical conclusion, the increasing use of private health information in a corporate context to optimize employee productivity and minimize healthcare spending could lead to an world in which employees are “optimized” in the same way that a piece of machinery is used and then disposed. Imagine a world in which health tests are accurate enough to determine a person’s entire life health trajectory, the diseases they will suffer from, their intelligence and aptitude, their drive and ambition, and their ability to handle stress. One could certainly foresee a future in which such testing is administered at an early age and used to determine a child’s entire education program and their employment prospects in order to “optimize” education, healthcare, and employment expenditures. A company would have a fiduciary duty to maximize the output of each employee and then separate from them prior to their first expected health crisis.
Setting aside the ethical and legal aspects of such optimization, one could certainly imagine pieces of this dystopian future becoming reality as the logical conclusion of a data-driven economy based on the cold calculus of numbers and probabilities. Every day the court system routinely estimates the value of a given person’s life and their contribution to society, while military planning always incorporates potential loss of life into whether a given action is approved. (For example, the recent strike on an ISIS cash depository reportedly was expected to kill up to 50 civilians in return for destroying several million dollars, at a valuation of as low as $40,000 per life). It would not be a far stretch to imagine companies assigning similar realtime cost-benefit scores to each employee based on their current output and risk of health or other interruptions.
Moreover, companies are increasingly tracking employees and users outside of the workplace. In 2013 the Wall Street Journal reported that Blue Cross and Blue Shield of North Carolina was purchasing credit card spending data on its 3 million insured users and using the data to look for things like a person purchasing plus sized clothing in order to flag that person for likely obesity. Similarly, Allstate made headlines last year for a patent that would use sensors in insured vehicles to constantly monitor the health and state of the driver for insurance purposes. As data collection continues to evolve beyond the workplace to follow employees and users throughout their daily lives, such health and wellness data is able to construct an all-encompassing profile of a person’s existence.
It is not just employer-based monitoring that is disrupting privacy. Even in our own backyards technology is raising a myriad of privacy questions, perhaps none as great as the question of drones. If a drone is hovering over your property taking video of you in your backyard, or even hovering outside of your bedroom window or watching you in your living room, it is still unclear what laws and regulations apply and what rights you may have to stop the recording. Indeed, the law is farfrom established, with drone owners often being cleared of any wrongdoing. As armed drones become more readily available, first to police and then to civilians, even more questions arise regarding the right to privacy and the kinds of surveillance necessary to deploy such devices in private backyards.
What does this all mean? Today when we hear the word “privacy” our thoughts readily turn to the online world, but technology is increasingly bringing the world of big data and analytics to the physical world and blurring the line as to what precisely is personal information. Even the once-sacrosanct privacy of one’s bedroom at home or blood in one’s body is now fair game for technological monitoring. In a world where online privacy died long ago, we may be witnessing the end of the battle for privacy in the physical world.