On September 9th, Timothy D. Cook, Apple’s chief executive, unveiled two new Apple products — products that means Apple could become a collector of consumers’ personal health and financial information. And that means Apple will need to protect the personal information it holds — and that’s where the privacy concerns arise.
As Brian X. Chen and Steve Lohr reported in the New York Times, these products include a health-montioring smartwatch and Apple Pay; the latter is a new payment service consumers will be able to use to buy items wirelessly on some Apple devices (www.nytimes.com; “With Apple Pay and Smartwatch, a Privacy Challenge”; online September 11th).
The new Apple smart watch will be available sometime in 2015 and it will have health-monitoring capabilities for consumers such as heart rates and other information. Apple Pay will be available sometime in October.
What are the privacy concerns? First, consumers using Apple Pay will be providing valuable financial information such as credit and debit card numbers. As Mr. Chen and Mr. Lohr note, that’s the kind of information that hackers want to get. With the Apple smart watch, the health information that consumers will enter is not covered by regulations so there are no current controls for the ways in which that information is secured and/or used. As Mr. Chen and Mr. Lohr wrote, regulators are becoming more interested in the range of health monitoring devices out on the market and are starting to raise issues about the need to protect this type of health information and make sure it stays private.
In announcing these new products, Apple said Apple Pay will not be storing any payment information on Apple devices or servers. It said it will only be serving as a conduit between merchants and banks. As far as the new smart watch, Apple has updated its guidance to app developers. The guidance now states that developers of health apps who are working with HealthKit, the new set of tools for tracking fitness and health statistics, can’t use the personal health data gather for advertising or data-mining purposes — with the exceptions of using it to help manage some individuals health and fitness or for medical research.
Those exceptions are ones that could, however, be read very broadly. It remains to be seen if Apple really enforces these privacy protections and whether consumers can really count on Apple to provide the kind of protection needed for these types of personal and sensitive information.