Telecoms.com periodically invites expert third-party contributors to submit analysis on a key topic affecting the telco industry. In this article Sarah Pearce of the Cooley Technology Transactions Group looks at some of the issues, legal and otherwise, created by the emergence of wearable technology.

Technology is now pervasive and has become a part of virtually all the products we buy, and ultimately, therefore, of our lives. The ‘digitalisation’ of fashion and emergence of ‘Fashion Tech’ has been a natural progression and it is fair to say that wearable technology now represents a major new opportunity for brands looking to gain a competitive edge in the fashion and retail market, including those that have been historically traditional and luxury.

Existing / Current market trends

At present, wearable devices are mostly accessories and can be seen in two main industries: (i) fitness, wellness and healthcare, and (ii) products delivering a combination of information and entertainment, such as smartwatches or glasses.

Perhaps the most talked about of the wearable devices currently on the market is the smartwatch. Until recently, we only really saw the Silicon Valley technology companies make any progress in this area. There has, however, been considerable movement in the past year by traditional Swiss watchmakers seeking to collaborate with technology providers in an attempt to produce their own versions.

Other “infotainment” products have also appeared recently, such as glasses that capture both video and audio with the potential to take photos, shoot video and record conversations of anyone near the wearer, to upload the content and share that data with anyone via the internet.

Legal Issues

Inevitably, wearable technology of all types raise a broad range of potential legal issues, the key ones being intellectual property (IP) protection and data protection/privacy.

The IP issues are reasonably self-evident, and, to a certain extent, manageable both commercially and legally: generally, attention must be paid to the protection of the product name, its function, look, and feel.

Wearables can potentially hold considerable amounts of data and their increased market presence has raised various controversial and high-profile data privacy concerns, including identity theft, profiling, discrimination and stalking. However, with the increasing availability of wearable devices, consumers are apparently willing to provide their personal data in exchange for the benefits of ‘self-profiling’ and having a round-the-clock analysis of their health.

But is the data held in such devices ‘personal data’ within the legal definition? The International Privacy Conference stated in a declaration in October 2014 that big data derived from the Internet of Things (which includes wearable technology) should be regarded and treated as personal data. This is because the inferences that can be drawn from the data processed by this technology are more likely than not to be of a personal nature; the data subject will be more identifiable, and the data is more than likely to be sensitive in nature. For data collected via wearable tech sensors, there is now an assumption that data protection law will automatically apply under existing UK law and such data processing has been stated as definitively falling under the EU data protection regime currently being updated.

The principal issues concern notice and gaining the consent, not only for the wearer but also, in some cases, other third parties. The EU requires that wearables have easily accessible, clearly worded terms of service and/or privacy policies which explain how and what third parties will have access to data collected on the user’s device, and in the case of sensitive personal data, require the user’s consent. With the need for such consent to be specific and actively communicated, it may be that sweeping consents or the burying of terms in fine print will not be enough.

There is also the issue of data transfer: the storage and location of data collected by wearable devices is likely to require an international transfer of data outside of the EEA onto servers, or to the third parties mentioned above, which triggers further requirements under EU law.

Alongside all of this, data security is another important issue. If hacked, some wearables could expose a huge amount of intimate and extensive personal data about an individual, such as their health, location and behaviour. This can of course already happen with laptops, tablets and smartphones, but the potential scale and intrusiveness of breaches involving wearables is unprecedented.

Do wearables have a future?

Embracing technology provides an opportunity for businesses to reach new markets and new customers, including an often younger demographic which is familiar with, and dependent on, technology.

It would be hard to argue that wearables are simply a passing fashion; the question is, in what form? At this year’s CES in Las Vegas, Intel Edison demonstrated the Spider Dress, which measures stress levels in the user’s body to activate ‘spider legs’ as a warning to those entering the user’s personal space. At SXSW, one of the examples of futuristic wearables presented by Frog Design was a small ‘drone’ which sits on your shoulder and automatically clears the air in front of your face if it detects deterioration in air quality.

So, could the legal issues limit the further development and market uptake of wearables?  Some stakeholders have asserted that the application of some data protection principles and obligations under EU law should be substantially reviewed to allow for promising forthcoming developments in big data operations. The Article 29 Working Party has acknowledged that the challenges of big data might require innovative thinking on how some of these and other key data protection principles are applied in practice. They maintain, however, that the principles remain valid and appropriate to the development of big data, subject to further improvements to make them more effective in practice.

The data collected by wearables is a big business, particularly for marketing to individuals, as this will encourage targeted advertising according to the health ‘needs’ of the subject. However, individuals have rights in relation to direct marketing, including the right to request that this be stopped and the obligation for interested parties to obtain an individuals’ consent to the processing of their data in this way. This should not, however, pose a blocker to businesses operating in the industry. The requirement is that behavioural advertising targeted on the basis of health analytics needs to have definitive consent from the individual. Businesses should, therefore, consider anonymising the data for marketing purposes: once anonymised, the data is no longer personal data, and can be used for analytics.

In fact, there are a number of ways to ‘manage’ the various data issues at stake, enabling businesses to operate innovatively. Key points to consider include transparency (about how the data is being used, shared and transferred); consent (informed consent by the wearer to what is being done with their data); ensuring adequate security measures are in place in respect of the data, including outward contracts thereby managing the level of customer permissions and the security and management of any data collected/processed.

Aside from the legal issues, one of the principal criticisms levied at wearables is their lack of aesthetic appeal: often seen as ugly and cumbersome, many have questioned the wear-ability of tech. The majority of companies seem to focus on the engineering challenges and neglecting the ‘cultural engineering’ required to make devices visually appealing or ‘fashionable’. It does appear that developers are now beginning to listen to these critics; a few US tech giants have publically hired senior executives from luxury brands to assist in developing more attractive models of smartwatches. Similarly, a high profile brand of infotainment glasses is said to be working with a luxury eyewear brand to produce a new model of its former release, much ridiculed for lacking aesthetic quality.

This convergence looks set to continue with even high-end clothing manufacturers working with technology companies to develop clothing which contains sensors and wireless circuitry. While this is currently at the stage of embedding or integrating sensors/chips into clothing so they are not noticeable, the ultimate aim is to weave digitally enabled fabrics that are washable like any other fabrics we wear.

Are we finally seeing the ‘wear’ being bought into ‘wearables’?

Sarah Pearce is a partner in the Cooley Technology Transactions Group and is resident in the firm’s London office. Her primary focus is on technology and her practice covers a broad range of commercial legal aspects in technology-related transactions, from the negotiation of major IT projects or outsourcings to advice regarding exploitation of a company’s IP or its digital strategy. 

She regularly advises on complex IT transactions and IT procurement and is a specialist on international outsourcing projects, acting for clients in both the common and civil law jurisdictions. While her focus is on technology, Ms. Pearce also advises a diverse selection of clients (particularly in the consumer products and retail sector) on general commercial matters, including supply, distribution and licensing arrangements; digital and other e­-commerce matters; data protection and privacy issues; as well as other issues involved in the launch of a new product/service in Europe.