Consent has enjoyed a prominent position in the American privacy system since at least 1970, though historically, consent emerged from traditional notions of tort and contract. Largely because consent has an almost deferential power as a proxy for consumer choice, organizations increasingly use consent as a de facto standard for demonstrating privacy commitments. The Department of Health and Human Services and the Federal Trade Commission have integrated the concept of consent into health care, research, and general commercial activities. However, this de facto standard, while useful in some contexts, does not sufficiently promote individual patient interests within leading health technologies, including the Internet of Health Things and Artificial Intelligence.
Despite consent's prominence in United States law, this Article seeks to understand, more fully, consent's role in modern health applications, then applies a philosophical-legal lens to clearly identify problems with consent in its current use. This Article identifies the principle issues with substituting consent for choice, the "consent myth, " a collection of five problems, then proposes principles for addressing these problems in contemporary health technologies.
"In God we trust. All others must bring data."--Unknown (1)
"Consent" in the privacy context emerged as a mechanism to negotiate the private and public spheres of life. What began as a version of contractual agreement, an affirmative defense in tort, and a precursor to confidential relationships, has grown in digital times to epic proportions. The health industry alone uses at least four different variants of consent: traditional notice with explicit consent, express authorization, informed consent, and notice with recommended consent. (2)
The consent mechanism has subsumed broader conceptions of consumer and patient choice, a concept implicit in broader social goals of autonomy and self-determination. This neglect of broad notions of choice and the synonymous treatment of consent as choice has led to a substantially weaker privacy model depending almost entirely on a set of beliefs, or rather myths, that privacy scholars and practitioners have widely acknowledged as longstanding problems. The dominant privacy model today operates almost exclusively by using adhesive privacy notices, followed by agreement to such terms, or consent. So long as the privacy notice is accurate and the natural person about whom data is collected (the data subject) agrees, an organization has met its privacy obligations.
New connected health technologies have amplified these problems, demanding exploration of new privacy models to protect consumer and patient interests. The Internet of Health Things, or Internet-connected consumer health devices, have begun to generate large volumes of useful data, increasing potential data uses. Artificial Intelligence (Al), increasingly used in health applications like disease diagnosis, treatment outcome evaluations, and medical device functionality, requires large data volumes to produce reliable and effective Al algorithms. (3) These technologies, which carry great promise for improving human health, seek to maximize data collection and use, making it more difficult for organizations to effectively communicate information in a privacy notice. The health technology environment has changed rapidly over the past forty years, boosted by Internet-connected resources, faster computing power, shrinking battery size, and transformative power of Internet mobility. (4) However, the pace of the law, especially in relation to privacy considerations, has remained fairly static since the passage of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Department of Health and Human Services's (HHS) 2002 Privacy Rule. (5) The Privacy Rule, incorporated by HHS, established patient rights and organizational obligations to be enforced under HIPAA. Despite updates of the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), the Privacy Rule has essentially remained the same, as have the Federal Trade Commission privacy principles. (6) The lack of health privacy law updates consistent with the evolution of modern health technology has created incompatible and, to some extent, abusive privacy practices. (7) What may have provided minimally sufficient consumer choice in a traditional health context no longer safeguards consumer privacy interests with modern health technologies. (8)
This Article builds on a bedrock issue raised in Daniel J. Solove's Privacy Self-Management and the Consent Dilemma', although consent fulfills certain needs in our privacy system, we are rather expecting consent to do too much, (9) specifically that notice coupled with consent has been positioned as a panacea for nearly all privacy problems. Unfortunately, the consent mechanism is imperfect: although consent may be useful in some scenarios, it does not fulfill greater goals of individual choice implicit in privacy goals. Contextual integrity, however, does provide a helpful tool for evaluating legal schemes, including the normative role consent plays as a functional representation of choice and identifying its considerable limitations, including whether it can, at present, fulfill autonomy goals. This paper adds to the existing privacy literature by applying Helen Nissenbaum's philosophical lens of contextual inquiry to identify and categorize the five primary problems with consent, then proposes an alternative model, as principles, to better support individual choice.
Part I briefly explores the evolution of health technology, including the shift from fiduciary and context-rich relationships to more attenuated human-computer interfaces. Part II discusses a brief history of consent in health care, including social developments that led to privacy concerns and a desire to address them. In Part III, I apply Helen Nissenbaum's concept of contextual inquiry to examine the failure of consent as choice resulting from five distinct problems, the "consent myth." Part IV responds to these problems by proposing four principles to improve choice for more effective consumer engagement advancing individual autonomy. (10)
HEALTH TECHNOLOGIES FRUSTRATE TRADITIONAL PRIVACY LAW REGIMES
Modern health technologies include everything from websites providing disease information to mobile health apps and home health robotics. These technologies have intensified privacy debates, especially when technology incorporating Internet connectivity or large data collection creates new potential risks to the individual, such as data misuse or loss through cyberattacks. (11)
The Internet of Health Things (IoHT) is a technology that connects physical devices, such as medical devices, with the Internet. The IoHT, which include the Internet of Medical Things (IoMT), is a variation of the well-known Internet of Things (IoT), or the conversion of self-contained analog consumer devices to increasingly Internet-tethered consumer devices. (12) IoHT devices span the marketplace of health-related devices: connected medical devices, consumer self-care, and health improvement technologies. (13) IoHT devices are produced by highly regulated market sectors, such as health care and medical device manufacturing, as well as the comparatively less-regulated consumer product manufacturing. (14) IoHT devices include everything from connected pacemakers to mobile device connected insulin pumps, Internet-connected X-Ray machines, and fitness trackers.
Privacy and IoHT
IoHT devices are unique in that these devices directly collect personal data through automated and pervasive interaction, which may or may not implicate device security and safety. (15) IoHT, then, can be understood as a type of continuous surveillance, wherein data are collected by private organizations for any number of purposes. These purposes likely include consumer-expected data uses, such as product registration, basic dcvice functionality, or product improvement activities, but may also include more attenuated purposes designed to benefit the consumer or the manufacturer. IoHT manufacturers may anticipate financial benefits not only from selling IoHT devices but also from data collection efforts. (16)
IoHT devices may collect a wide variety of data as part of functionality and the human-computer interactive model. The data may differ in data sensitivity, for example from an individual heart rate or evidence of a serious disease to what a person might have eaten for breakfast. These data, for most IoHT implementations, will be combined with other data collected, bought, or exchanged, sometimes about the same users. (17) These other data feed big data implementations, which power the "smart" aspect of IoHT offering advanced analytics, improved algorithm performance, or even feeding machinc learning utilities. (18) Data collected as part of big data sets both have utility for an effective IoHT implementation and simultaneously may provide personally identifiable health data or proxies for these data. (19) It is often unclear, at the time of device purchase or prescription, which data may exist in the data set overall, their provenance, and their overall degree of identifiability within the broader data set. For these reasons, IoHT introduces a special type of privacy risk for consumers and patients when it is implemented using cutting-edge technologies like big data sets and machine learning utilities. (20) However, the degree of legal protection afforded patients or consumers often differs based on how the device is procured, rather than what the device can do. (21)
One particularly interesting example of legal protection inconsistency involves hearing aids. Nearly 37.5 million adults have a hearing impairment, and only a fraction of those adults use hearing aids (from 16- 30%, depending on age)...