The risks posed by Interactive Insurance Policies

Introduction

There is an emerging trend of insurance companies leveraging IoT devices or their own surveillance-based devices to harvest more data from our daily lives with the promise of a cost saving (amongst other rewards).  This is the typical ‘data for dollars’ business model trending at the moment whereby a product or service is free or discounted in exchange for user data.  Let’s have a look at some of the risks this can pose.

Note: This article is written with respect to the decision to share data with insurers for rewards or discounts and whether those rewards or savings outweigh privacy and security concerns. It does not extend to using biometric or medical devices to track certain metrics as suggested by a doctor or health professional as part of a medical diagnosis, treatment, rehabilitation, or other health related pursuits or concerns.

Definitions of key concepts

Interactive Insurance Policy:

Refers to a type of insurance policy where the insuring company receives extra data about a customer and uses it to make adjustments to premiums.  This is usually in the form of discounting the premium price itself but can extend to giving customers gifts or discounts to health specialists, cooking or exercise classes, gym memberships, etc. 

Persuaded Self-Tracing (PST):

Refers to the practise where insurance companies actively encourage / persuade their insured customers to use biometric monitoring wearable devices.  The customer then shares the collected data with the insuring company in exchange for rewards (usually as part of an Interactive Policy) (2) 

To start this piece we’ll give some context using three examples of Interactive Policies to keep in the back of your mind when reading the analysis which follows.

Example one: Dental Insurance

There have already been a few connected toothbrushes on the market which connect to an app and generate data based on your brushing habits.  These toothbrushes map your mouth and inform weather you’re brushing too much or too little, apply too much pressure or too little, if you’re missing any areas of our mouth, and send you motivational messages with a rating of your brushing skills. 

There is one company Beam Technologies that has gone one step further though and offered a dental insurance plan as part of the connected toothbrush.  Users are rewarded with dental-care discounts including reducing the costs of their dental insurance premiums of up to 25%.  To be eligible for the discount of course, the data generated by the user needs to be visible / shared with the provider.

Example two: Car Insurance

Reduced car insurance premiums based on GPS tracking of certain metrics which are relayed back to the insurer have been rolling out for a few years now.  It has been mainly taken up by business customers with large fleets of company vehicles which are driven around by service and sales reps (their employees).  The offer is increasingly becoming more attractive to private citizens who are exploring ways to reduce car insurance premiums.  The way it works is a GPS tracking device is hardwired to a vehicle and tracks as many metrics as the insurer demands and assigns drivers a type of ‘safety score’.  Metrics can be:

• How fast you drive, if you exceed the speed limit, by how much or for how long, etc
• How aggressively you hit the brakes
• If you drive through or park in neighbourhoods considered risky or have high crime rates
• If you drive at unusual times of night or for long periods without a break

The advantages for business and fleet customers are far greater than that to an individual though.  Business customers are able to monitor and track employees, reduce unauthorised vehicle use, automate mileage reporting and optimise timetables or routes.  Individual customers of such an insurance policy will only gain a reduced cost of premium and increased chance of recovery if their car is stolen. 

Example three: Health Insurance

A prominent private health insurance company in Australia offers perks including savings of $200 from the cost of insurance premiums if you participate in their rewards program.  Customers sync their various IoT devices such as smart watches and eligible health apps to the insurer’s app and join the accompanying rewards program.  Users are rewarded for activities such as meditating, walking, visiting the dentist, cooking a nutritious meal or getting an early night (amongst many other activities).  This type of policy has been gaining traction amongst health insurers worldwide in recent years and tends to be a more commonly available option than not from many mainstream insurers.

Discussion Part One: User acceptance and broad issues

A modern trend in the corporate world is the chase to become ‘a data driven company’, take part in ‘data driven decision making’ because ‘data is the new oil’ and other such statements that grace the pages of almost every business publication.  This is sold to organisations with the promise that by gathering as much customer data as they can, in real time, they will improve their business decisions and enable establishing or growing of their competitive advantage.  This obsession with data has even trickled down to companies creating employee health and productivity programs based on data from wearable devices.  Companies aren’t just chasing customer data but are also turning their attention to employee data as well. 

Insurance companies, as we’ve said, have been one of the first big movers with John Hancock leading the way to be the first to offer a free Fitbit and potential to earn a 15% reduction in premiums for members who achieve their targets.  This is an example of PST (persuaded self-tracking) in that members need to adopt the tracking technology and give permission to share that data in order to participate and be eligible for the discount. 

Up until the mass adoption of wearable technology and the ‘big data’ corporate trend the business model of insurers worked quite differently.  The traditional model involved pooling member risk, calculating average pricing and generating a premium from that data.  This is still the case in Germany where health insurers operate on a solidarity principle where all members receive the same services form their health insurance based on shared financial sacrifices (1).

Whilst Interactive Insurance Policy offerings are increasing (in options and generosity) and PST within those is becoming more aggressive there is heartening news to report.  It appears people are not jumping onboard as fast as many insurers would like with research by Paluch & Tuzovic (2) finding:

• Individuals do not want to use fitness trackers for longer periods of time
• Individuals do not want to share collected information with insurance companies due to high privacy risks and violation concerns
• Individuals still want to remain in control when participating in PST

However most striking was the finding that many participants showed concern that data sharing with insurance companies will lead to negative personal outcomes.  Fears regarding price discrimination, ongoing or permanent observation and control, and the prospect of wearing a fitness device would become compulsory less they are penalised with higher priced premiums (2).  The last point of course being an example of the ‘carrot and stick’ method of persuasion. 

Furthermore, there were fears which question the very premise of Interactive Policies in that participants claimed social equality outweighs modest individual advantages.  There is a preference to pay higher rates in line with the solidarity principle in mind as social equality and fair access to healthcare is more important (2) and currently very topical. 

Social engineering also appears to be at play with these Interactive Insurance Policies as insurers determine the bar for rewards.  If more and more insurance members reach the level where they are rewarded with a reduced priced premium, it wouldn’t be unfair to assume insurers would respond by raising the bar higher.  This would result in more people being, let’s say, persuaded to engage in more reward orientated behaviour.  They may spend more time doing physical activities to chase the reward or discount than would otherwise be safe, enjoyable, beneficial, or recommended by a doctor based on their age, fitness levels, or physical state.  Having insurance companies decide and define what a healthy life looks like or consists of is a risky door to open. 

Reliability issues also come into play, the wearable devices and fitness trackers themselves have been found to be inaccurate at measuring heart rate and can be cheated by having another wear them (amongst other ways).  Furthermore, the benchmarks used by insurers may be based on a disputed premise or historically ‘accepted knowledge’ which may not be adequately true today.  Weight-Height tables, the significance of BMI and traditional food pyramids are just some examples of traditional benchmarks used in Interactive Insurance Policies that are being objected to by health professionals the medical community more broadly. 

Finally, on the point of reliability one would also need to consider the individual benefits of certain forms of exercise or ‘alternate therapies’ as well.  There is a lack of distinction between ‘doing health related activities’ and ‘doing good things for your individual health’.  For example, walking 10,000 steps per day forms the former but not always the latter for all people.  Remember, a health assessment, medical diagnosis, or training program is individual and personal created through an assessment by a trained professional such as a Doctor, Physiotherapist, Dietician, or Personal Trainer.  The goal metrics in Interactive Insurance Policies and similar reward programs are based on statistics and averages, not your individual health status. 

Participation in Interactive Policies is voluntary and given, you’re here reading a Privacy Rightfully article we assume you’re probably not participating.  However, the fears of some participants in the Paluch & Tuzovic study (2) highlight a concern regarding what the future will bring.  Right now, the cost savings on the insurance premium are quite modest in that most of our readers would probably rather pay the value of a 15% discount to not have to share data about their day-to-day routines.  However, the offer may grow from a modest one to one bigger and more appealing one, what about a 30% discount?  That may compel a few more people and no doubt 50% would compel even more. 

This article is being written in November of 2020 where many economies around the world have been ravaged by COVID-19 and millions of people have been furloughed, lost considerable clients, or lost their jobs.  Life goes through cycles of good times and bad times and if you find yourself in a bad time, you tend to look for savings anywhere you can find them.  When looking to save money people tend to cut discretionary spending and spending on things they can’t physically see or tangibly feel first.  Cancelling insurance or significantly reducing insurance cover to find spare dollars for higher priorities such as groceries and mortgage payments happens when people find themselves in bad times.  This makes sense based on Maslow’s Hierarchy of needs whereby people will retreat to prioritise essentials first.  You may be privacy conscious but a sudden change in your financial affairs could lead you to bite that carrot being dangled by your insurer and sell your data for a financial saving. 

Discussion Part Two: Data & Privacy

The part of the article most of our followers will be most keen to read, as you do read what’s to follow keep in mind that currently:

• Wearable devices (used to create data for most Interactive Health Insurance Policies, such as a Fitbit) are not considered medical devices and as such they are not regulated by government organisations. 
• While the protection of data relevant to the contracting of an insurance policy is clear and regulated, the use and treatment of data collected additional to or outside of this may not always be (3)

Data:

This is concern to those, like us, who are sceptical when it comes to the security of the data regarding storage, sharing, sale, and employee access.  Health related data and GPS location data are both collected (or able to be collected) by Interactive Insurance Policies so users need to be sure that data is secured by the insurer, ideally using encryption.  Health related data is lucrative to corporate entities in the following ways:

• On-sell data to advertising companies, medical device companies, or pharmaceutical companies for profit (this may even be more than the value of the discount they give customers)
• Data mining companies can combine this data to create profiles and lists of people with a certain medical diagnosis or condition (4)
• Profit from selling data to potential or existing business partners (4)
• Can be used to increase premium cost, deny insurance claims, or make certain customers uninsurable in the future

The data is also lucrative to bad actors who could use it to do you harm (even data that is anonymised can be re-identified by data experts).  Bad actors can use it for identity theft, doxing, blackmail, make fraudulent health insurance claims, or access drugs or medical equipment.  The greater the sensitivity of the data (sexual identity or medical diagnosis for example) the greater the risk to you if that data is compromised or hacked and subsequently acted upon by bad actors. 

Given the lack of regulation regarding how insurance companies use data collected outside of the scope of what’s needed to contract an insurance policy (3) we reach an area of concern.  No doubt such data is most likely protected by the insurers internal data protection policies and practises, we’re not suggesting all insurers store this additional data haphazardly.  However, data breaches of customer data stored by corporate entities, including insurers, has happened and makes prominent headlines regularly.  One such example is the Ashley Madison breach of 2015 which lead to suicides and divorces worldwide as a result.  Data indicating your infidelity has the same value (power and risk) as your medical data and other sensitive data you create as part of Interactive Health Insurance Policies or the GPS data created by both Interactive Health and Car Insurance Policies.  The best advice is not to create it in the first place if you can live without the discounts or rewards on offer. 

Privacy:

Privacy too is at risk and no doubt the concerns in this area have been alluded to already throughout this article.  Whilst the discussion to this point has been focused on health-related data, we’d like to spend some time on the GPS data that is generated, particularly as part of Interactive Car Insurance Policies (but also health ones) and relate that back to privacy concerns. 

MIT researchers found (using 1.5 million anonymised mobile phone records) that 95% of people can be specifically identified from just four location points.  This is down from the 1930s where you needed approximately twelve points to uniquely identify and characterise a fingerprint (5).  GPS location data can reveal information as sensitive as:

• Attendance at a church or other religious affiliation
• Visit to medical specialist (eg. psychiatrist) or place of diagnosis (eg. STI clinic)
• Visit to drug or alcohol rehabilitation clinic
• Patterns of routines indicating when your home may be empty for burglary
• The school your children attend
• The places you shop and exercise (particularly if you do it alone and after dark)
• Visits to brothels or gun stores

The privacy related concerns are far greater than being served advertisements based on those visits, the concern relates to how this information could potentially be used against you.  Your insurer may share, on-sell, or be breached and have this data stolen by bad actors, significantly undermining your privacy, safety, and security.  A well-publicised example of how GPS tracking data caused a significant privacy, safety and security breach was Strava’s global heatmap revealing the location of US military bases and soldiers’ training routes. 

Earlier we discussed GPS tracking in the context of fleet or company vehicles used by employees.  Here are some privacy related scenarios which can impact the employee-employer relationship based on the GPS data, but consider them on a personal level too with whoever else the data is or can be shared with (such as your insurer or other third parties):

• Psychological implications or distress: for example, the feeling of being constantly watched and a feeling of not being trusted by the employer
• Micromanagement of the employee’s time and workload causing undue stress on the employee and increase the potential of a workplace accident
• Expectations of privacy: for example, an employee may visit one of the above listed locations during their lunch break and the employer may be liable for invasion of privacy if the event is disclosed
• Discrimination: using the example above, the employer may learn the employee is getting treatment for a medical condition and terminate the employee believing they are a workplace risk.  If proven the employer could then face a wrongful termination claim
• Negligent supervision: for example, the data may indicate the employee drives recklessly and a failure to act by the employer privy to the data can lead them to be liable for negligent supervision in the event of an accident. This puts employers in a delicate situation when balanced against the point regarding expectations of privacy!

GPS location data, part of many Interactive Insurance Policies, can reveal a lot about you and your routines.  We don’t even need to say ‘in the wrong hands it can be used against you’ as it can work against you even in the right hands! 

Summary of issues / risks

• Insurers see more of your life and can adjust premiums and future insurance offers negatively (increase price, reduce cover available, deny claims, decline cover) not just positively
• Policies and rewards programs can be based on outdated medical advice or benchmarks that are not in the best interests of your individual health status
• Wearables and tracking devices may not record accurate data
• Reliance on the data being stored, secured, and accessed only by authorised persons (and not on sold, shared, hacked, or stolen)
• The data working against you where privacy and safety are concerned significantly outweighing working for you where discounts and rewards are concerned

What can you do to reduce the risks?

Here are some tips to consider when assessing your participation in an Interactive Insurance Policy or similar ‘rewards for data’ program:

1. Don’t participate in Interactive Policies or any similar ‘rewards for personal data’ programs unless you absolutely have to.  Ensure you read the Privacy Policy and Terms & Conditions if you do participate and research the insuring company to see if they’ve had data breaches in the past
2. Disable location tracking settings from all applications (apps) that are unclear on how they plan to use that information
3. Sit down with your employer and be clear on the guidelines and expectations of privacy relating to tracking of company inventory you use (cars, phones, laptops etc)
4. Decide how important it is to track increasingly available metrics in your life.  For example, I am personally a bit of a runner and use a GPS tracking watch to measure my runs to see if I’m improving.  However, I don’t wear this watching outside of exercise so it does not follow me to work, shopping, social settings, etc nor do I use it to record sleep, daily steps, etc – it is exclusive to one activity
5. Decide how important the sharing you do of various health data and location data such as check-ins and reviews on social media and review sites.  To use my example of running, I only share to my social media when I complete staged events such as marathons, I rarely share training runs and definitely don’t if they originate near my house
6. Remember you generate this data first and give permission for it to be collected by apps or third parties (such as insurance companies) second.  Whilst those others are responsible for the data once they have it, you are responsible as to whether or not it is created in the first place. 

Conclusion

Remember, we’re not pointing the finger at the insurance companies deliberately misusing the data. We’re point the finger at their PST rewards programs, what they could do with the data, and the overall security they place upon it.  Rarely do people read the Terms & Conditions or Privacy Policy before accepting these Interactive Insurance Policies, most will see a cost saving or half price Yoga classes through the lens of rose-coloured glasses.  Unfortunately, privacy and security should rarely be assessed through those same lenses (but rather a pessimistic or risk-adverse lens) and it’s common knowledge that with advancing technology people generate much more data than they realise as time goes on. 

Your insurer will offer you to ‘co-create your healthcare experience’ or similar trending buzz phrases.  We hope this article and what we’re doing at Privacy Rightfully will help you create a privacy and security focused mind and mental, personal, ‘nonnegotiable terms’ when considering all other ‘experiences’ in a world obsessed with chasing your data. 

References

1. Introduction the Principle of Solidarity in health Care Policy
2. Persuaded self-tracking with wearable technology: carrot or stick?
3. Technology and innovation in the insurance sector
4. Healthcare and big data: digital specters and phantom objects
5. Unique in the Crowd: The privacy bounds of human mobility

This article is written in line with our Terms & Conditions and Disclaimer. As such all content is of a general nature only and is not intended as legal, financial, social or professional advice of any sort. Actions, decisions, investments or changes to device settings or personal behaviour as a result of this content is at the users own risk. Privacy Rightfully makes no guarantees of the accuracy, results or outcomes of the content and does not represent the content to be a full and complete solution to any issue discussed. Privacy Rightfully will not be held liable for any actions taken by a user/s as a result of this content. Please consider your own circumstances, conduct further research, assess all risks and engage professional advice where possible.