UL Testing Safety, Privacy Issues Related to Wearable Devices

Physical and privacy risks relating to wearable devices has prompted a familiar face in the safety arena to research the technology.

With so many questions relating to wearable device safety, Underwriters Laboratories has delved into the wearable technology space, said Anura Fernando, principal engineer, eHealth – Medical Systems Interoperability and mHealth at Underwriter Laboratories.

“We see wearables…as the collection of a variety of different technologies for different applications,” said Fernando.

Lifelogging devices pose privacy issues. | Photo by Robert Templeman - Indiana University
Lifelogging devices pose privacy issues. | Photo by Robert Templeman – Indiana University

Though it might seem a stretch for the Northbrook, Ill.-based UL, which has historically been involved in the electrical safety side of things to get into the wearables platform, Fernando said electrical and fire safety issues are just a couple of issues that could arise from the devices.

Initially, UL’s research was focused mainly on materials characteristics that were relevant to either the initiation or spread of a fire. Fernando said that its research has gradually expanded into examining an entire product’s life cycle.

“We were originally involved in testing products after they were developed and as they were getting ready to enter the market, to make sure that they met this baseline of safety requirements that would ensure that they didn’t catch on fire or pose a shock hazard,” explained Fernando. “We began to recognize that these kinds of safety issues really need to be thought about right from the very beginning of the product’s life cycle…at its inception.”

For the past 30 years, UL has worked with manufacturers from product concept all the way through decommissioning, Fernando said

“It’s important to think about what happens to the product after it’s finished on the market. How do you dispose of it? What are some of the material disposal considerations? Do the products have hazardous materials that shouldn’t be disposed of in landfills?” he said. “Now we’ve shifted to this begin to end life cycle model.”

Shifting technology prompted UL’s change of focus.

According to a PwC report, The Wearable Future, twenty percent of Americans already own a wearable device and the number is expected to rise quickly.

“The Internet of Things and cloud computing are very much analogous today to what electricity was 100 years ago,” said Fernando. “Our services are shifting to keep pace with that technological evolution. We are beginning to look more and more at data, what role data plays. New ways that power is utilized.”

In addition, UL is analyzing how data is protected, examining encryption and storage methods.

“How do you ensure the integrity of data, so that data that starts from point A doesn’t end up somehow convoluted into something else when it arrives at point B? What do you do about hackers who are trying to penetrate these systems?” Fernando asked.

How a wearable device product interacts with human skin is also being analyzed. Fernando explained that there are many different plastic and electronic components packaged in wearable applications. He said different use scenarios need to be considered.

“If it’s a wearable product that’s going to be in long term contact with human skin, then you may want to know what its bio compatibility characteristics are,” said Fernando. “The very same tools that we use to characterize the material for electrical purposes, things like infrared spectroscopy, can now be used to also characterize the materials relative to biocompatibility. Then once the biocompatibility of the material’s been tracked, then you have things like its IR (infrared) signature that we can track to make sure that the material consistency remains the same.”

According to Fernando, many of the devices use lithium ion rechargeable batteries. He said it’s important to think in terms of how this type of technology could fail and what the results of failure would be.

“If the battery fails, it’s not just necessarily loss of the power source, but you may also have failure modes that can be much more hazardous than just losing functionality of the product,” Fernando said. “When you create a short circuit, you start to get overheating. If you don’t have safety mechanisms built into things like batteries, things like over current protection or pressure venting then you can thermal runaway and you can have explosions.”

Augmented reality glasses could potentially project images into the eye, said Fernando. Incidental radiation could occur causing injury to the retina.

This is where hazard based safety engineering comes in, the UL researcher said.

“It is an engineering discipline that was developed jointly by UL and Hewlett Packard a number of years ago and it’s now embodied in international standards,” Fernando said. “What it does is it suggests that when you look at new technologies, that you analyze them from the perspective of, ‘What is the potentially hazardous source of energy or substance or data, and how is that hazardous source potentially transferred to a susceptible part?’”

Radio frequency is another concern relating to cellular technologies, he said. Specific absorption rate (SAR) measures how much radio frequency energy is being transmitted, especially important for transmitters that are kept in close proximity to the body.

“The idea is to ensure that the transmission of RF energy, just like the transmission of optical radiation, stays within those standard design permissible limits,” said Fernando. “The same thing applies for temperature too.”

While some wearable devices are regulated as medical devices, the UL researcher said, citing Holter monitors that monitor heart rate and CPAP machines, not much regulation currently exists because of the way wearable technology has burgeoned.

“It has hit the market so rapidly that unlike medical, it didn’t have the time to evolve into the regulatory realm of things,” said Fernando.

Data Security Concerns

UL is also involved with cyber security testing.

“We’ve actually been doing security for quite a while in the banking sector. We have a group within UL that we call “transaction security,” said Fernando. “We’ve been doing ATM testing for example, to make sure that ATMs can’t be compromised.”

The lab is now looking to introduce the same concepts into consumer and medical wearable technology.

“We’re very much involved in both the domestic and international standards development around cyber security, involving privacy and confidentiality,” the UL researcher said. “In the medical domain, in particular, we’re working with organizations like the Association for the Advancement of Medical Instrumentation, to develop things like medical device cyber security standards and guidance for industry on what kinds of things to think about.”

Privacy questions relating to wearables include the potential disclosure of a “wearer’s location, health status, or other confidential information,” according to a blog written by Mark Breading, a partner at the insurance research and advisory firm Strategy Meets Action. Breading said a variety of security vulnerabilities exist and regulations governing the data collected on wearable devices lags behind the technology.

A recent White House cyber security report suggested a potential UL safety certification that could serve as a model for Internet themed security in the medical and healthcare space. Fernando said the certification, which would address product safety, regulatory concerns and privacy issues, is currently in development.