Policy ForumData and Regulation

When health tech companies change their terms of service

See allHide authors and affiliations

Science  14 Feb 2020:
Vol. 367, Issue 6479, pp. 745-746
DOI: 10.1126/science.aaz6732

You are currently viewing the summary.

View Full Text

Log in to view the full text

Log in through your institution

Log in through your institution


Digital health technology companies, such as health-related apps and websites, handle unprecedented amounts of highly sensitive user data, including information about a person's genetics, the timing and duration of her periods, her self-reported mental state, and the dates she sees a given health care provider. Although they collect these intimate data and provide users with health-related information, most digital health tech companies are not actually health care providers; thus, laws and regulations that typically govern the collection and use of health data often do not apply to these companies in the United States. Many of these companies reserve the right to unilaterally change their terms of service (ToS), often without users' consent. Users have little legal recourse if they feel a company has violated their privacy or inappropriately shared their data through unilaterally amending the ToS. We explore how legislators could limit the ability of companies to change key aspects of their ToS unless consumers opt in to adopting the changes. These and similar legislative innovations could offer needed consumer protections in the context of digital health tech—and beyond.

View Full Text

Stay Connected to Science

Editor's Blog