Neurolaw, privacy and neurotechnology

Have you watched Elon Musk’s live debut of his new brain device? It’s the latest neurotechnology invention created by his company, Neuralink. The device is going to have curious consequences for Neurolaw. If you missed it, not to worry. Here’s a quick update.

Friday, 28 August 2020: Musk presented Neuralink’s new brain chip. The company implanted the chip into the skull of a pig, linking it to the pig’s brain tissue. Essentially, the chip connects the pig’s brain to a computer and records data from the pig’s sensory neurons. The computer then represents the data in a graphical presentation. In realtime, the graph shows the movement of the pig. It also indicates when external stimuli excite the senses of the pig.

The technology gets more gripping. Consider when a surgeon connects the chip to a human brain. The data would be instrumental in helping patients who suffer from spinal injuries or diseases. Apart from transmitting the data, the chip could also stimulate the neurons responsible for lost mobility. In other words, the chip could help restore movement.

“To infinity and beyond”

For humans, the potential uses for similar neurotechnologies are limitless. In addition to medical services, there are several commercial uses.

Imagine a future where you could download your memories to a storage device then replay them via your mobile phone or smart TV. This concept is known as “Whole Brain Emulation”.
Another fascinating function of a brain chip is to connect the mind to the internet. Why? Picture having instant access to unlimited sources of information and expert advice. This concept is known as the “Brainternet”.

These instances sound like romantic ideals of science fiction. But, scientists are already making impressive advances. For example, scientists have recently used AI neurotechnology to read or decode human thoughts.

As impressive as the advances sound, we need to think about what happens with the data from our brains (“brain data”). Specifically, we need to think about the scenarios where companies could commercialise our brain data or hackers could steal this data (“brainjacking”). What happens then?

Neurolaw

By relying on our social contract, the law needs to play a role in protecting our brain data. With the fast development of neurotechnologies, the law needs to be clear on what happens when something goes wrong or when companies abuse their powers. The Cambridge Analytica scandal is just one example of how crucial regulation is.

Notably, this branch of law is called ‘Neurolaw’. It’s relatively new, but it’s expanding quickly. In this post, we focus on the privacy aspects of Neurolaw.

Neurolaw and privacy

In his book, 1984, George Orwell wrote: “Nothing was your own except the few cubic centimetres inside your skull”. He was observing the mind as the only domain of humans that surveillance can’t penetrate. Unfortunately for Orwell, the advances in neurotechnology disprove his observation.

We’re living in a reality where we need to think about the skull as a domain of privacy. Why? Well, with connecting your brain to a computer, it becomes possible to record the data from your brain. Brain data consists of:

memories and thoughts,
behavioural patterns and emotions, and
dreams and desires.

Companies are already thinking about ways to use our brain data, such as to market ads to us. For instance, Facebook has already invested in this neurotechnology. Other examples are Halo Neuroscience and Neurable. They’ve already established privacy policies that cover the brain data collected from their devices.

At this point, you’re probably thinking, “What about my right to privacy?”. Legally speaking, however, the issue is if our right to privacy protects our brain data.

Privacy laws

Currently, over 100 countries have some form of privacy and data protection laws. But, no government directly regulates brain data under the right to privacy.

If your country has data protection laws, then these laws should protect your brain data to some extent. The laws would probably regard brain data as “personal information” or “personal data”. But, it would be better if the laws specifically defined and covered brain data.

Are the laws enough?

It’s unclear whether the current laws are enough to protect brain data. Courts could interpret the legislation to protect the privacy of brain data. However, that would be leaving privacy to chance.

Instead, the prudent approach is to start to think critically about whether the laws are enough. A few countries have already started doing so. With conviction, some states have made great strides. One government agreed to make brain data protection a human right. Further, the OECD adopted nine principles for regulating the use of brain data. The nine principles make up the first international standard in Neurolaw.

Where does this leave you?

For now, the truth of the matter is that we can only look at our current data protection laws to regulate the privacy aspects of neurotechnology. However, we must understand the laws as they are before we suggest ways to improve them.

Next steps

Comply with data protection laws whilst using or developing neurotechnology by asking for our advice.
Obtain legal certainty by asking us to provide you with a legal opinion on one of the legal issues of neurotechnology.
Deal with incidents effectively when using neurotechnology by asking us to provide you with an incident response policy.

Neurolaw, privacy and neurotechnology

“To infinity and beyond”

Neurolaw

Neurolaw and privacy

Privacy laws

Are the laws enough?

Where does this leave you?

Next steps

Share This Story, Choose Your Platform!

Related Posts

POPIA compliance | Achieving your goal

Personal data deletion rights: Navigating your responsibilities

How do I comply with POPI or POPIA?

Notification of security compromise to the Information Regulator | Guideline and support

Rules for the processing of health information or sex life