In recent times, a slew of products that promise myriad health benefits by targeting your brain have been steadily gaining interest. Though intriguing, the jury’s still out on whether or not they actually work.
Also, they may be monetizing your brainwaves.
This is according to US democratic senators Maria Cantwell, Chuck Schumer, and Ed Markey, who sent a letter to the Federal Trade Commission calling for an investigation into how these companies deal with user data, urging them to enforce stricter regulations on data-sharing policies.
The senators raise the key issue of the rapid development and commercialization of brain-computer interface (BCI) technologies. BCI systems allow brains and external devices to communicate, converting neural activity into commands. Because it’s a burgeoning technology, companies can get away with collecting users’ neural data without clear consent. The senators point out that such data is the most deeply sensitive and personal to a person, and has the potential to “reveal mental health conditions, emotional states, and cognitive patterns, even when anonymized.”
While you might first think of something like Elon Musk’s Neuralink brain implant when you hear the word neurotech, not all products are so invasive, nor are they subject to the same data protection practices. Neuralink is considered a medical device, so it is subject to the Health Insurance Portability and Accountability Act (HIPAA) protection practices. Wellness devices, however, are not.
A variety of such wellness devices have popped up in recent years, promising to reduce depression and anxiety and help you sleep, among other things. Scientific data for many of these products is lacking.
The letter also refers to a 2024 report by the Neurorights Foundation that further supports the severity of the issue. For the report, the foundation inspected 30 consumer-facing BCI companies that people can buy without the assistance of a medical professional. It discovered that most neurotech companies have few user data safeguards and are permitted to share this data with third parties.
These companies also make it difficult for users to opt out of third-party data sharing. Half the companies allow consumers to revoke consent for data processing, and only 14 let them delete their data. Sometimes, data deletion was location-specific, with some only letting users in the European Union delete their data.
Schumer told The Verge, “Neural data is the most private, personal, and powerful information we have—and no company should be allowed to harvest it without transparency, ironclad consent, and strict guardrails. Yet companies are collecting it with vague policies and zero transparency.”
So, if you’re thinking of adding a neurotech product to your gadget arsenal or you already have one, be sure to read the fine print and find out exactly how the company is using your data and whether or not you can do anything about it.
Cora is a digital copywriter for SSLs.com. Having eight years of experience in online content creation, she is a versatile writer with an interest in a wide variety of topics, ranging from technology to marketing.