Skip to main content

Thank you for visiting You are using a browser version with limited support for CSS. To obtain the best experience, we recommend you use a more up to date browser (or turn off compatibility mode in Internet Explorer). In the meantime, to ensure continued support, we are displaying the site without styles and JavaScript.

Physiological data must remain confidential

Electronic devices that track our emotions, heart rate or brain waves should be regulated to protect individual privacy, says Stephen Fairclough.

How many people have beneath their television a shiny Xbox One? This new console is significant, and not just for its games and graphics. It is fitted with a camera that can monitor the heart rate of people sitting in the same room. The sensor is primarily designed for exercise games, allowing players to monitor heart changes during physical activity, but, in principle, the same type of system could monitor and pass on details of physiological responses to TV advertisements, horror movies or even party political broadcasts.

The Xbox One is the first consumer electronic hardware to permanently integrate a technology called physiological computing. Those of us who work in this field aim to transform the way that people use, control and interact with electronic devices in everyday life. But like all technology it has a darker side, and chief among the concerns is the potential infringement of privacy. The mass appeal of the Xbox One suggests the probable broad reach of such tools, and now is a good time to consider both the benefits and risks of the technology — particularly in the wake of the first international conference devoted to this topic, which took place last week in Lisbon (

Most people do not consider the human body to be a transmitter, but our nervous systems constantly generate data — from the first pulse of a fetal heartbeat to a dying breath. Physiological computing converts these data to control inputs for a computing system, using the signals as a proxy for the conventional keyboard and mouse. Brain–computer interfaces, for example, can already move a cursor on a screen in response to electrical fluctuations in the brain.

The same technology can monitor spontaneous activity from the brain and body to infer a computer user’s emotional and cognitive state. For instance, moods such as anger or frustration can be detected from specific changes in cardiovascular activity and breathing patterns. And increased concentration on difficult mental tasks produces characteristic changes in brain activation that can be picked up in an electroencephalogram (EEG).

Scientists want to use these physiological changes to create technology that can respond to the circumstances and adjust conditions to improve the quality of the human–computer interaction. A desktop computer that can recognize frustration from cardiac data could be programmed to offer help or even to play soothing music; sensors in a phone could spot stress during a fraught journey in heavy traffic or poor weather and automatically divert all calls to voicemail. This scenario, in which software adapts in a proactive and implicit way to dynamic signals from the user, represents a radical departure from how we currently interact with computers.

Information gathered on a person’s physiology should be considered to be owned by that person.

A good example is digital health, in which wireless devices and sensors can record physiological activity to offer a wealth of quantitative information about lifestyle and well-being. These data can reveal the impact of changes in exercise or diet on physiological markers such as cardiovascular activity. A colleague who wore a chest band non-stop for a year to monitor his heart rate learned, for example, how workload affected his sleeping patterns. This type of ambulatory measurement — and the cumulative gathering of information — delivers big data at the level of the individual.

Until now, the main barrier to developing this technology has been the scarcity of sensors that are both inconspicuous and capable of delivering high-quality data. But the field of wearable sensors is evolving at an extraordinary pace. The traditional image of the laboratory participant festooned in wires is being replaced by one in which discreet, ambulatory sensors stream data to mobile devices. The ubiquity of cameras on smartphones means that, with the right app, heart rate can be detected from the finger or even remotely from the face. As sensors improve, so too will their public acceptance. Their spread, in turn, will boost the quality of the data they can generate and the number of uses to which they can be applied. For example, continuous monitoring of EEGs using ambulatory equipment can reveal patterns of brain activity characteristic of epilepsy — useful information not only for individuals but also for the health-insurance industry. And these advances prompt questions such as: who owns the data? Who should be allowed to gather and store this information?

As a researcher, I would never monitor the physiology of a person in the lab or field without consent. But privacy concerns are real, and I think that most people would be more comfortable with this type of technology if protection or regulation were in place sooner rather than later. Advances in genomics and gene sequencing have raised legitimate concerns about the ability of third parties to covertly obtain and screen someone’s DNA — taken perhaps from a used coffee cup to test for paternity when it is disputed, for instance. (UK law demands consent for such tests.) Similarly, the field of physiological computing needs to decide on rules and guidelines for researchers and others.

We are at the start of this debate, but there is one key point that should underpin all future discussions. Information gathered on a person’s physiology should be considered to be owned by that person. The default position must be that these data should be confidential in the same way as medical records, for that is what they are.

Author information

Authors and Affiliations


Related links

Related links

Related links in Nature Research

Computer science: The learning machines 2014-Jan-08

Academics should not remain silent on hacking 2013-Dec-18

Computers: Privacy and the Computer 1970-Nov-21

Related external links

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Fairclough, S. Physiological data must remain confidential. Nature 505, 263 (2014).

Download citation

  • Published:

  • Issue Date:

  • DOI:

Further reading


Quick links

Nature Briefing

Sign up for the Nature Briefing newsletter — what matters in science, free to your inbox daily.

Get the most important science stories of the day, free in your inbox. Sign up for Nature Briefing