Authorities from Ohio arrested a man named Ross Compton and charged him with arson and insurance fraud based on his pacemaker data. Compton told the police that when he saw his house burning on September 19th last year, he packed his suitcases, threw them out his bedroom window and carried them to his car. However, since has a serious heart condition and other medical issues that would have made it extremely difficult for him to do all those, the cops were able to secure a search warrant for his pacemaker data.
According to court documents, a cardiologist who reviewed his heart rate, pacer demand and cardiac rhythms before, during and after the fire said:
“…it is highly improbable Mr. Compton would have been able to collect, pack and remove the number of items from the house, exit his bedroom window and carry numerous large and heavy items to the front of his residence during the short period of time he has indicated due to his medical conditions.”
That data became a key piece of evidence that allowed law enforcement to indict the accused, though they also detected gasoline on his shoes and clothing. The fire ended up causing $400,000 in damages. Whether or not Compton is truly guilty, Electronic Frontier Foundation staff lawyer Stephanie Lacambra told SC Magazine that cases like this “could be the canary in the coal mine concerning the larger privacy implications of using a person’s medical data.”
She explained:
“Americans shouldn’t have to make a choice between health and privacy. We as a society value our rights to maintain privacy over personal and medical information, and compelling citizens to turn over protected health data to law enforcement erodes those rights.”