It is science that threatens what is perhaps the last frontier of privacy: our minds.
In July, tech guru Elon Musk announced his company Neuralink had built a tiny Bluetooth-enabled brain chip that he hopes will be trialled next year in people with paralysis, to let them control a computer cursor with their thoughts.
Musk’s implant consists of thousands of flexible thread-like electrodes that are inserted, robotically, via a small incision in the skull into the outer layer of the brain. It’s called a brain-computer interface and harvests the same electro-encephalogram (EEG) signals as the Chinese kids’ headsets, albeit with much greater resolution.
The tech could be life-changing, but it’s also been racking up serious cachet in brain-reading circles.
It has been used to detect words, such as “cowboys” and “swimming”, that people are merely thinking about, just from their brainwaves. And last year a group led by Edward Chang at the University of California San Francisco used a related implant to detect people’s mood states.
Then in July, another group from Chang’s lab deciphered people’s answers, and the questions they were responding to, just from EEG signals.
That work merits special attention because it was funded by Facebook, whose CEO Mark Zuckerberg confirmed in a recent interview that he is pushing ahead with plans to develop a brain-machine interface that will, one day, let users don a headset to type posts with their thoughts.
Given Facebook’s questionable record on privacy, you could be forgiven for wondering if that’s a good thing; new doco The Great Hack gives chilling insight into the Cambridge Analytica breach that exposed the data of 87 million Facebook users.
In particular, one big privacy implication of any Facebook brain-to-text device was nailed by the man questioning Zuckerberg in that interview, Harvard law professor Jonathan Zittrain.
“The Fifth Amendment implications are staggering,” Zittrain said.
An all-seeing brain-computer interface could indeed render the right to remain silent – enshrined in the US Constitution – a historical curiosity.
If all that tech is backing privacy into a corner, it’s also getting pushback from some heavy hitters.
Rafael Yuste, a professor of neuroscience at New York’s Columbia University, led the team that inspired Barack Obama in 2013 to launch the multibillion-dollar BRAIN initiative, a research program aimed at mapping the wiring and firing of the human brain.
Yuste has made at least one stellar breakthrough towards that goal. In 2017 his team was the first to record the activity of the entire nervous system of an animal – the pint-sized sea-dwelling Hydra. But Yuste has another passion beyond the lab.
“My night job, so to speak, is science advocacy,” he says.
Yuste leads an international posse of 25 scientists, ethicists and engineers called the Morningside group. Eighteen months ago in an article in the journal Nature they argued that the rise of AI and brain-computer interfaces demands a new suite of rights, dubbed “neurorights”, to protect citizens. A right to “mental privacy” is among them.
His advocacy role took Yuste to an unlikely destination this year. He’s been in Chile trying, with doctor and politician Senator Guido Girardi, to amend that country’s constitution. They want to enshrine brain data protection as a human right and, to that end, have two bills before parliament slated for a vote in November.
Neural data, defined as data taken from brain devices, either invasive or non-invasive, should be defined with the same rigour legally as organ transplantation, says Yuste.
As happens with kidney donation, he says, the output of our “mental organ” must not be traded commercially.
“One of the bills that we’re introducing in the Chilean parliament legally defines the concept of neural data and makes it illegal to buy or sell it.”
Yuste’s ambitions, however, are global. He wants neural data protections written into the United Nations Universal Declaration of Human Rights. As it happens, the current UN High Commissioner for Human Rights is Michelle Bachelet, former president of Chile.
“This was not the reason we did this in Chile, but I hope it helps,” says Yuste.
The cutting edge of brain reading is still confined to hi-tech labs, but there are plenty of punters who will want to know what data can be siphoned from over-the-counter “neurowearables”. EEG-reading headsets are commercially available for a range of applications, including monitoring mental health and using thoughts to control drones and video games – something called neurogaming.
Marcello Ienca, a bioethics academic at Swiss technology university ETH Zurich, says those users face some unique vulnerabilities.
“It is possible that a malevolent third-party hacker accesses brain signals in an unauthorised manner,” he says.
“This is something that could be easily done in the neurogaming domain because you always have brain activity being measured while visual stimuli are being presented in a virtual environment.”
Hackers, says Ienca, could send malware into a game that flashed images of different banks and random numbers. EEG sensors can mine something called a P300 signal, a spike on the trace when a person sees something they recognise. Using P300 spikes, hackers could work out the person’s bank and their four-digit PIN number, something that’s been shown in a proof-of-concept study.
Last year, a group in Toronto used brainwave data from scalp electrodes to reconstruct faces people had seen. It’s an advance that conjures dystopian visions of courts issuing subpoenas for brain data to use as eyewitness testimony, to a murder for example. Granting the tech could ever be reliable enough to meet an evidence requirement, Ienca has plenty of issues with it.
“People should not be forced to share content related to their mental states against their will,” he says.
Ienca says this could infringe on the right against self-incrimination, if brain data were used to implicate the person in a felony. Ienca also believes extracting brain data under duress could strike at our very core, undermining freedom of thought, a right chiselled into the International Covenant on Civil and Political Rights.
“Part of what amounts to being a person is having conscious control over the thoughts that we want to share and the thoughts that we want to seclude,” says Ienca.
“Once that conscious control is eliminated, the very idea of being an independent person and having personal identity might be undermined.”
China may well be a litmus test for where this tech is heading. Last year the South China Morning Post reported Chinese train drivers were being fitted with EEG readers in their hat bands. The stated purpose was to monitor stress and improve performance.
“I think this is very problematic from an ethical perspective because it is an act of coercion, either explicit or implicit,” says Ienca.
The explicit scenario, says Ienca, might be a threat of getting fired if you refuse. Implicit coercion exists in the “competitive disadvantage” that comes from not putting your hand up for brain monitoring.
“Either scenario is frightening,” says Ienca.
The rising threat to mental privacy from neurotech comes as Australia overhauls its own privacy regulation. In March the federal government announced new protections and penalties under the Privacy Act in the face of an “explosion in major social media and online platforms that trade in personal information”.
And in July, the Australian Competition and Consumer Commission released the final report of its Digital Platforms Inquiry. It recommends a raft of new privacy measures targeting players such as Facebook and Google, including the right for users to have their data erased.
I asked David Watts, professor of Information Law and Policy at La Trobe University and former privacy commissioner for Victoria, if these changes mitigate the privacy threats posed by brain tech.
“No,” he said. “Because all they do is tinker at the edges and this technology is so fundamentally transformative that tinkering around the edges is just not good enough … they still rely on consent and consent can be gamed.
“You’re likely to be offered products and services that are so compelling you’ll give up consent or you won’t even read about it, you’ll just tick the box,” Watts says.
The remedy, he says, lies in part in the template of Europe’s General Data Protection Regulation, implemented last year. It offers a right to opt out of “automated processing”, the compiling of personal profiles from user data. It also gives the right to an explanation from a human about how an algorithm made a decision about you – for example, to downgrade your credit rating or refuse you a home loan.
But Watts finds the spectre of brain intrusion so alarming that even stronger measures are warranted.
“I would add an absolute right, that could not be foregone by consent, to prevent and criminalise the upload or using of people’s brain waves, or their thoughts, for any purpose that was not specifically related to the treatment of certain medical conditions,” he says.
In 2017 The Economist pronounced that data is now worth more than oil. Watts is only too aware that even medical device manufacturers may be conflicted once in possession of users’ increasingly valuable brain data. Such data would be of undoubted interest to political parties, adding insights beyond even the laser-like voter profiling seen in the 2016 US election.
“This is an incredibly refined version of that. It makes it look like caster sugar as compared to molasses,” says Watts.
Amid the fears around emerging neurotech there is a tempering voice. It belongs to Associate Professor Adrian Carter, a neuroethicist at Monash University in Melbourne.
“I come back to not overhyping what these technologies can do,” says Carter.
Carter points out the data tech behemoths have on us now already gives them profound insights into our behaviour. Chain store Target’s claimed ability to know which of its customers is pregnant has been a much-publicised example.
“I don’t think there is anything particularly special about brain data. Our interaction with smartphones is a surrogate measure of what’s going on in the brain,” says Carter.
Mindstrong Health, says Carter, has an app they claim could one day help diagnose Parkinson’s disease using your scrolling, tapping and swiping behaviour on a smartphone.
“People get really pent up or particularly worried about brain data, as if that is somehow more true or more real than other forms of data,” says Carter.
So does Carter think these brain technologies pose a threat to mental privacy?
“They do. But at this stage not beyond the current technology that surrounds smartphones and other kinds of devices.”
Carter may well be right. But Ienca points out that rolling advances in gene technology mean we now know much more about genetic data that was collected back in the 1990s.
“Once the data are collected they will be there to stay,” says Ienca.
“We have limited ability to read and decode those data today but we might be very able to decode those data 20 years from now with better analytic techniques.”
Yuste offers an addendum on just how deep that analysis could run.
“I think that we should treat neural data as sacred, because that’s actually not just our minds, our intentions, but it’s also our subconscious,” he says.
“In principle you should be able to decode not just what people are thinking but what they don’t know they’re thinking.”
Yuste is deeply impressed by the work of US neuroscientist Jack Gallant. Almost unbelievably, Gallant has recreated videos people have seen by decoding their brain activity on MRI scans. That decoding can include words linked to images the person saw, such as “water” and “wave” for a beach scene. Yuste recalls one scene in which a woman appears.
“All kinds of words are flashing in the decoder, and it doesn’t take too much to think that maybe some of those words are private feelings that the person has for a particular woman … and maybe even the person is not aware of the extent of those feelings,” says Yuste.
Which raises the intriguing possibility that someone else could know your thoughts better than you do.
Ienca sees these advances as the final iteration in what has been an inexorable undermining of privacy in recent years.
“The very last step of this privacy erosion process is making brain information transparent, dismantling the firewalls of the human brain,” he says.
What we need, says Ienca, is a firm grasp on the precautionary principle, a rule of thumb whose short form is, roughly, “better safe than sorry”.
It’s a maxim that may well start to get more airplay as disillusion grows with the mantra of Facebook’s Zuckerberg.
In case anyone needs reminding, that mantra is “move fast and break things”.