Wearable Technology Forensics
Wearable technology is no longer reserved for the technophile. We have witnessed the rapid adoption of wearable electronic devices by the population at large, driven primarily by fitness wearables and tech-fashion like the Apple Watch.
Wearable technology can be beneficial for busy professionals by keeping them updated with notifications on the go, fitness enthusiasts by tracking their workouts, and even the elderly and infirm by notifying emergency services if the device detects an adverse medical event. However, for these devices to operate as intended, they have to collect data about the wearer, including their location, biometric data, social media, calendar, and more.
Smartwatch and Fitness Wearable Data
Smartwatches and fitness trackers commonly record data such as:
- Steps taken
- Stair climbed
- Heart rate
- Heart rate variability
- Sleep duration
- Sleep type (light, deep, REM)
- Location history
- Stress levels
- Medical events
While cell phones and computers are a tremendous source of evidence concerning what you create and consume, wearable technology is collecting highly personal data about you, including your location activity, biometric data, sleep patterns, markers of healthiness and disease, and physical activity. This data has many uses in an investigation, like confirming or challenging an alibi. For example, if someone's heart rate is consistent with sleeping, but they claim they were assaulted at that time, the data may be evidence that the story should be questioned.
Medical Ingestibles and Insertables
Medical devices that are ingested or inserted into the patient's body are becoming more prevalent and are creating data that is collected via applications on cell phones, computers, and in the cloud. This information can then be shared with the health practitioners, the patient's family, and the patients themselves in real or near real-time. Primary drivers for these devices include patient compliance and risk management.
For example, ingestible pills that are both medication delivery and IoT (Internet of Things) have been created to determine if a patient is actually taking their medication as prescribed. This could also include continual glucose monitors and other inserted or consumed devices that record health data.
Regardless of the device, they transmit this data back to an online cloud-based application, a mobile phone, or a computer for processing and long-term storage. This data can then be recovered by a digital forensics professional.
Accessing Wearable Device Data
When an activity tracker uses sensors to gather and transmit heart rate activity and steps, the data is usually not stored on the device itself. It is sent to another device or data repository with the processing power and storage capacity to handle the information that the device has collected. These repositories, like computers, mobile phones, and cloud-based accounts can be examined for evidence. However, there are unique issues surrounding IoT data preservation and collection.
Collecting the information sometimes must be done through cutting-edge or non-traditional methods within the digital forensic community. In these instances, it is paramount that the data collection be done by a professional in a way that complies with the best evidence rules and acceptable industry standards for digital forensics.