Witnesses also pointed to uneven protections under privacy laws. Most of the data collected through devices like the popular Fitbit and other fitness trackers, for instance, is not covered under the protections and usage dictates of the HIPAA statute that governs health information.
Then there is the general confusion of how the limits of data collection and usage are spelled out in privacy policies, often byzantine legal documents that can be written to afford broad latitude for device makers and application providers. Often times users are surprised to learn that they don't own their own data under those agreements, giving them little or no opportunity to edit or delete information from their profiles.
"There's clearly great potential here," said Rep. Jan Schakowsky (D-Ill.), quickly adding that "we need to make sure consumers fully understand what they're getting into."
Sign up for CIO Asia eNewsletters.