“Just put your fitness tracker on the dog and let the dog run around in the yard.”

“I simply lied on the health risk assessment about the questions that were none of their business.”

“I can put my step counter on my two-year-old. She takes lots of steps!”

These are the kinds of comments I hear as I talk and write about data collected in workplace wellness programs. Whether the issue is invasive health risk assessments or health and fitness trackers that employees must wear to collect “points” or qualify for financial incentives, people often tell me that wellness-related surveillance is easy to circumvent by lying. This kind of individual resistance may seem like an attractive way to maintain privacy, but it has significant downsides for the individual and doesn’t solve the problem of employer intrusion into private lives outside work.

If an employer discovers that an employee is collecting incentives without complying with wellness program requirements, the employee can be labeled as a thief and a liar. In a prior job I managed a hotline where employees could report violations of the company’s ethics policies. The hotline got regular calls about “theft of time,” i.e., someone repeatedly leaving early or coming in late. The company investigated all reports. In many cases we found that the “theft” did not exist; the employee had an excused absence that the co-workers didn’t know about. However, in cases when we found unexcused absences, employees were counseled or disciplined, depending on the scope of the offense.

The situation with wellness incentives is likely to be similar. People who think that they can sign up for wellness incentives and then cheat the system, need to think about what would happen if they are caught. With ever-increasing amount of data and more powerful analytic tools, not to mention the ubiquitous cell-phone photos uploaded to social networks, the old-fashioned “rat call” may not even be necessary.

What’s more, the anticipation of individual resistance leads to more and tighter surveillance. The National Business Group on Health encourages the collection of “measured” data whenever possible in order to avoid problems with self-reported data. Wellness programs already prefer measured data or data collected by third parties to self-reported data. For example, instead of asking employees whether they smoke, health plans and wellness programs administer drug tests for nicotine or its metabolites. Instead of asking employees how much they exercise, wellness vendors verify gym attendance via a data feed or ask employees to link fitness trackers directly to wellness accounts. As I have written before, data produced by devices and sensors is not necessarily more accurate than self-reported data, and it is more difficult to dispute and correct. Nevertheless, wellness vendors have greater trust in such data, especially if they suspect that program participants might deliberately mislead them.

If cheating is widespread, there will also be an increasing push to tie fitness tracking devices more closely to individuals who wear them. The devices may acquire biometric activation features and may perform periodic biometric authentication while in use. As biometric technology becomes less expensive, I expect more fitness trackers to include these features. Tying an expensive device like iWatch to its authorized wearer would provide theft protection, clearly a benefit for the device owner. It would also provide a way to ensure that the data generated by the device is the data of the individual being measured.

I also expect device manufacturers and analytics companies to evolve better algorithms to distinguish between people or between a person and a dog. Several recent studies have shown how few data points are needed to identify unique individuals even from de-identified location or credit card transaction data. Fitness trackers collect large amounts of data through frequent and repeated sampling, giving analytics engines plenty to work with. Fitness tracker manufacturers and wellness vendors have strong incentives to correctly attribute this data to specific individuals not just to reduce fraud but also to improve linkage with other data and increase possibilities for monetization.

The most important reason to address surveillance in wellness programs through policy rather than circumvention is that policy-based solutions change the way societies function. When we permit surveillance to exist while quietly getting around it, we create an environment in which normally honest people can be sanctioned for routinely violating the rules. Employers can let pass any number of infractions for any length of time at their discretion. However, when they need to pressure someone, they have the means to do it. Knowing that one is being dishonest, even for the best reasons, but not knowing when one might get caught or what will happen then, can lead people to live in fear of being discovered, of being reported, of losing something they value. This is why surveillance is so effective for controlling behavior.

For resistance to lead to change, people must resist publicly. Well-publicized resistance to intrusive health risk assessments led Penn State to rescind the penalties associated with refusing to participate. The Equal Employment Opportunity Commission’s challenge to the legality of high wellness incentives is now in court because several people filed complaints against their employers. Resisting alone, quietly, will not lead to change. Will enough people take a public stand to protect private lives from intrusions by wellness programs?

Originally published on LinkedIn on February 11, 2015