A few weeks ago, I started wearing a new health band. I gave it permission to eavesdrop on my side of conversations — and it has lots of opinions about them.

“You had three phrases that sounded annoyed, irritated or disgusted,” the app reported one recent evening, recapping my daily interactions. Not only that, but I had “one phrase that sounded stubborn or condescending.”

Another feature invited me to strip down to my underwear for a picture.

“Find a well-lit area and try to avoid light from behind,” a voice from the app instructed me as it prepared to conduct a high-tech, 3D body scan. “Change into minimal clothing so the camera can see your body.”

Yes, as you might have guessed by now, this is the Amazon Halo band and subscription service, part of the tech giant’s big move into health and wellness.

Thanks to its revelations, I am now painfully aware of my tone of voice, and more empathetic toward my family and friends who have to put up with me. I’ve informed the Amazon team of a feature request from my wife, who would like to receive an emailed report on my tone of voice at the end of each day.

As for the body scan, let’s just say this is one image that I won’t be publishing with this story, and for that, you’re welcome.

You might have seen reviews of Halo. The Washington Post’s Geoffrey A. Fowler and Heather Kelly wrote that it “collects the most intimate information we’ve seen from a consumer health gadget — and makes the absolute least use of it.”

Based on my own experience, I agree with the first point, but not the second. Yes, Halo pushes the limits of my comfort zone at times. I have yet to get the motivation to take a second body scan after the first experience. But I have also started to rely on several of the features, including the in-depth sleep analysis and the tone assessment — two big areas where I personally have lots of room for improvement.

The band is comfortable to wear, and the programs in the app are useful. Just this week I boosted my time in deep sleep after doing a recommended progressive muscle relaxation exercise available in the Halo app before bed.

And despite concerns from U.S. Sen. Amy Klobuchar and others about the personal data Halo collects, I’ve found Amazon to be transparent about what it’s doing, and clear in enabling me as the user to choose to participate, or not, in the more invasive aspects of the app. Yet as I learned in my reporting, Amazon could be doing even more to build trust.

On this episode of the GeekWire Health Tech Podcast, we explore the future of health — and test the limits of personal privacy — through Amazon’s new health band and service. We talk with the principal medical officer on the Amazon Halo team to get the inside details on what the company is doing, and we hear an outside assessment of Amazon’s privacy and security promises from an independent expert.

Listen to the episode above, or subscribe to GeekWire Health Tech in any podcast app, and continue reading for edited highlights.

The Amazon Halo band costs $99.99. It’s a module of sensors in a light, comfortable fabric wristband. There’s no screen. It doesn’t have all of the features offered by smartwatches like the Apple Watch, or even other fitness trackers like Fitbit.

But Amazon is looking to differentiate Halo by leveraging its technology prowess, including computer vision (for body scanning), natural language processing (for tone assessment), plus its own take on sleep analysis and activity tracking. Those features require a subscription that costs $3.99 per month after a six-month free trial.

Dr. Maulik Majmudar, Halo’s principal medical officer.

Dr. Maulik Majmudar, Halo’s principal medical officer, is a cardiologist who previously led a digital health innovation lab at Massachusetts General Hospital. When he was hired by Amazon a little more than two years ago for what was then a secret project, it was seen by outsiders as a sign of the company’s ambitions in healthcare.

“With Halo, we’ve taken a very comprehensive and holistic view of health and wellness, by focusing not only on physical health, but also the social emotional aspects of health, which are a core part of the definition of health by the World Health Organization,” he said. “So I think we’re taking this really broad view. And then also helping customers understand how to take action against the information provided in the service, as well. We’re really helping people discover what works for them individually, to help them adapt and sustain healthy health habits.”

That was a reference to science-based programs in the Halo app: videos, tips, reminders, mental and physical exercises, workouts, meditations, and other tools for improving health.

But the body scanning and tone analysis are where most of the privacy concerns come from. Amazon anticipated these concerns in a white paper before Halo was widely available, saying it has built in “strict protection mechanisms” for sensitive data.

For example, the company says body scans are processed in the cloud but encrypted during transmission and deleted after processing. The images are available thereafter only on the device.

Speech samples are encrypted during transfer via Bluetooth from the band to the smartphone, where they are processed and then deleted. The audio clips are not sent to the cloud. Amazon says no one, including the user, ever hears them.

Halo users are required to establish a unique profile separate from their Amazon account, to avoid access by others in the same household. And, to answer a question that many of you are probably wondering about, Amazon says it does not use customer health data for marketing, product recommendations or advertising, and it doesn’t sell the data. Customers also have the ability to delete their data.

Citing the Washington Post review and others, Sen. Klobuchar sent a letter to the U.S. Department of Health and Human Services expressing “serious concerns regarding recent reports on the data collection practices of Amazon’s health-tracking bracelet” and calling for stronger federal oversight of data collected by health tracking devices.

Responding to Klobuchar’s letter, Amazon took issue with its characterization of the body scan as “required,” noting that it’s an optional feature. Enabling the tone and body scan features is not just about clicking an opt-in checkbox; it’s an elaborate process that users must go through to set up both features.

For a second opinion on the privacy issues, I spoke with Christopher Budd, a GeekWire contributing writer who has worked for many years as a consultant in information security and privacy, including a 10-year stint in Microsoft’s Security Response Center. He has been critical of Amazon’s approach in other situations, such as its move to opt users in by default to letting their Echo devices serve as connection points in its Sidewalk mid-range wireless network.

I asked him, am I a fool for wearing this thing?

“When we’re talking about security and privacy, it’s all about risk assessment and trade-offs,” he said. “Give Amazon credit: In their white paper, they’ve put information out about the data they gather. They also talk about the data they don’t gather, which is a mark of maturity in talking about privacy. Assuming that you’ve read it and thought about it and made a decision about the benefits versus the information you’re handing over, you’re making a risk assessment and that is far from being an idiot. That’s being an informed consumer when it comes to security and privacy.”

But could there be another solution beyond government oversight? Halo is not classified as a medical device, and it’s not subject to HIPAA, the Health Insurance Portability and Accountability Act of 1996, which among other things established security and privacy standards for medical information. This helps to explain why Sen. Klobuchar needed to ask the Department of Health and Human Services to look into overseeing these devices.

Would Amazon ever agree to an independent privacy audit verifying that it’s living up to its privacy promises?

“We hold a very high bar internally for ourselves when it comes to customer data, and customers’ privacy and security,” Dr. Majmudar said, explaining that Amazon had a dedicated team for privacy in developing the app and service. He said Amazon is confident that the protections will be sufficient and satisfactory for its customers, and noted that it does regular quality checks of its own to ensure that it maintains its privacy promises to customers.

He referenced the company’s founder and CEO, Jeff Bezos: “As Jeff has always said, earning and maintaining customers’ trust is the most important job of this company.”

Yes, but as the saying goes, trust but verify. As a customer, I told Dr. Majmudar, I’d personally feel more comfortable with an independent privacy audit, and he took it as a point of feedback. Bringing this full circle, to the context of Sen. Klobuchar’s letter, Budd said regulation could be one way to require companies to commission this type of independent security audit of health data, and to take on the cost of doing so.

There’s actually one place where I wish Halo didn’t go as far as it does in protecting my data. In reviewing the feedback on tone of voice, users can’t see or hear the actual phrases that triggered specific feedback, and are left to guess based on the time of day the feedback was logged in the app.

A sampling of my results in the Tone feature in the Halo app.

Halo is one of several forays by Amazon into health, wellness and healthcare, even after recently ending its healthcare joint venture with JP Morgan Chase and Berkshire Hathaway.

The company recently launched its Amazon Pharmacy program, building on its acquisition of prescription-by-mail service PillPack. It also offers virtual and in-person healthcare services to employees through its Amazon Care program. Some of this has been accelerated by the pandemic. The company offers COVID-19 testing for employees, for example, and it made headlines this week for sending a letter to President Joe Biden offering to assist with the country’s vaccination efforts.

Are these initiatives independent projects, or are they part of a larger vision at the company? Dr. Majmudar was careful not to talk about future product plans but acknowledged that the different teams don’t operate completely in isolation.

“These teams do exist across Amazon, and they’re separate but with a singular focus and a shared vision of solving customer problems,” he said. “And when the opportunity is there to leverage and collaborate to actually solve the customer problem in a way that’s convenient and accessible, we partner all the time to do so.”

Before ending the podcast interview with Dr. Majmudar, I checked my Halo app to see how it assessed my side of the conversation.

“You sounded mostly focused,” it reported, “but also interested and confused.”

As I told Dr. Majmudar, that describes the natural state of a journalist during the reporting process … although the key is to eliminate the confusion before publishing.

Episode edited and produced by Josh Kerns of Cypress Point Strategic Communications.

Like what you're reading? Subscribe to GeekWire's free newsletters to catch every headline

Job Listings on GeekWork

Find more jobs on GeekWork. Employers, post a job here.