How would you weigh the choice to have a pacemaker implanted if you knew that information from the device could be used against you in a criminal case? A man in Ohio is having his own cardiac rhythm used against him as he faces charges of aggravated arson and insurance fraud. This week, he pleaded not guilty to those charges.

Police say that the 59-year-old man set fire to his own home, causing about $400,000 in damage. Local paper the Journal-News reported that on the scene, police saw that what the defendant said was “inconsistent” with the evidence.

The defendant’s account was that he was in his second-floor bedroom when the fire fire began. He noticed it, packed some important items in a few suitcases, broke the window with his cane, threw his luggage out the window, and escaped the house, dragging his luggage to the car.

Maybe he could have done all that very slowly, but it was clear to police that given his health problems, the man didn’t do it in the minutes before he fled the house. They obtained a court order for the data recorded by his pacemaker for that period.

A cardiologist analyzed the data and offered an expert opinion that it was “highly improbable” that the defendant performed all of those actions, based on the recorded data about his heart rate, usage of the pacemaker, and cardiac rhythms during the period when he claimed to have been throwing suitcases out of windows and rushing down the stairs. The evidence showed that he was not doing those things.

This is perhaps a net positive for justice, but problematic for personal privacy: the wearer can’t take a pacemaker or other implantable device off, can’t erase the recorded data on their own, and under current regulations doesn’t have control over the information that it records about them. Which can be used in prosecutions, apparently.