A regular contributor to The Pump Handle, Anthony Robbins, MD, MPA, and his co-editor Phyllis Freeman wrote the following editorial which is available at the Journal of Public Health Policy.
In early July 2013, James R. Clapper, Jr, United States Director of National Intelligence apologized to the Chairwoman of the Senate Select Committee on Intelligence for ‘clearly erroneous’ statements made during public testimony before the committee in March.1 In his testimony, he denied that the National Security Agency collected private data on millions of American citizens. In a television interview, after Edward Snowden, Jr, a former employee of an NSA contractor, revealed Mr Clapper’s testimony to be untrue, Mr Clapper described his perjury as the ‘least untruthful’ way to answer a question about domestic surveillance.
With this background, we return to this issue of trust,(here, here)a key element of medical care and of public health. In medical care, everyone must trust clinicians to act in the patient’s best interest, not the interest of a professional or commercial entity. In public health, trust is perhaps even more important, as public health interventions often require that the population trust the public health programs that ask people to act or submit to things for the benefit of the population, not just themselves.
From the very start of discussions about how and when to protect the privacy of health data, trust has been an accepted objective. As data use and storage have grown, concerns about privacy and maintaining trust have grown.
We always suspected that public health data and information about individuals were at risk to hackers and marketers and to careless data management practices. Now we have learned that the US Government and most other governments with spy agencies can and do break into large data systems, such as telephone and e-mail records. Today, this spying is justified as part of a ubiquitous fight against ‘terrorists’, a label that seems to justify any response.
How can we in public health act to help public health agencies protect the trust the public bestows on them? Are we promising privacy and confidentiality when we know or suspect that we are unable to protect the information we collect and hold?
In the past, the privacy protections we offered to patients and research subjects posed difficult challenges. If, for example, many years after collecting data for a study we learned that certain individuals from whom we collected data were at a risk of developing a disease where secondary prevention could be protective, what was our obligation to find and treat those people?
Now the actions of spy agencies and their contractors suggest it may not be possible to offer privacy and confidentiality at all. When jobs and livelihoods of individuals are at stake, can we promise that there will be no disclosure without getting permission from the data source? Can we promise privacy when governments have made it clear that their laws permit them access to any database? We in public health and medical care will need to determine what we can control and what we can promise in this newly recognized environment. And when we cannot promise protection from disclosure of health information, can we anticipate the consequences and engage to mitigate them?
Anthony Robbins, MD, MPA is co-Editor of the Journal of Public Health Policy. He directed the Vermont Department of Health, the Colorado Department of Health, the U.S. National Institute for Occupational Safety and Health, and the U.S. National Vaccine Program.
- Log in to post comments
One thing those gov agencies don't do, is sell the data they collect, to anyone who wants to pay.
Unlike Google and Facebook and the other entities that make up Big Data.
Nor does gov use the data against you, unless you're about to become a criminal suspect or a military target, the exception being the No-Fly list which a federal court has just ruled must be subjected to due process (a ruling I expect to stand in the Supreme Court).
As it turns out, 41% of employers now use Big Data to sniff their job applicants and their employees.
So when you post on Facebook that you're down with a migraine, and then get turned down for a job application, does it ever occur to you that maybe, just maybe, you've just been the victim of health/disability discrimination?
Or how'bout that apartment rental application? "She didn't _sound black_ on the phone, but look at these pictures... tell her it's rented."
Did you know that your credit rating may get dinged if you've "friended" people with bad credit ratings? Oh, and about that mortgage...
And the "smart" phone in your pocket? Microphone and camera and GPS tracking device, all under the control of software you can't inspect and can't modify. In some of these such as Apple iPhones, you can't even take the battery out of the device. "You can turn it off!" said Winston Smith, as O'Brien switched off his telescreen. "Yes," replied O'Brien, "we have that privilege." _You_ don't have that privilege.
As for health data, Google just filed a brief in another federal court, in San Jose, claiming that "users of its services have no expectation of privacy." No means zero, and Google's services include Gmail and Google Voice, so all those emails and phone calls are being sifted for keywords. "Advertising" is the cover story, Big Data is the real story, and _no_ expectation of privacy means Google can sell the output to whoever they choose and you can't object. Even if your only "use" of Google's services is to write to someone at a Gmail address or call them on a Google Voice number.
So let's get real about this. NSA has become a distraction. The real impact on the lives of Americans isn't that someone at Fort Meade might be able to pull up their email headers and phone bill details. It's that Google, Facebook, and the rest of 'em, with their friendly consumer wrappers, are invading privacy on a scale that some hypothetical Darth Vader at NSA could only dream about.
Mark my words.