A problem shared
In a surprise turnaround, this week NHS England announced that the giant care.data database will be delayed for six months while everyone rethinks. Private Eye, in analyzing why people are so upset about what it calls an "eminently sensible" plan to use patient data to improve the quality of medical care generally and the efficacy and efficiency of the NHS specifically, hit pretty much all the right nails accurately. The government opted us all in by default, assumed that we all trusted it to manage a giant, high-value database without troubles, offered little granularity of choice or individual control. Essentially it planned to write our collective signatures on a blank check (or cheque). Small wonder there were objections, quite apart from the fact that a lot of people didn't get the leaflet propagandizing the system.
The objections are handily explained by Ross Anderson (see also here), who includes a handy link to the MedConfidential pages explaining how to opt out. To round things out, the BBC reports on Patients4Data's attack on critics, and ComputerWeekly says the delay was forced by the Information Commissioner and privacy law.
The money quote from Private Eye: "It would have been more sensible to give patients easy access to their own data first so they can decide whether they want to pass it on." Yes. That.
Coincidentally, this week, on a panel I appeared on at Sarah Lawson described the instructions she gives fellow staff at the University of Oxford, where she is the security wrangler for a group doing clinical trials: "Imagine each piece of data as a picture of yourself naked." Yep, I can see exactly how that would work. It's a brilliantly constructed mental model to create a culture of careful data practices, and the government should take note.
It's clear that many people do want to share their data. It's also clear that many people don't. Some support for this turned up at last night's meeting of Quantified Self, where the ODI's Ulrich Atz presented the first results of a survey of self-hackers' practices and goals. Ninety percent of the 105 respondents were willing to consider sharing their data in a good cause, although at least one imposed a notable limitation: "Yes - after my death."
There are a lot of reasons why people might want to share their medical data. Anyone with a severely ill child, for example, would share all the medical details if they thought there was even the slightest chance doing so would produce a second's less suffering or a marginally better outcome. One of the earliest cases of this I'm aware of was in the early 1990s on the WELL, where member Phil Catalfo posted everything he could about his son's leukemia; other members with medical backgrounds helped the family understand what the doctors were telling them. There were other such cases in those early days; I seem to recall a Chinese cellist whose ailment was diagnosed by far-off doctors reading the publicly posted records, for example.
In these cases, though, the benefit to the patient was clear and the patient (or his trusted representative). Similarly, I think most people would agree with Ben Goldacre that patient data on a national scale provides an extraordinary opportunity to improve medical treatments for all. One of Goldacre's three points of advice for rescuing care.data is to show people the good that exploiting this data can do.
But Goldacre stops there: his other two points are that the government should come back with a clearer story and a set of unambiguous rules and principles for how the data will be shared (and to stop lying about the data being anonymized and therefore untraceable to individual patients), and that the penalties for breaking these rules should be draconian. Switching to an opt-in regime would, he says, destroy the data, as would too many people opting out.
I don't think that's going to work, and for a simple reason: governments change. Data protection law is supposed to block data collected for one purpose from being used for another - but data protection law only applies when governments haven't passed laws saying it doesn't. Even if this government comes back in six months, suitably chastened, and lays out an acceptable program of data sharing and waterboarding for violators, there is nothing to stop the government of five years from now from changing the law to vastly expand the program. Once they have the data, we have lost control. No matter how polite they get about it, they are asking for that signature on a blank check. And medical data, unlike most other sorts, is uniquely revealing not only about ourselves but about our relatives.
And that's why Private Eye's view is the right one: we. I have no idea what the data my GP has about me looks like or what would be uploaded. Does it include notes? Does it include the questions I've asked? Are there errors? Is there information that invades the medical privacy of my siblings, who do not live in the UK? Show me the data and who you want to give or sell it to. Then we'll talk.
Wendy M. Grossman Wendy M. Grossman is the 2013 winner of the Enigma Award. Her Web site has an extensive archive of her books, articles, and music, and an archive of earlier columns in this series. Stories about the border wars between cyberspace and real life are posted occasionally during the week at the net.wars Pinboard - or follow on Twitter.