Your health records are online, and Amazon wants you to wear Alexa on your face

Your health records are online, and Amazon wants you to wear Alexa on your face

This week’s news was flooded with a wealth of sensitive medical information landing on the internet, and perhaps, in the wrong hands. Sixteen million patient scans were exposed online, the European Court of Justice ruled Google does not need to remove links to sensitive information, and Amazon released new Alexa products for you to wear everywhere you go.

Over five million patients have had their privacy breached and their private health information exposed online. These documents contain highly sensitive data, like names, birthdays, and in some cases, social security numbers. Worse, the list of compromised medical record systems is rapidly increasing, and the data can all be accessed with a traditional web browser. In fact, Jackie Singh, a cybersecurity researcher and chief executive of the consulting firm Spyglass Security, reports “[i]t’s not even hacking,” because the data is so easily accessible to the average person (Source).

One of these systems belongs to MobilexUSA, whose records, which showed patients’ names, date of birth, doctors, and a list of procedures, were found online (Source

Experts report that this could be a direct violation of HIPAA and many warn that the potential consequences of this leak are devastating, as medical data is so sensitive, and if in the wrong hands, could be used maliciously (Source).

According to Oleg Pianykh, the director of medical analytics at Massachusetts General Hospital’s radiology department, “[m]edical-data security has never been soundly built into the clinical data or devices, and is still largely theoretical and does not exist in practice.” (Source

Such a statement signals a privacy crisis in the healthcare industry that requires a desperate fix. According to Pianykh, the problem is not a lack of regulatory standards, but rather that “medical device makers don’t follow them.” (Source) If that is the case, should we expect HIPAA to crackdown the same way GDPR has?

With a patient’s privacy up in the air in the US, a citizens’ “Right to be Forgotten” in the EU is also being questioned. 

The “Right to be Forgotten” states that “personal data must be erased immediately where the data are no longer needed for their original processing purpose, or the data subject has withdrawn [their] consent” (Source). This means that upon request, a data “controller” must erase any personal data in whatever means necessary, whether that is physical destruction or permanently over-writing data with “special software.” (Source)

When this law was codified in the General Data Protection Regulation (GDPR), it was implemented to govern over Europe. Yet, France’s CNIL fined Google, an American company, $110,000 in 2016 for refusing to remove private data from search results. Google argued changes should not need to be applied to the google.com domain or other non-European sites (Source). 

On Tuesday, The European Court of Justice agreed and ruled that Google is under no obligation to extend EU rules beyond European borders by removing links to sensitive personal data (Source). However, the court made a distinct point that Google “must impose new measures to discourage internet users from going outside the EU to find that information.” (Source) This decision sets a precedent for the application of a nation’s laws outside its borders when it comes to digital data. 

While the EU has a firm stance on the right to be forgotten, Amazon makes clear that you can “automatically delete [your] voice data”… every three to eighteen months (Source). The lack of immediate erasure is potentially troublesome for those concerned with their privacy, especially alongside the new product launch, which will move Alexa out of your home and onto your body.

On Wednesday, Amazon launched Alexa earbuds (Echo Buds), glasses (Echo Frames), and rings (Echo Loop). The earbuds are available on the marketplace, but the latter two are an experiment and are only available by invitation for the time being (Source). 

With these products, you will be able to access Alexa support wherever you are, and in the case of the EchoBuds, harness the noise-reduction technology of Bose for only USD $130 (Source). However, while these products promise to make your life more convenient, in using these products Amazon will be able to monitor your daily routines, behaviour, quirks, and more. 

Amazon specified that their goal is to make Alexa “ubiquitous” and “ambient” by spreading it everywhere, including our homes, appliances, cars, and now, our bodies. Yet, at the same time as they open up about their strategy for lifestyle dominance, Amazon claims to prioritize privacy, as the first tech giant to allow users to opt-out of their voice data being transcribed and listened to by employees. Despite this, it is clear that “Alexa’s ambition and a truly privacy-centric customer experience do not go hand in hand.” (Source). 

With Amazon spreading into wearables, Google winning the “Right to be Forgotten” case, and patient records being exposed online, this week is wrapping up to be a black mark on user privacy. Stay tuned for our next weekly news blog to learn about how things shape up. 

Join our newsletter


CryptoNumerics Partners with TrustArc on Privacy Insight Webinar

CryptoNumerics Partners with TrustArc on Privacy Insight Webinar

We’re excited to partner up with TrustArc on their Privacy Insight Series on Thursday, September 26th at 12pm ET to talk about “Leveraging the Power of Automated Intelligence for Privacy Management”! 

With the increasing prevalence of privacy technology, how can the privacy industry leverage the benefits of artificial intelligence and machine learning to drive efficiencies in privacy program management? Many papers have been written on managing the potential privacy issues of automated decision-making, but far fewer on how the profession can utilize the benefits of technology to automate and simplify privacy program management.

Privacy tools are starting to leverage technology to incorporate powerful algorithms to automate repetitive, time-consuming tasks. Automation can generate significant cost and time savings, increase quality, and free up the privacy office’s limited resources to focus on more substantive and strategic work. This session will bring together expert panelists who can share examples of leveraging intelligence within a wide variety of privacy management functions.

 

Key takeaways from this webinar:
  • Understand the difference between artificial Intelligence, machine learning, intelligent systems and algorithms
  • Hear examples of the benefits of using intelligence to manage privacy compliance
  • Understand how to incorporate intelligence into your internal program and/or client programs to improve efficiencies

Register Now!

Can’t make it? Register anyway – TrustArc will automatically send you an email with both the slides and recording after the webinar.

To read more privacy articles, click here.

This content was originally posted on TrustArc’s website. Click here to view the original post.

Join our newsletter


Protect Your Data Throughout the Pipeline

Protect Your Data Throughout the Pipeline

Organizations all over the world have embraced the opportunity that data and analytics present. Millions of dollars are spent every year in designing and implementing data pipelines that allow organizations to extract value from their data. However, data misuse and data breaches have led government bodies to promote regulations such as GDPR, CCPA, and HIPAA, bestowing privacy rights upon consumers and placing responsibilities upon businesses.

Maximizing data value is essential, but, privacy regulations must be satisfied when doing so. This is achievable by implementing privacy-protecting techniques throughout the data pipeline to avoid compliance risks. 

Before introducing the privacy-protecting techniques, it is important to understand the four stages of the data pipeline:

  1. Data Acquisition: first off, the data must be acquired, which can be either generated internally or externally from third parties.
  2. Data Organization: the data is now stored for future use, and needs to be protected along the pipeline to avoid misuse and breaches. This can be achieved using access controls.
  3. Data Analysis: the data must now be opened up and mobilized in order to analyze it, which allows for a better understanding of an organization’s operations and customers, as well as improved forecasting.
  4. Data Publishing: analysis results are published, and/or internal data is shared with another party. 

Now that we have talked about the 4 stages of the data pipeline, let’s go over the sixteen privacy-protecting techniques that can be implemented throughout the pipeline to make it privacy-protected.

These techniques can be categorized based on their function into four groups: randomizing, sanitizing, output, and distributed computing.

Within the randomizing group, there are two techniques: additive and multiplicative noise. In applying these techniques, random noise is added or multiplied on the individual’s record to transform the data. These techniques can be used in the Data Acquisition stage of the data pipeline. 

The sanitizing group has five privacy techniques in it. The first technique is k-anonymity, where identifiable attributes of any record in a particular database are indistinguishable from at least one other record. Next comes l-diversity, which is an extension of k-anonymity. However, this technique solves the k-anonymity shortfall by making sure there is a diversity of sensitive information in each group. Another technique is t-closeness, which makes sure that the distribution of sensitive elements in each group remains the same as the distribution in the whole group. This technique is used to prevent attribute disclosure by maintaining a ‘t’ threshold. Additionally, there is the personalized privacy technique, in which privacy levels are defined and customized by owners. The last technique in this group is ε-differential privacy, which ensures any single record does not affect the overall outcome of the data’s analysis. These techniques can be used in the Data Acquisition stage, Data Organization stage, and the Data Publishing stage of the data pipeline. 

The output group has three techniques, which are used to reduce the inference of sensitive information from the output of any algorithm. The first technique is known as association rule hiding, where information used to exploit privacy can be taken from the rules identified in the data set. Next, there is the downgrading classifier effectiveness technique, where data is sanitized to reduce the classifier’s effectiveness to prevent information from being leaked. Finally, the query auditing and inference control technique, where data queries can output data that can be used to detect sensitive information. These techniques can be applied to the Data Publishing stage of the data pipeline. 

Last but not least, the distributed computing group, made up of seven privacy-protecting techniques. 1-out-of-2 oblivious transfer is where two messages are sent, but only one out of the two messages, are received and encrypted. Another technique in this group is homomorphic encryption, a method of performing a calculation on encrypted information (ciphertext) without decrypting it (to plaintext) first. Secure sum receives the sum of inputs without revealing these inputs to others. Secure set union shares and creates a union of sets without compromising the owners of each set. Secure size of intersection figures out the size of the data set’s intersection without revealing the data itself. The scalar product technique computes the scalar product between two vectors without revealing the input vector to each other’s party. Finally, the private set intersection technique computes the intersection of two sets from each party without revealing anything else. This technique can be used in the Data Acquisition stage, as well. All of the techniques from the distributed computing group prevent access to original, raw data while allowing analysis to be performed. All of these techniques can be applied to the Data Analysis stage and Data Publishing stage of the data pipeline. Homomorphic encryption can also be used in the Data Organization stage of the data pipeline.

These sixteen techniques help protect data’s privacy throughout the data pipeline. For a visual view on the privacy-exposed pipeline versus the privacy-protected pipeline, download our Data Pipeline infographic

For more information, or to find out how to privacy-protect your data, contact us today at [email protected].
Join our newsletter


How Google Can Solve its Privacy Problems

How Google Can Solve its Privacy Problems

Google and the University of Chicago’s Medical Center have made headlines for the wrong reasons.  According to a June 26th New York Times report, a lawsuit filed in the US District Court for Northern Illinois alleged that a data-sharing partnership between the University of Chicago’s Medical Center and Google had “shared too much personal information,” without appropriate consent. Though the data sets had ostensibly been anonymized, the potential for re-identification was too high. Therefore, they had compromised the privacy rights of the individual named in the lawsuit.

The project was touted as a way to improve predictions in medicine and realize the utility of electronic health records through data science. Its coverage today instead focuses on risks to patients and invasions of privacy. Across industries like finance, retail, telecom, and more, the same potential for positive impact through data science exists, as does the potential for exposure-risk to consumers. The potential value created through data science is such that institutions must figure out how to address privacy concerns.

No one wants their medical records and sensitive information to be exposed. Yet, they do want research to progress and to benefit from innovation. That is the dilemma faced by individuals today. People are okay with their data being used in medical research, so long as their data is protected and cannot be used to re-identify them. So where did the University of Chicago go wrong in sharing data with Google — and was it a case of negligence, ignorance, or a lack of investment?

The basis of the lawsuit claims that the data shared between the two parties were still susceptible to re-identification through inference attacks and mosaic effects. Though the data sets had been stripped of direct identifiers and anonymized, they still contained date stamps of when patients checked in and out of the hospital. When combined with other data that Google held separately, like location data from phones and mapping apps, the university’s data could be used to re-identify individuals in the data set. Free text medical notes from doctors, though de-identified in some fashion, were also contained in the data set, further compounding the exposure of private information.

Inference attacks and mosaic effect methods combine information from different data sets to re-identify individuals. They are now well-documented realities that institutions cannot be excused for being ignorant of. Indirect identifiers must also be assessed for the risk of re-identification of an individual and included when considering privacy-protection. 

Significant advancements in data science have led to improvements in data privacy technologies, and controls for data collaboration. Autonomous, systematic, meta-data classification, and re-identification risk assessment and scoring, are two processes that would have made an immediate difference in this case. Differential privacy and Secure Multiparty-Computation are two others.

Privacy automation systems encompassing these technologies are a reality today. Privacy management is often seen as an additional overhead cost to data science projects. That is a mistake. Tactical use of data security solutions, like encryption and hashing, to privacy-protect data sets are also not enough, as can be attested to by the victims of this case.

As we saw with Cybersecurity over the last decade, it took several years and continued data theft and hacks making headlines before organizations implemented advanced Cybersecurity and intrusion detection systems. Cybersecurity solutions are now seen as an essential component of an enterprise’s infrastructure and have a commitment at the board level to keep company data safe and their brand untarnished. Boards must reflect on the negative outcomes of lawsuits like this one, where the identity of its customers are being compromised, and their trust damaged. 

Today, data science projects without advanced automated privacy protection solutions should not pass internal privacy governance and data compliance. Additionally, these projects should not use customer data, even if the data is anonymized, until automated privacy risk assessments solutions can accurately reveal the level of re-identification risk (inclusive of inference attacks, and the mosaic effect).  

With the sensitivity around privacy in data science projects in our public discourse today, any enterprise not investing and implementing advanced privacy management systems only exposes itself as having no regard for the ethical use of customer data. The potential for harm is not a matter of if, but when.

Join our newsletter


Do You Know What Your Data is Worth?

Do You Know What Your Data is Worth?

Facebook privacy issues

Do You Know What Your Data is Worth?

Your data is more than your name, age, gender, and address. It is your Google searches, tweets, comments, time spent on videos and posts, purchasing behaviours, smart home assistant commands, and much more.

There is a new bill in the U.S. Senate, hoping to enforce technology companies to disclose the actual value of their data to their users. While this proposed law, seeks to further protect individuals’ privacy, prescribing a dollar amount to someone’s data is more difficult that it seems. Currently, evaluations range from $1.00 USD for an average person’s data to $100.00 USD for someone with an active social media presence. 

Data sensitivity doesn’t just come from the data itself, but also from how companies and agencies can use the data to exert influence. Author of The Support Economy: Why Corporations Are Failing Individuals, Shoshana Zuboff expands on this, as she claims that tech giants like Google and Facebook are practicing surveillance capitalism with intentions to shape consumer behaviour towards a more profitable future.

The truth is datafication, which refers to the processes and tools that transform a business into a data-driven enterprise, doesn’t affect everyone equally. Women, minorities and people with low-incomes are affected much more than the rest. Thus, the new proposed bill aims to address these concerns. 

Three Tips to Maintain Data Privacy for Marketers

A large chunk of a digital marketer’s time is spent understanding and working with consumer data. Marketers analyze consumer data daily, from click-through rates, to unsubscribe rates. The more data they have, the more powerful their personalization efforts become -from relevant product recommendations to a consumer’s preferred communication method.

Additionally, marketers must know and comply with privacy regulations, such as GDPR, HIPAA, and CCPA. Here are three tips you can use to prepare for new privacy regulations without sacrificing your digital marketing efforts:

  • Conduct regular data reviews to make sure company policies are up to date
  • Know how the data is collected, used, analyzed and shared
  • Use the right technology to gain insights from data while protecting privacy

Data Sharing in the Healthcare Field

When it comes to the use of healthcare data, many ethical questions arise. Who is responsible for the safety of health data? Who owns co-produced clinical trial data?  

“We owe it to patients participating in research to make the data they help generate widely and responsibly available. The majority desire data sharing, viewing it as a natural extension of their commitment to advance scientific research” (Source).

Researchers can develop new cures and speed up the innovation process with the use of data-sharing. However, data is not easily shared, especially in the healthcare field. To address this problem, several university researchers from universities such as Yale and Stanford are creating a set of good data-sharing practices for both healthcare facilities and pharmaceutical companies. They have also partnered with key stakeholders and end-users to ensure their guidelines have a well-rounded perspective. 

Join our newsletter


The Safety of Healthcare Data is a Top Priority

The Safety of Healthcare Data is a Top Priority

Facebook privacy issues

There is no doubt that medical data and healthcare records are highly sensitive. However, recent events have shone light on the lack of adequate security measures for this data. How can we prevent privacy risks but still allow researchers to gain life-saving insights from our medical data?

Pressure builds to secure health care data

Due to recent healthcare data breaches, there has been a strong push for the US federal government to increase personal medical information protections. This is especially true, as healthcare processes shift from on-paper to online, and data is analyzed to better patient care.

For example, reporter Maggie Miller states that “one major recent data breach led to the personal information of 20 million customers of blood testing groups Quest Diagnostics, LabCorp and Opko Health being exposed”.

Currently, much of the momentum has been in efforts to urge law officials to focus on the sale and use of data amidst the social media space. However, in light of recent breaches, there has been much more attention geared towards the importance of securing health record and medical data.

Evidence That Consumers Are Now Putting Privacy Ahead Of Convenience

Gartner researchers have discovered a considerable amount of consumers and employees that do not consent to trade their data’s security, safety, and peace-of-mind for more convenience. 

With that in mind, many companies and organizations are redefining their internal views of customer data.

Chris Howard, a distinguished research vice president at Gartner, states that “As a CIO, you have a mandate to maintain data protections on sensitive data about consumers, citizens and employees. This typically means putting someone in charge of a privacy management program, detecting and promptly reporting breaches, and ensuring that individuals have control of their data. This is a board-level issue, yet barely half of organizations have adequate controls in place” (Source).

Recently, at the Gartner IT Symposium in Toronto, he argued that companies must be able to change their practices and become more adaptive to privacy-related demands. Gartner calls this the ‘ContinuousNext’ approach, and they hope it will build momentum through digital transformation and beyond. 

The steady erosion of privacy at home 

Most public areas are under the watch of AI cameras, cellphone companies, and advertisers that watch your every move. 

All these internet-connected gadgets, including smart assistants, internet-connected light bulbs, video doorbells, Wi-Fi thermostats, are filling every corner of your home and they’re watching you. 

The problem: These devices learn to pick up your voice, interests, habits, TV preferences, meals, times home and away, and all other types sensitive data. The gadgets then relay this information back to the companies where they were manufactured.

However, can people switch back to their old ways? Can people go back to regular temperature control systems, TV’s that aren’t smart, and human assistants rather than robotic ones?

Nevertheless, the Supreme Court has placed new boundaries to govern digital snooping especially without warrants and consent. What does the future look like for a world that cannot live without tech?

Join our newsletter