Privacy – Examples of Misuse of Private Data

We are in an age of “Big Data”, “Open Data” and the intended and unintended sharing and misuse of such data. This blog post is intended to collect some examples and notes to contribute to the task of informing the public about some of the privacy issues that need to be considered and addressed. It is not acceptable that big business and government agencies continue to decide on how such data is collected, stored, used, monetized and transferred to third parties without a more informed public debate.

There are valid and important social uses of data held by governments, companies, service providers and individuals. But there are serious misuses of such data. Informatics people need to be at the forefront of explaining to politicians, agencies and individuals what is happening, what is possible and what the terminology means. They should explain the positive uses, but also the current and potential risks and misuses.

Pseudo-anonymization

Sometimes data that is collected on individuals is kept in a form that allows for individuals in the population to be tracked across related data to help in getting better quality results and useful information. E.g. in health related data this can assist in many ways. To protect the individual from misuse of very sensitive data and potentially damaging consequences, the names and other information is usually removed from such data so that the actual individual cannot be subsequently identified, and the data misused to their detriment. This is a normal ethical requirement for even collecting the data in the first place in research. In things like health records the identifying information is kept with the stored data to assist agencies with legitimate access to the data to serve the individual by making proper use of such information.

The problem arises when government agencies and research organizations feel that this data can be used to assist them in their studies and a simplistic and easily reversed mechanism for pseudo-anonymization takes place. For example removing names, but leaving an individual identification number. There is a strong tendency to want to retain post code information for the individual as well as that helps in many data correlation and study aspects, but that also makes reversal of the pseudo-anonymization trivial.

The NHS Care.Data system is planned to become active from Autumn 2014 for everyone in England unless individuals opt-out. Care.Data proposes to store key medical information and consultations along with an individual’s unique NHS identification number, full postcode, ethnicity and gender [ref] yet states to the public that:

This new record will not contain information that identifies you.

This is quite clearly wrong or misleading. Third parties will be given access to this data for legitimate and contracted purposes…. some of the same companies which have been accused of dubious practices in their research publications approaches and data gathering and handling.

In future governments or cash-strapped agencies will be tempted to “monetize” the valuable data resources they have collected, especially as the costs of data warehousing and curation mount, and will find personal data to be irresistibly of interest and value to companies. If they can hide behind the term “Pseudo-anonymization” and make the public believe that protects them there will be many pitfalls and serious implications for individuals in future.

Hiding behind the term “Meta-Data”

Meta-data, data that describes other data often referred to as “Content” is I think something misunderstood (or deliberately used in a way that misleads) by many press and media commentators, security agencies and politicians. The simple example of a web search on a health web site by an individual which will contain the search query and much identifying information about the person performing the search can be used to show the dangers of allowing such content to be put in the hands of anyone who wishes to buy it.

Data Misuse

Why does this matter… no one is “looking” at your data… there is so much data no one can look at it all… everybody shares data these days… today’s kids are not bothered… what harm can it do… it’s illegal to misuse data… there must only be only a few isolated cases where data is lost or misused… you are paranoid…

I have heard every one of these comments.

Besides the obvious loss and subsequent misuse of data through illegal activities such as theft and losses of data through human error, process flaws and casual mistakes, there are many documented cases of “secure” systems being targeted and the data of millions of individuals made available to third parties, criminals and agencies who find that data useful.

Large “blue chip” companies are known to illegally or unethically obtain and use data in private or to affect their business. This is known through successful prosecutions and many investigations that are underway.

An investigation by the UK Information Commissioner into big business obtaining and misusing personal data, including health records, is reported in the Independent’s i paper on Monday 24th February, 2014. But I just chose that example as it is the day on which this blog post is written. On many days such reports can be found.

2014-02-24-Independent-Data-Misuse

Big business has used illegal black lists to affect hiring of individuals who had no way to know they were on such a list or challenge that. They have been shown to use private investigators to blag or obtain private information to affect their dealings with individuals – including medical records. Insurance companies in the USA have been reported as requiring the data chip in cars to be handed over to investigate driving behaviour when a claim is made.

It is naive to assume that companies such as loss adjustors and insurance agencies will not be tempted to misuse data they are given for one purpose for another where they have been shown already to be employing dubious or unforeseen means today.

We act within the legal constraints and monitoring mechanisms of the local jurisdiction

Reactions to events such as bomb attacks and terrorism risks can cause radical temporary changes in the law and the balance of rights between government and individuals in society. Temporary emergency measures can and sometimes must be used to maintain order even in largely democratic societies. But, laws may be drafted that are very wide ranging and with little depth of risk analysis that considers the potential for individual harm rather than the matters of state. The reliance on individual ministers to exercise the wide powers they are given and oversight bodies with minimal capability are a danger. Under such legal frameworks essentially anything becomes “legal”. But such powers tend to be left in place and even strengthened to give more surveillance capability to centralised authorities.

Alliances can be used to broaden the scope of what can “legally” be done by going “off-shore” when required to achieve broader coverage.

But if one country that purports to be working within its legal framework is doing things considered by some to be objectionable, why not others, some working without such legal constraints. A free for all and race to the bottom will arise.

Pre-crime

For the really paranoid… or just those with an imagination… and some knowledge of past and current affairs… consider the situation where a future government agency or group is able to obtain access (legally or illegally) to personal data and takes it upon themselves to identify a cohort that meets some negative criteria (as deemed at the time or by the policies of some specific regime or group). A quick trawl over historical data could be useful to identify who would one day fail some test and become targets for attacks and action by such agencies and groups.

This entry was posted in Privacy and tagged , . Bookmark the permalink.

29 Responses to Privacy – Examples of Misuse of Private Data

  1. bat says:

    http://www.theguardian.com/society/2014/jan/19/nhs-patient-data-available-companies-buy

    The Guardian, 19-Jan-2014: NHS patient data to be made available for sale to drug and insurance firms

    Extract from above article…

    Once live, organisations such as university research departments – but also insurers and drug companies – will be able to apply to the new Health and Social Care Information Centre (HSCIC) to gain access to the database, called care.data.

    If an application is approved then firms will have to pay to extract this information, which will be scrubbed of some personal identifiers but not enough to make the information completely anonymous – a process known as “pseudonymisation”.

    However, Mark Davies, the centre’s public assurance director, told the Guardian there was a “small risk” certain patients could be “re-identified” because insurers, pharmaceutical groups and other health sector companies had their own medical data that could be matched against the “pseudonymised” records. “You may be able to identify people if you had a lot of data. It depends on how people will use the data once they have it. But I think it is a small, theoretical risk,” he said.

    Once the scheme is formally approved by the HSCIC and patient data can be downloaded from this summer, Davies said that in the eyes of the law one could not distinguish between “a government department, university researcher, pharmaceutical company or insurance company” in a request to access the database.

  2. bat says:

    Fears of patient data leak prompt inquiry into mapping website – Website search service is shut down by authorities in incident that has fuelled demands to halt data sharing scheme

    http://www.theguardian.com/technology/2014/mar/03/patient-data-inquiry-website

    This sort of data misuse will become common place and once the cat is out of the bag its too late. Stop it… don’t allow any third party use of personal data collected for another purpose.

  3. bat says:

    The Day Our Privacy Died… in the style of Don McLean

    https://m.youtube.com/watch?v=sxfTHHltsWA

  4. bat says:

    The Guardian on 18-Apr-2014 reports that
    “HMRC to sell taxpayers’ financial data”
    • Firms could buy ‘anonymised’ financial details
    • Plan ‘borderline insane’ according to senior Tory MP

    http://www.theguardian.com/politics/2014/apr/18/hmrc-to-sell-taxpayers-data

  5. bat says:

    Follow Sir Malcolm Rifkind as Chairman of the Intelligence and Security Committee of Parliament with statutory oversight of the UK security agencies like GCHQ. He provides unique insight and reports on the activities of this committee.

    Follow @MalcolmRifkind on Twitter.

  6. bat says:

    Metadata reveals much more about you than the gov’t would have you think…

    https://www.bof.nl/2014/07/30/how-your-innocent-smartphone-passes-on-almost-your-entire-life-to-the-secret-service/

    How your innocent smartphone passes on almost your entire life to the secret service.

    This article was originally written in Dutch by Dimitri Tokmetzis and was published by De Correspondent, 30-Jul-2014.

  7. bat says:

    A Guardian On-line article on 5th October 2014 reporting that Members of Parliament are to investigate police use of RIPA powers to “snoop on journalists”.

    http://www.theguardian.com/uk-news/2014/oct/05/mps-police-ripa-powers-snoop-journalists

    Keith Vaz, chairman of the home affairs select committee, said he wanted a detailed breakdown of police use of the Regulation of Investigatory Powers Act (Ripa) to force telecoms companies to hand over phone records without customers’ knowledge.

    They did not use Pace, which requires the police to go to court, but Ripa to get the records. Ripa can be used with approval from an officer of superintendent level or above, and does not require the police to disclose their intentions to snoop on journalists.

    BBC Radio 4 reported on 8th October 2014 that, although the Guardian article had expressed concern at the use of RIAa against journalists due to freedom press concerns, there had been over half a million RIPA requests in one year for other targets. These were for the police, security agencies and even local authorities. All granted without judicial review and on the internal authority of a police chief.

  8. bat says:

    Notes of 5th October 2014 fringe event at the Liberal Democrats’ annual conference in Glasgow hosted by Open Rights Group. Entitled “Surveillance: how do we reform RIPA & protect civil liberty?”, the event was part of ORG’s Don’t Spy On Us campaign.

    http://idea15.wordpress.com/2014/10/06/notes-from-the-open-rights-group-debate-surveillance-ripa-reform-and-civil-liberty/

  9. bat says:

    Full transcript of the speech given by Sir Iain Lobban, Director GCHQ (2008-2014), at the Cabinet War Rooms on 21 Oct 2014 with a personal perspective on the work of GCHQ and its members…

    http://www.gchq.gov.uk/press_and_media/speeches/Pages/Iain-Lobban-valedictory-speech-as-delivered.aspx

  10. bat says:

    Julian Assange report of meeting in the UK in June 2011 with Google’s Chairman, Eric Schmidt, and the connections of Schmidt and Google to the US government…

    http://www.newsweek.com/assange-google-not-what-it-seems-279447

  11. bat says:

    Robert Hannigan, head of Britain’s GCHQ surveillance agency, has accused US technology companies of becoming ‘the command and control networks of choice’ for terrorists.

    http://www.theguardian.com/uk-news/2014/nov/03/privacy-gchq-spying-robert-hannigan

    http://www.bbc.co.uk/news/uk-29891285

  12. bat says:

    Reprieve reports “Government forced to release secret policies on surveillance of lawyers”

    The Government has been forced to release secret policies which show that GCHQ and MI5 have for years advised staff that they may “target the communications of lawyers,” and use legally privileged material “just like any other item of intelligence.”

    http://www.reprieve.org.uk/press/2014_11_06_uk_govt_force_release_spying_lawyers/

  13. bat says:

    Secure Message Scorecard… lists the features of apps and tools which seek to maintain end-to-end “secure” encrypted communications. Always assuming that the encryption algorithms and methods or people involved are not themselves compromised…

    https://www.eff.org/secure-messaging-scorecard

  14. bat says:

    New Scientist Opinion “Maths spying: The quandary of working for the spooks” 23 April 2014 by Tom Leinster.

    This article appeared in print under the headline “Ethical calculus”. Tom Leinster is a mathematician at the University of Edinburgh, UK

    http://www.newscientist.com/article/mg22229660.200-maths-spying-the-quandary-of-working-for-the-spooks.html

  15. bat says:

    Hacked dog, a car that snoops on you and a fridge full of adverts: the perils of the internet of things…

    http://www.theguardian.com/technology/2015/mar/11/internet-of-things-hacked-online-perils-future

  16. bat says:

    Nest/Google home sensors rumoured to be moving into audio as it expands further | TechCrunch

    http://techcrunch.com/2015/03/10/nest-rumored-to-be-moving-into-audio-as-it-expands-further-into-the-home

  17. bat says:

    Hello Barbie’s listening ability ‘creepy’, privacy group says. WiFi-enabled ‘smart’ doll can record child’s playtime conversations and upload them to cloud storage for data mining.

    http://www.cbc.ca/news/technology/hello-barbie-s-listening-ability-creepy-privacy-group-says-1.2996755

  18. bat says:

    European Commission For Democracy Through Law (Venice Commission)
    Update of the 2007 Report on the Democratic Oversight of the Security Services
    and Report on the Democratic Oversight of Signals Intelligence Agencies
    Strasbourg, 7 April 2015, Study No. 719/2013

    http://statewatch.org/news/2015/apr/coe-venice-commission-oversight-intelligence%20agencies-sigint-update-2015.pdf

  19. bat says:

    Yahoo “secretly monitored emails on behalf of the US government”

    Company complied with a classified directive, scanning hundreds of millions of Yahoo Mail accounts at the behest of NSA or FBI, say former employees. Chief Security Officer not told, and resigned when inserted “flaw” spotted within weeks of installation. Such backdoors open systems to misuse by other as well as governments.

    https://www.theguardian.com/technology/2016/oct/04/yahoo-secret-email-program-nsa-fbi

  20. bat says:

    Financial Times Money carried an article entitled “Banking and biometrics: is your money really safe?” on 4-Nov-2016 about the ease with which biometric security used or proposed by banks is easily defeated in an age of data mining….

    This selfie mask shows why the wealthy should be worried about the biometric IDs banks want us to use for security: http://on.ft.com/2fKxCSY

  21. bat says:

    On 22-Dec-2016, the New York Times Review of Books Online ran an article by Sue Halpern reviewing a couple of books and describing how commercial tracking and data mining is building and selling “profiles” of billions of people on all sorts of spurious data…

    http://www.nybooks.com/articles/2016/12/22/they-have-right-now-another-you/

  22. bat says:

    On 23-Jul-2919, The Guardian published an article on “”…

    ‘Anonymised’ data can never be totally anonymous, says study… Findings say it is impossible for researchers to fully protect real identities in datasets.

    https://www.theguardian.com/technology/2019/jul/23/anonymised-data-never-be-anonymous-enough-study-finds

    Yet groups like Experian mine much personal data from their privileged position acting for banks snd government agencies to provide ID snd credit scoring services. Here is a quote from The Guardian article…

    Now researchers from Belgium’s Université catholique de Louvain (UCLouvain) and Imperial College London have built a model to estimate how easy it would be to deanonymise any arbitrary dataset. A dataset with 15 demographic attributes, for instance, “would render 99.98% of people in Massachusetts unique”. And for smaller populations, it gets easier: if town-level location data is included, for instance, “it would not take much to reidentify people living in Harwich Port, Massachusetts, a city of fewer than 2,000 inhabitants”.
    Despite this, data brokers such as Experian sell “deidentified” datasets containing vastly more information per person. The researchers highlight one, sold by that company to the computer software firm Alteryx, which contained 248 attributes per household for 120 million Americans.

  23. bat says:

    On 26th July 2019 Ars Technica reported on Apple Siri and the way it us capturing unintended voice recordings and passing these through to contractors for review… “Siri records fights, doctor’s appointments, and sex (and contractors hear it)- In a new report, Apple takes its turn in the crosshairs over how it reviews user recordings”…

    https://arstechnica.com/gadgets/2019/07/siri-records-fights-doctors-appointments-and-sex-and-contractors-hear-it/

  24. bat says:

    On 29th July 2019, http://siliconangle.com reported that 100M customer records were stolen from Capital One via misconfigured Amazon AWS S3 cloud storage…

    https://siliconangle.com/2019/07/29/100m-customer-records-stolen-capital-one-via-misconfigured-aws-instance/

Comments are closed.