World

NHS Data is At Risk From For-Profit Surveillance and Data Analysis Firms, Says medConfidential

Public confidence in the NHS and the security of patient information is at risk as a result of data processing contracts being awarded to tech firms with a history of targeting critics of business interests and collaborating with immigration enforcement, rights groups claim.
Sputnik

CIA-linked surveillance and data analysis firm Palantir has a contract with NHSX, the newly-created technological innovation wing at the UK's Department of Health and Social Care, which is responsible for processing "anonymised" patient data. But the exact details of the contract remain unknown and the possibility of the information being de-anonymised some time in the future potentially exists, privacy campaigners say.

Phil Booth, a coordinator of medConfidential campaigning for patient confidentiality and consent in Britain, says that the relationship between Palantir and the NHS is part of a wider practice which pre-dates the emergency measures taken to combat the coronavirus (COVID-19) pandemic.

Booth argues that failing to ensure patient consent is at the heart of how data is used (and by whom) could be "catastrophic" for public trust in health services at a time when it is needed the most.

Sputnik: Your organisation co-authored a set of questions for Palantir Technologies Ltd regarding its relationship with the NHS and Department of Health and Social Care. What are the most important things everyday people should understand about your concerns?

Phil Booth: medConfidential co-signed the open letter, which had been authored by Privacy International. The most important thing medConfidential believes concerns everyday people, which opinion polls consistently support, and for which we have campaigned for over seven years, is that patients should know how their data is used.

As I pointed out at the time, "As it is contracted to NHS England, Palantir's ability to be transparent of its own accord is likely to be limited at best." As can be seen from Palantir's response, this indeed turned out to be the case.

We have wider concerns too, e.g. about Faculty AI – whose CEO's brother, Ben Warner, attends SAGE along with Dominic Cummings. Lord Agnew, the Treasury/Cabinet Office Minister responsible for Government Digital Service and thus the G-Cloud Framework, under which the NHS contracts were apparently awarded, also has a significant shareholding in Faculty AI.

And [we also have concerns] about the various other multinationals with clear ambitions and agendas that are involved in the NHS datastore and other mass processing activities, such as Amazon, Google Health (i.e. DeepMind), and Microsoft.

NHS England and the Department of Health and Social Care (DHSC) should therefore publish all of the information about which it has contracted Palantir – and all of the other companies it has contracted – to do.

Once all of this is public, people will be able to make up their own minds about whether or not they wish their and their family's medical information to be used in these ways, by NHS England and DHSC and any and all of the companies that are working for them. If this information remains secret, then medConfidential believes NHS England and DHSC will leave many in doubt about what exactly is going on, and therefore – potentially catastrophically, in a time when it is more important than ever – undermine public confidence and trust.

Sputnik: In 2011 Palantir was implicated in a plot to target activists, reporters, labour unions and political organisations and was funded by the CIA. To what extent are your critiques of this organisation informed by this history?

Phil Booth: The principals of medConfidential knew of Palantir well before the events of 2011, and we have been closely tracking the development of its platform(s), and their various deployments, since then. I have myself had occasion to speak with representatives of Palantir – mostly via its Council of Advisors on Privacy and Civil Liberties – on several occasions in subsequent years.

Our critique is therefore based in an understanding both of the capabilities of its products and services (currently Gotham and Foundry) and of its business practices, not only media reports of its behaviours and associations.

Sputnik: Are you concerned that Palantir may use its access to the NHS, now or in the future, in order to facilitate spying or the blackmail of individuals?

Phil Booth: Our concerns about Palantir's access to the NHS, now or in the future, lie primarily in its reputation and the corrosive effects any such engagement would have on public trust. A company that services the ICE squads in the US is clearly as toxic as, say, the UK Home Office 'hunting for immigrants' through their NHS records – a practice we and others have campaigned against, and at least temporarily managed to stop or limit in 2018. Were the NHS or Government to decide to (try to) retain Palantir's services in any context other than the COVID crisis, we are pretty sure the company's other activities would preclude any such involvement.

We do not speculate on what Palantir might facilitate, but it is worth noting for your own information that the capabilities of Foundry (its data integration platform) and those of Gotham (its law enforcement and intelligence platform) are distinct.

Sputnik: What, in your opinion, needs to be done to ensure that whomever has access to NHS files can never access its contents or de-anonymise them?

Phil Booth: If every use of patients' data is properly consensual, safe and transparent, then people will have the ability to make their own choices – as several million have already done, using the various opt-out mechanisms we have fought for over the years.

Individual-level, longitudinally-linked, richly-detailed health data is inherently identifiable – anyone claiming that anything other than properly created statistics are 'anonymous' is either a fool, or has an agenda.

Health data would not be so valuable were this not so. 'Anonymisation' – a bunch of techniques, such as 'pseudonymisation' or 'de-identification', used to make it less likely individuals are identified – are no more than sensible security measures, as says the Information Commissioner.

These techniques do not make the data any less personal data under General Data Protection Regulations and UK Data Protection Act 2018, nor do they make it anonymous.

See also our long-standing recommendations and proposals here

Sputnik: Is it possible for corporations like Palantir to ever safely have access to NHS files and systems? If not, why? If so, under what circumstances?

Phil Booth: It might be theoretically possible for the NHS to use, say, Palantir's Foundry software were it to be completely separate from any of Palantir's own systems, i.e. if it were a completely free-standing piece of pre-cloud software, like MS Word '95. However, as Palantir's current Foundry platform must 'sit on top of' an AWS cloud data store (or equivalent) in order to work, it seems unlikely that this would ever be the case.

It is also unlikely the NHS itself would have the technical capacity to be able to ensure that Palantir's or any other Big Tech platform was not communicating at some level with systems outside the NHS (though possibly the National Cyber Security Centre/GCHQ would), unless such systems were aggressively 'air-gapped' in such a way that the software would probably be useless or too awkward to work with.

And in any case – absent every use of data being fully consensual, safe and transparent – it is unlikely that the use of such systems would ever be trustworthy enough to satisfy a significant proportion of the public.

Discuss