I just posted feedback to the HSCIC focussed on my issues with their CareData program.
Other UK folk might want to post their feedback - deadline 27th February 2015.
Here’s what I wrote:
Your CareData program is ill conceived and an abuse of people’s rights.
Firstly, despite ample evidence you persist in the fantasy that health data (or any personal data set) can be saved from identification with individuals using so called pseudo-anonymisation. This alone demonstrates a mixture of technical incompetence, goal based bias, and a willingness to lie in order to succeed in your own goals rather than to “ensure that every citizen’s data is protected” as you claim.
Secondly, you are loading data onto centralised servers, where it is collected together into a massive honeypots that will be breached. There is no way to protect data caches when they are so attractive. Corruption, temptation and criminality all home in on such tempting targets, whether state, commercial or personal. If the target is known and high value, it can and will be breached, because data security is never 100%. You know this, yet again you pretend to “ensure that every citizen’s data is protected”.
The only way to provide adequate protection is to avoid creating centralised datasets. You ignore state of the art technological developments that would allow all your data analysis and security goals to be achieved without the need to collect individual health records together, and without the need for their contents to be exposed even to the analysing programs and analysts during the process. This could be entirely opt-in, decentralised, and handled with zero knowledge proof analysis (cf. zkSNARK libraries recently released) accessed under the individual control of citizens using an entirely decentralised data storage system (cf. blockchain and more likely, http://maidsafe.net ANT technology when launched in a few weeks or months).
You and government are lying to citizens about the virtual inevitability that their personal data will be revealed, a situation that once it happens CANNOT BE REVERSED, and cannot be prevented from being traded and swapped with all and sundry. A MASSIVE RISK with such MASSIVE CONSEQUENCES for an ENTIRE POPULATION. This is the MOST SHOCKING ABOUSE OF CITIZENS’ RIGHTS I’ve encountered in the western world, save of course the intrusive mass surveillance and similar faux claims of legality, oversight and accountability.
Finally, you make it opt-out, and make opting out unreliable, time consuming and difficult: a well known manipulative trick learned from privacy abusing corporations. You make it difficult to opt-out, and actively discourage this, by advising people to “discuss” this with their GP, and to formally ask the GP to opt-out, with obscure and complicated wording, and no easy way to verify that the opt-out has actually been put in place. This alone reveals your true intentions and the lack of integrity of your communications.
This demonstrates that your aim to “ensure that every citizen’s data is protected” is a platitude, and that the HSCIC is at best concerned only with its other goals, and at worst cannot be trusted even that these are the real motives of the CareData proposals.
Its a shocking state, mirrored by so many other areas of government and civil bodies, from the failure to protect children from decades of systematic paedophile abuse, not to mention child murder (read ExaroNews website if you feel incredulous - the Met Police believe this no less), and the draconian attacks on our liberties by security services through illegal mass surveillance, and contempt for democratic and parliamentary processes. Behind all this one can only conclude an ever more corrupted state, driven by other forces, and implemented by its own well meaning citizens - who perhaps optimistically tell themselves and each other that concerns such as the ones I have raised are not justified, and not based on facts. Well, if you - the reader - personally disagree with my comments about the risks from CareData, please look into the number of breaches of centralised systems. And remember, most breaches are kept secret if they can, because they are not just embarassing, but damage business and undermine the assurances of government, including bodies such as the HSCIC. I’m not paranoid, I’m informed. There are many others saying the same things, and the facts we share are easily checked or public knowledge (from Sony Hacks, to breaches of US government security, Google etc.), whereas the assurances of the HSCIC are just assurances, and made in the face of ample evidence to the contrary as I stated at the start. Then of course there is human error - mailing unencrypted disks of citizen databases is hopefully behind us - but remember, if it can go wrong it will, and when the system the HSCIC is building goes wrong, the damage will be MASSIVE and IRREVERSIBLE for you, me and every other person who uses the NHS.
The HSCIC will no doubt continue what it has started, because governments never admit they got something totally wrong and lied about it until its splashed across the internet. We - including you the reader - will all suffer as a result. We’ll be the first country to have all its citizen’s identified health data either posted online and shared by unstoppable bittorrents, or secretly exploited by companies, extortionists, blackmailers, and oppressive regimes wherever it proves profitable, convenient, or has lulz.