back to article Pssst... wanna participate in a Google DeepMind AI pilot? Be careful

Imagine you’re in charge of technology and data for part of the UK’s chronically cash-squeezed National Health Service. A world-famous technology firm offers you a cool new service, either free or for very little money. All it wants in return is access to the patient data that will make the service work. What are you going to do …

  1. I Am Spartacus

    Anonymisation of data

    Wow. Never heard of that before. It's amazing what novel ideas can come up reading el Reg.

    1. Anonymous Coward
      Anonymous Coward

      Re: Anonymisation of data

      Anonymisation of data is not sufficient. Pseudo-anonymised data (i.e. anywhere there is a 1:1 mapping) must be considered personal data, as if it were not masked at all, because of the proven ease of reconstructing an identity from metadata.

      This is one of the key reasons both the ICO and Caldicott condemned the programme - just anonymising the data is not enough. It can be a positive step, but in isolation is never enough to treat the data as if it weren't personal information. Consent *plus* anonymisation, with the anonymisation process being explained to patients to obtain their positive consent, may have been sufficient.

      The approach taken by Genomics England is probably the way forward. Data never leaves your system. You buy in services and software, you don't give away the data. Ever. This is also the approach taken by the ONS for their new "data campus", enabling much broader research access to government data sets.

  2. samzeman


    Am I the only one that learned a new word today?

  3. keithpeter Silver badge

    Ethics committees?

    "Smith says that such work should go through review processes akin to those for drug trials – which would probably have rejected the handover of 1.6 million patient records. "

    Strange how shiny IT makes pretty standard ethics procedures fly out of the window. Special case of Jaron Lanier's 'siren servers' perhaps??

    Coat: glad they didn't get fined. Mine's the one with the appointment card in the pocket.

  4. iron Silver badge

    DeepMind should not be shunned because of its owner

    Actually yes it should. That owner has been proved time and again to slurp any and all data available to it first and worry about the legality of it later. When caught they blame "a rogue engineer who added the code" and other ridiculous excuses. Who owns DeepMind should definitely be a concern for anyone whose most personal data is ultimately being shared with a company that cannot be trusted.

    1. ArrZarr Silver badge

      Re: DeepMind should not be shunned because of its owner

      Actually no it shouldn't. The contract should be built with safeguards that explicitly state that the data is for the use of the named company only and not any subsidiaries or owners so that there is no grey area or wiggle room.

      Also, wasn't the rogue engineer story to do with the VW emissions thing? Haven't heard that one from Google yet.

      1. heyrick Silver badge

        Re: DeepMind should not be shunned because of its owner

        "Also, wasn't the rogue engineer story to do with the VW emissions thing? Haven't heard that one from Google yet."

        Want that what they said when caught slurping WiFi DATA when collecting SSIDs during StreetView tours?

        1. Mage

          Re: DeepMind should not be shunned because of its owner

          They are happy to stop slurping WiFi via street view. Look at Android, Chrome Browser and Chrome book adoption. Parasites.

    2. Mage

      Re: DeepMind should not be shunned because of its owner

      a) They are totally untrustworthy.

      b) They refuse to be regulated, especially outside USA.

      c) Who says this app actually works and how was it developed?

      d) The company has no track record in Medical applications.

      1. sabroni Silver badge

        Re: They are totally untrustworthy.

        I agree. Any contract with this lot is worthless, they genuinely believe they're above the law.

  5. adnim


    DeepThroat or LongTongue preferred.

    On a serious note.. Properly anonymised data please. Strip any and all data that can potentially be used to identify the OWNER of that data and we have a positive. Of course if we are looking at regional variances some location data my be required. However, a postcode/zip code is going to far.

    The word owner is capitalised because corporate entities forget just who owns the data. Being an aggregate of data does not equate to ownership.

    1. Robert Sneddon

      Anonymising data

      I know of an attempt to anonymise voting data from previous years to test a proposed new nomination and voting method for an annual literary award. Despite initial statements by the people writing the code it turned out the historical voting data couldn't be anonymised sufficiently to prevent reconstruction of personal identification without destroying the information the test software needed to see what effects it would have on nominations and voting. Just removing the basic ID fields (name, address etc.) wasn't enough to prevent someone willing to put in the effort to determine who had voted in previous years and what they had voted for if they got hold of the raw data.

      It's could be that health records are in the same boat, either they are processed by experimental software in a secure, trusted and licenced sandbox with only the aggregate results made available to researchers or they cannot be used safely at all as research material.

  6. Long John Baldrick

    Isn't there an EU Right to be Forgotten?

    If so, a few thousand or more requests should tie up DeepMind for an hour or two.

    Would not the Trust having a small DeepMind datacentre on premises mitigate this issue? If the data cannot be taken off of Trust premises and therefore not able to be de-anonymised by DeepMind the Trust would be more trustworthy. I refuse to accord DeepMind or any other Google related entity.

    1. anonymous boring coward Silver badge

      Re: Isn't there an EU Right to be Forgotten?

      Isn't there an EU Right to be Forgotten?

      Isn't that a right to forget EU?

      I might be mistaken, it's so confusing in these times.

  7. Vaidotas Zemlys

    Er what?

    "If this was a new drug, the approach Google took was to synthesise a new molecule and inject it into a random bunch of people who walked into Accident and Emergency and see what happens."

    Surely people know difference between analyzing person's data and injecting actual drug into a person? Privacy is important, but so is perspective.

    1. Matt 18

      Re: Er what?

      "the approach Google took"

      i.e. it's a narrative. Not to be taken literally.

      1. Freddie

        Re: Er what?

        I think the op's point it is that the chosen narrative is quite different from what actually happened, and isn't really comparable at all. Breaching privacy != injecting untested drugs into people willy nilly, either ethically or in effect.

  8. John Smith 19 Gold badge

    Hmm. Google and transparency. Not words you see in a sentence very often

    And usually in a poorer light than this.

    Yes strong contracts and penalty clauses (and enforcing penalty clauses) will help.


    Google is a data fetishist with a high recidivism rate (like other kinds of socially unacceptable fetishists).

    IOW They can no more keep their hands off patients data (and it's patients data, not the NHS's to sell or give away) than Uncle Ernie can keep his hands off Tommy (Nice work by Phil Collins, really channeling his inner nonce).

  9. Gordon Pryra

    Anonymisation of data?

    That is the same as talking the names of a list of finger print records and then giving them to the company that holds the database for fingerprints

  10. anonymous boring coward Silver badge

    Any UK entity always rolls over for any US large company, not to mention state agent. It's the rule.

    That's why EU is such an inconvenience, as Murdoch so well knows. But not for much longer.

    Long live the "special relationship", where vaseline is such a fundamental component.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like