Trends

How The UK Government is Turning into a Patients Data Broker and How to Opt-Out Before Deadline

How The UK Government is Turning into a Data Broker, and Why You Should Opt-Out Before July 2021 - Nebuli Blog

Tim El-Sheikh

June 4, 2021

If you ever had any doubts about the aggressive acceleration of surveillance capitalism, then welcome to the post-pandemic data wild west. As part of our research on the upcoming trends in digital ethics, especially those relating to artificial intelligence (AI), we have witnessed an alarming increase in the bullish attempts in harvesting citizens’ personal data around the world, including children. No, I’m not referring to the usual suspects in the tech world. Our focus here is governments and their contractors. Yes, as in your government, you know, the politicians who supposedly are on a mission to protect our privacy rights against the tech giants? Well, they seem to have joined the party. Or, perhaps, creating their own.

But before I continue, let me emphasise that this is not a political post; we are not interested in politics. Our focus is to help our online community and the general public understand the realities of AI and digital ethics – covering the good, the bad and the ugly truths. We are sharing our findings with you so that you can conduct your own research within your country and, more importantly, seek your right to opt out. Our focus today is the UK government.

Healthcare Services, The Pandemic’s Fattest Data Cow

In my contribution to Information Age’s series discussing Digital Ethics earlier this week, I highlighted a disturbing report published in The Times revealing that companies collecting data for pubs and restaurants to help them fulfil their contact-tracing duties are harvesting and selling confidential customer information. As far as we can see, this issue is not related to the official NHS Covid contact-tracing app at the time of this writing. However, it appears that the UK’s privacy laws are not fit for purpose in this case.

But, more disturbingly, the UK government have quietly decided to conduct a mass collection of every patient’s history in England, such as:

Mental health episodes;
Diagnosis of terminal illnesses;
Smoking and drinking habits;
Dated cases of domestic violence;
Abortions;
Complaints about care;
and much more…

We think it is fair to question the purpose of collecting such information and, more importantly, who will be accessing this data outside the government? What we found quite interesting is that the UK government did not make a wider public announcement about this plan. They quietly published their General Practice Data for Planning and Research Directions 2021 page, which, as you can see from the page’s breadcrumbs, is buried somewhat deep within the website. Nonetheless, NHS digital, the department responsible for this process, published a detailed PDF downplaying these concerns, which you can read in full here. But, the history of the UK’s dealing with NHS-related IT and data projects is not covered in glory. Remember the NHS-IT project failure, Google’s Deepmind NHS data privacy compliance failures, Care.data Project failure, Covid-19 contact-tracing app failure, and so on and so forth? Make of this what you will.

While you may think that this sounds like some conspiracy theory or that we need to start wearing tin foil hats. Not at all. This is the reality of the new world of data-driven, AI-powered surveillance capitalism, which we will discuss later. Whoever said that data is the new oil? I say it is much more valuable than oil as it will never run out. In fact, it will continue to grow exponentially.

How to Opt-Out Before the June Deadline?

Patients based in England should read these guidelines and submit their opt-out forms before the June 23rd, 2021, deadline. The key point here is to contact your GP/clinic to find out more if you are not based in England. Your privacy is your right and no one should convince you otherwise.

Expect Further Action from Privacy Campaigners

openDemocracy, an independent global media organisation, reported today that they have joined forces with Foxglove, a tech justice start-up, and other campaigners to issue an urgent legal challenge to the Department of Health and Social Care over its scheme to harvest the personal medical data into one massive database, which private corporations will be able to access. The report stated that “NHS Digital insists it’s not selling patient data – but then tells us that the data will be made available to third parties for a fee.” We will continue monitoring these trends and will be sharing our findings with you on our blog and social media. Are your local governments acting as data brokers? Reach out on social media using our handle @nebuli to share with our community how your region or country deals with data privacy and help us push forward for effective digital ethics.

If you need help and support with digital ethics for your team or organisation, feel free to reach out with your questions and comments.