Why we need to know more about the UK government's COVID-19 data project - and the companies working on it

If the app does finally appear, it will now be based on a Google and Apple system, which means it won't store information in a central database. This had been the plan for the original government-developed system that had worried privacy researchers, including myself. But even if the app never gets off the ground, that shouldn't distract us from seeking more insight into what the government and a few companies with strong political connections are still doing with our health data.

I was one of nearly 200 UK information security and privacy academics who published a joint letter in April asking the government's digital health agency, NHSX, key questions about its plans for the app. At the time there was no data protection impact assessment (DPIA) - even the data privacy watchdog the Information Commissioner's Office (ICO) hadn't seen one.

There was no publicly available information on how the app would work or keep the data secure, and it was not clear that it would work at all. There was also no justification for the choice of a centralised data matching model that was intrinsically riskier to privacy.

We received answers to some of these soon after: an unsatisfactory DPIA, code for the app but not for the server, and a security analysis that included some justifications for centralised processing.

One of the purposes for the app was centralised planning for the COVID-19 response. In parallel, NHSX has been developing a "data dashboard" to manage all the data it is collecting for this purpose. The NHS website lists 59 sources of such data, several of which include records about individual patients, such as the Emergency Care Data Set.

Initially, Matthew Gould of NHSX claimed "all the data in the data store is anonymous". But that unlikely claim was corrected later with an acknowledgement that some data would be pseudonymous, meaning that combining it with other data could allow patients to be identified.

More worrying was the choice of partners by NHSX for this project. The data was to be stored on a platform developed by US company Palantir, which was originally funded by the CIA and counts numerous US government agencies as its customers. These include the FBI and the National Security Agency responsible for the secret government internet surveillance programme revealed by Edward Snowden.

Palantir's initial contract with the NHS, which reportedly didn't go to competitive tender in line with protocols introduced for the pandemic, charged a symbolic £1 for 45 engineers over three months. But it wasn't made clear how else the company would benefit. Palantir's UK operation is led by Louis Mosley, reportedly a former Tory activist.

The other contracted company, Faculty, has even stronger links to the government via Boris Johnson's chief adviser, Dominic Cummings, who gave it a key role in the Vote Leave campaign (under the firm's old name of AIS). The firm's director Marc Warner has also attended the government science advisory committee SAGE.

The inhabitants of the internet cobbled all this together into a nice conspiracy theory, which might be summarised as "the app is giving all our data to Dom's mates". This can be seen all over social media, for example in the responses to a popular tweet about our letter.

But while it appears the app is off the table-or at least that England and Wales will get a more privacy respectful one run by internet giants-there's still reason to be concerned about NHSX's use of patient data and how it's being shared with private firms. Palantir's original contract was published under legal pressure but its renewed contract has not. In particular, we do not know whether NHSX is paying Palantir properly this time.

We also know more clearly that there's a lot that we're not being told, as the government has only published a DPIA for data being combined and stored but not for how it is then being used for planning, including possibly through AI. The DPIA only assesses Palantir's role for data storage, and yet the firm's original contract also mentions "data analytics", "support tracking, surveillance, and reporting", and none of that is covered in the document. It also doesn't mention Faculty, which says it is working on data dashboards and modelling as part of its contract with NHSX.

Consultation with stakeholders and external experts is recommended for DPIAs, but none was done here. Even branches of the NHS in charge of health data handling, such as NHS Digital, do not appear to have been consulted.

Missing information

A DPIA should examine how the rights and freedoms of the people whose data is collected might be affected and ask: "What could possibly go wrong?" When you construct a large database including individual medical data, there are many possibilities for it to be used beyond its original function and for abuse, bias and unexpected harmful side-effects. Unfortunately, this DPIA only recognises low-level risks with their technical and organisational mitigations.

Overall, that leaves us in a position where we do not know what Palantir, Faculty and others are doing with NHS medical data. We do not know whether the risks of abuse of the data have been properly recognised and mitigated. But we do know that this kind of database is not protected against access by intelligence services.

Website search

Recently updated

ACT Key Crack Plus Keygen ACT Key Crack & Activation Code Recover passwords for ACT! files
OneNote Password Recovery Key Crack + Activator Download 2020 OneNote Password Recovery Key Crack + Serial Number A password recovery tool that is designed to retrieve passphrases for MS OneNote files by using a combination of various attacks
P2 Commander Crack + Activator Download P2 Commander Crack With License Key 2020 A reliable and effective solution that helps you to perform comprehensive digital forensic examinations and deleted data recovery

Software News

Jul 12
An unopened copy of a vintage Super Mario Bros. video game has been sold for $114,000 in an auction that underscored the enduring popularity of entertainment created decades ago.
Jul 10
For millions of motorists around the globe, GPS traffic guidance has become indispensable. This week, Google confirmed it has been testing a feature that will make getting to where you want to go even easier: traffic light ...
Jul 10
Popular smartphone apps including Spotify and Pinterest suffered outages Friday due to an apparent bug in Facebook's systems.
Jul 8
The simulation of woven and knitted fabrics is an ongoing problem in computer graphics. Simulating the way a fabric drapes or moves while being worn, while accurately modeling low-level effects such as the stiffness and stretch ...
Jul 7
Google's Chromium browser team has come up with a simple fix to address heavy battery drain.
Jul 2
NOVID, a contact tracing app that anonymously traces users' exposure to COVID-19, is the first such app in the world to demonstrate the distance accuracy required to perform contact tracing without significant false positives. ...
Jul 1
The technology company Red Hat said Tuesday that it would take measures to remove contentious terms like "master/slave" from its source code and other areas, in an effort to make its products more inclusive.

About us

Welcome to new crack resource CrackDownloadz.com! Our service can generate cracks, keygens and serials for your software to unlock it. CrackDownloadz provides a lot of popular cracks and keygens. No spyware and adware at all, just download new cracks, keygens and serials. If you have a software that needs a crack feel free to contact us.

Also you may contact us if you have software that needs to be removed from our website.