Palantir’s NHS-stealing Big Lie

I'm on tour with my new, nationally bestselling novel The Bezzle! Catch me in TUCSON (Mar 9-10), then SAN FRANCISCO (Mar 13), Anaheim, and more!

Capitalism's Big Lie in four words: "There is no alternative." Looters use this lie for cover, insisting that they're hard-nosed grownups living in the reality of human nature, incentives, and facts (which don't care about your feelings).

The point of "there is no alternative" is to extinguish the innovative imagination. "There is no alternative" is really "stop trying to think of alternatives, dammit." But there are always alternatives, and the only reason to demand that they be excluded from consideration is that these alternatives are manifestly superior to the looter's supposed inevitability.

Right now, there's an attempt underway to loot the NHS, the UK's single most beloved institution. The NHS has been under sustained assault for decades – budget cuts, overt and stealth privatisation, etc. But one of its crown jewels has been stubbournly resistant to being auctioned off: patient data. Not that HMG hasn't repeatedly tried to flog patient data – it's just that the public won't stand for it:

https://www.theguardian.com/society/2023/nov/21/nhs-data-platform-may-be-undermined-by-lack-of-public-trust-warn-campaigners

Patients – quite reasonably – do not trust the private sector to handle their sensitive medical records.

Now, this presents a real conundrum, because NHS patient data, taken as a whole, holds untold medical insights. The UK is a large and diverse country and those records in aggregate can help researchers understand the efficacy of various medicines and other interventions. Leaving that data inert and unanalysed will cost lives: in the UK, and all over the world.

For years, the stock answer to "how do we do science on NHS records without violating patient privacy?" has been "just anonymise the data." The claim is that if you replace patient names with random numbers, you can release the data to research partners without compromising patient privacy, because no one will be able to turn those numbers back into names.

It would be great if this were true, but it isn't. In theory and in practice, it is surprisingly easy to "re-identify" individuals in anonymous data-sets. To take an obvious example: we know which two dates former PM Tony Blair was given a specific treatment for a cardiac emergency, because this happened while he was in office. We also know Blair's date of birth. Check any trove of NHS data that records a person who matches those three facts and you've found Tony Blair – and all the private data contained alongside those public facts is now in the public domain, forever.

Not everyone has Tony Blair's reidentification hooks, but everyone has data in some kind of database, and those databases are continually being breached, leaked or intentionally released. A breach from a taxi service like Addison-Lee or Uber, or from Transport for London, will reveal the journeys that immediately preceded each prescription at each clinic or hospital in an "anonymous" NHS dataset, which can then be cross-referenced to databases of home addresses and workplaces. In an eyeblink, millions of Britons' records of receiving treatment for STIs or cancer can be connected with named individuals – again, forever.

Re-identification attacks are now considered inevitable; security researchers have made a sport out of seeing how little additional information they need to re-identify individuals in anonymised data-sets. A surprising number of people in any large data-set can be re-identified based on a single characteristic in the data-set.

Given all this, anonymous NHS data releases should have been ruled out years ago. Instead, NHS records are to be handed over to the US military surveillance company Palantir, a notorious human-rights abuser and supplier to the world's most disgusting authoritarian regimes. Palantir – founded by the far-right Trump bagman Peter Thiel – takes its name from the evil wizard Sauron's all-seeing orb in Lord of the Rings ("Sauron, are we the baddies?"):

https://pluralistic.net/2022/10/01/the-palantir-will-see-you-now/#public-private-partnership

The argument for turning over Britons' most sensitive personal data to an offshore war-crimes company is "there is no alternative." The UK needs the medical insights in those NHS records, and this is the only way to get at them.

As with every instance of "there is no alternative," this turns out to be a lie. What's more, the alternative is vastly superior to this chumocratic sell-out, was Made in Britain, and is the envy of medical researchers the world 'round. That alternative is "trusted research environments." In a new article for the Good Law Project, I describe these nigh-miraculous tools for privacy-preserving, best-of-breed medical research:

https://goodlawproject.org/cory-doctorow-health-data-it-isnt-just-palantir-or-bust/

At the outset of the covid pandemic Oxford's Ben Goldacre and his colleagues set out to perform realtime analysis of the data flooding into NHS trusts up and down the country, in order to learn more about this new disease. To do so, they created Opensafely, an open-source database that was tied into each NHS trust's own patient record systems:

https://timharford.com/2022/07/how-to-save-more-lives-and-avoid-a-privacy-apocalypse/

Opensafely has its own database query language, built on SQL, but tailored to medical research. Researchers write programs in this language to extract aggregate data from each NHS trust's servers, posing medical questions of the data without ever directly touching it. These programs are published in advance on a git server, and are preflighted on synthetic NHS data on a test server. Once the program is approved, it is sent to the main Opensafely server, which then farms out parts of the query to each NHS trust, packages up the results, and publishes them to a public repository.

This is better than "the best of both worlds." This public scientific process, with peer review and disclosure built in, allows for frequent, complex analysis of NHS data without giving a single third party access to a a single patient record, ever. Opensafely was wildly successful: in just months, Opensafely collaborators published sixty blockbuster papers in Nature – science that shaped the world's response to the pandemic.

Opensafely was so successful that the Secretary of State for Health and Social Care commissioned a review of the programme with an eye to expanding it to serve as the nation's default way of conducting research on medical data:

https://www.gov.uk/government/publications/better-broader-safer-using-health-data-for-research-and-analysis/better-broader-safer-using-health-data-for-research-and-analysis

This approach is cheaper, safer, and more effective than handing hundreds of millions of pounds to Palantir and hoping they will manage the impossible: anonymising data well enough that it is never re-identified. Trusted Research Environments have been endorsed by national associations of doctors and researchers as the superior alternative to giving the NHS's data to Peter Thiel or any other sharp operator seeking a public contract.

As a lifelong privacy campaigner, I find this approach nothing short of inspiring. I would love for there to be a way for publishers and researchers to glean privacy-preserving insights from public library checkouts (such a system would prove an important counter to Amazon's proprietary god's-eye view of reading habits); or BBC podcasts or streaming video viewership.

You see, there is an alternative. We don't have to choose between science and privacy, or the public interest and private gain. There's always an alternative – if there wasn't, the other side wouldn't have to continuously repeat the lie that no alternative is possible.

Name your price for 18 of my DRM-free ebooks and support the Electronic Frontier Foundation with the Humble Cory Doctorow Bundle.

If you'd like an essay-formatted version of this post to read or share, here's a link to it on pluralistic.net, my surveillance-free, ad-free, tracker-free blog:

https://pluralistic.net/2024/03/08/the-fire-of-orodruin/#are-we-the-baddies

Image: Gage Skidmore (modified) https://commons.m.wikimedia.org/wiki/File:Peter_Thiel_(51876933345).jpg

CC BY-SA 2.0 https://creativecommons.org/licenses/by-sa/2.0/deed.en

Hmm. I just noticed something odd: It seems like DuckDuckGo is utilizing AI Summaries for web results, and they don't allow you to turn this off.

In their "AI Features" settings tab, you can only toggle their AI Chat and their AI Quick Answers that occasionally pop up. There is ZERO mention of this feature, despite it being pretty clear (to me anyway) that they're using some type of neural computing to create those result summaries. (Hence the difference in descriptions for the #1 result with and without "fuck" added.)

Maybe something else is going on that I'm not aware of or don't understand, but it's certainly a disappointing amount of non-transparency from DuckDuckGo when they're trying to build a privacy-focused and trustworthy brand identity.

For Han, the more we lay ourselves out for public consumption, the more we turn into a makeshift art exhibit—an object meant purely for the enjoyment of others rather than a full agent capable of forming genuine bonds with other full agents in the world. Han states that the interplay between revealing aspects of ourselves to others while still keeping certain parts hidden—only to be possibly disclosed later—is an essential component of what he calls the eroticism of interpersonal connections. It is what maintains our agency, as we consciously decide who we will open up to, to what extent, and why. The demand for transparency—the total, naked display of our entire selves to the whole world—robs us of this freedom. It leaves us both incredibly vulnerable and transformed into a kind of obscene object, with no part of us left unobserved or reserved for a chosen few. Ultimately, Han worries that if we continue down this path of forced public intimacy, we risk commodifying our deepest and most fragile parts, serving them up for others to consume like a buffet of our deconstructed soul—all while we become ever lonelier for lack of real, committed connections with others

Ok remove.bg is a fucking godsend for sticker making.

An open letter to the U.S. Congress

Stop Elon Musk from stealing our personal information!

6,399 so far! Help us get to 10,000 signers!

I am writing to urge you to stop Elon Musk from stealing our personal information.

It appears Musk has hacked into millions of Americans’ personal information and now has access to their taxes, Social Security, student debt and financial aid filings. Musk's so-called Department of Government Efficiency was not created by Congress—it is operating with zero transparency and in clear violation of federal law.

This violation of our privacy is causing American families across the country to fear for our privacy, safety and dignity. If this goes unchecked, Musk could steal our private data to help in making cuts to vital government programs that our families depend on—and to make it easier to cut taxes for himself and other billionaires.

We must have guardrails to stop this unlawful invasion of privacy.

Congress and the Trump administration must stop Elon Musk from stealing Americans' tax and other private data.

▶ Created on February 10 by Jess Craven · 6,398 signers in the past 7 days

📱 Text SIGN PUTWGR to 50409

🤯 Text FOLLOW JESSCRAVEN101 to 50409

Oh yeah, I did finally get around to setting up a Mastodon account, in case anyone might want to follow over there. It's very new and pretty much a ghost town so far.

Getting going with streaming seemed like as good an excuse as any to go ahead and try to get something else going well away from the dumpster fire formerly known as Twitter. I haven't even checked in over there for months now, and really didn't want to now.

Also wanted some new accounts never connected in any way to my wallet name, living now in a country where (a) I am literally the only person with that name, and (b) that's plenty to find my actual apartment and mobile number through readily available public records. 🫠

hey maybe don’t talk to the qsmp datamine bot! i know it’s literally a thing that the federation is weird and invasive and definitely stealing the islanders data but bringing that out of the roleplay story world is…weird to say the least. especially in this era where internet privacy is basically nonexistent. it just sets a weird precedent

as excited as I am for wdapteo, i feel a little wary of the continued series. They curate it, but still the first wdapteo contained messages that they never intended to make public, and thus, the most honest. Each subsequent one is enjoyable, but I can't shake the feeling that they're somewhat aware throughout the year that some of these messages will be public, ykwim?

Idk, given they're seasoned creators, they're okay with it and know how to navigate it to curate and yet keep the video authentic. It's not a good or bad thing. I just had this observation and wondered if anyone else felt the same

anon i hear ya but im just giggling over the idea of dan and phil texting each other nonsense like "splurg" "glorp" and going hehehe the fans will love this

Ill jopefully get to reqs tomorrow (I jumped to the one by bloodmoon bc 📯 is a mutual who appealed directly to my interests, sorry :'3 )

for now, goodnight you goober xoobers /affectionate

I keep seeing that post that’s like “everything should be open source, cars don’t weld the hoods shut so you can’t look at the engines” and while I get what the post is trying to say the metaphor always throws me bc cars def straight up have a bunch of embedded computer units in them w a lot of inaccessible source code

Top Social Media Trends in 2023: What to Watch For

Stay ahead of the game with top social media trends in 2023! From user-generated content to AI and privacy, unlock the keys to success in the ever-evolving digital landscape. #SocialMediaTrends #2023Trends

The social media landscape is a dynamic and ever-changing space, and as we enter 2023, it is crucial for brands to stay ahead of the curve. With new advancements and shifts in user behaviour, understanding the latest trends will empower brands to leverage social media effectively, connect with their target audiences, and achieve their business goals. In this article, we explore the top social…

View On WordPress

Video brings Awareness...

NOTE...

It is concerning to know that many new cars are sharing data with third-party companies without the knowledge of their customers. The lack of transparency in this practice is alarming, especially when personal information is being shared without consent. When connecting your phone via Bluetooth, even more information is being shared without your awareness. It is important to look into not just one site, but other companies as well, to understand the extent of data sharing. This information is not only going to third-party companies, but also to insurance companies. It is crucial for customers to be informed about how their data is being used and shared to protect their privacy.

#Telegram Gave Authorities Data on More than 20,000 Users

Telegram gave authorities the data on 22,777 of its users in the first three months of 2025, according to a GitHub that reposts Telegram’s #transparency reports.That number is a massive jump from the same period in 2024, which saw Telegram turn over data on only 5,826 of its users to authorities. From January 1 to March 31, Telegram sent over the data of 1,664 users in the U.S.

#privacy #tracking #security

Data Without Discipline: Shaping Trust and Growth Through Governance & Compliance.

Sanjay Kumar Mohindroo Sanjay Kumar Mohindroo. skm.stayingalive.in How clear rules and smart frameworks turn messy data into a strategic asset Strong data governance and compliance frameworks secure data quality, protect privacy and boost trust in a data-driven world. In a world brimming with data, managing it well is not a luxury but a must. Data governance and compliance are the twin…

I know we all know this, but it feels important to repeat that when they say "brainwash" or "digital fentanyl" or "mind virus," they are talking about ideas. Ideas they want to supress. Thoughts they don't want you to have.

They come up with menacing nicknames because they know--they know--that when their plans are stated plainly, those plans are clearly bad.

Digital WHAT!!!!