Google’s Project Nightingale Sparks Privacy Concerns
First Fitbit, now Project Nightingale
Two weeks ago, Google had announced the plan to buy Fitbit for $2.1 billion. Citing privacy concerns, many users have already started to look out for alternatives as a safer option than their Fitbit. Now in a recent development, a whistle-blower has brought Google’s Project Nightingale into the limelight.
What is Project Nightingale?
Google had partnered with Ascension Healthcare, the second-largest healthcare provider in the US, in a venture called Project Nightingale. The main plan behind this project is to transfer personal health data of millions of patients to the giant technology company’s cloud-based platforms. Ascension has a Catholic network of 2,600 hospitals, clinics, and other medical outlets, spanning 21 states involving more than 50 million medical records. Secret negotiations began a year ago, and thus far 10 million medical files have been uploaded. The transfer is scheduled to be completed by March 2020.
The records being transferred include the names of patients, personal data such as addresses, employer, and medical record numbers. Additionally, Google will have access to sensitive surgical reports and detailed pathology reviews of tissues.
Concerns of Privacy
For the past two decades, Google has been facing accusations of repeated privacy violations. The recent entry into the healthcare domain has raised many eyebrows in the industry. Google has also been in collaboration with the Royal Free National Health Service Foundation Trust in the UK, DeepMind Technologies, and the University of Chicago Medical Center.
Though Google says it will be transparent with the Fitbit data it collects and the health data will not be used for Google ads, privacy remains a concern with critics and users. Google has also planned to provide Fitbit users with the choice to review, move, or delete their data. In spite of all these features, privacy continues to be a bug with the users.
In a recent development in the privacy world, many critics are worried about Project Nightingale. Experts are troubled by the secrecy in which the negotiations had been conducted and the unprecedented nature of the size and type of information being shared. At no time did Ascension or Google made an attempt to inform the doctors or their patients or obtain their consent.
The whistleblower also expressed concern about the data being shared, which is already accessible to more than 150 Google staff and could potentially, through negligence or intent, be hacked or released. An accidental breach of the data or intentional sharing of the most intimate and private information can have a devastating impact on the lives of millions of people.
How can Health Data Benefit Google?
The data collected from Fitbit and the cloud platform can add up to give the necessary input for the Google in designing artificially intelligent models, which could be used to predict users’ health, based on their day to day activities.
Few experts also feel the data can be used for advertising the health-related products as there are no guidelines on how these data must be used and the insurance companies can also make huge profits based on this data.
Guidelines to Handle the Sensitive Data
The Health Insurance Portability and Accountability Act of 1996 (HIPPA) was created to stipulate how personally identifiable information had to be maintained by the healthcare and insurance industries to protect them from fraud and theft. The deidentification of the patients is mandatory while sharing the data, which was not clearly followed in the merger. Following these reports, lawmakers have jumped in the fray, suggesting the arrangement between Google and Ascension runs contrary to federal privacy. Legislators have called for a moratorium on Project Nightingale until further investigations into the nature of these arrangements can be conducted.
Healthcare in the United States is a multi-trillion-dollar industry, the present collaboration between Ascension Healthcare and Google intends to be a bonanza for Google and its AI programs. Engineers require large troves of accurate data to improve predictions in their AI algorithms. Access to Ascension’s data files linked to real names and identifications will allow them to prospectively analyze their predictions and arrive at accurate results. Tougher updated laws and fines could deter these types of data sharing as these moves affect the privacy of the entire population of a country.
But the question remains, what more are companies like Google hiding from us and who are the stakeholders at risk of losing their privacy? The future holds the answers.