More than 40 companies, ranging from the world’s largest management consultancies and pharmaceutical groups to a data company co-founded by a member of the Sackler family, have received years of detailed medical records from English hospitals, a Financial Times analysis has found.
There are at least 100 different NHS data sets that have been shared with companies, ranging from the broad Hospital Episode Statistics (HES) database that lists every single patient who was admitted, their diagnosis, treatment and any outpatient appointments, to narrower sets of data on emergency care, mental health, mortality, cancer waiting times, sexual health and maternity services.
How the NHS uses and shares data has become a priority for the government, especially since the start of the coronavirus pandemic, with officials repeating the mantra that “data saves lives”.
Last month, the health department released a draft strategy promising to improve access to NHS patient data for researchers, so they can “provide innovative solutions” on everything from drug discovery to shielding programmes.
The NHS is also considering how to pool the medical records of 55m patients registered at local GP clinics into a single database that will also be shared with third parties.
But the FT’s analysis of the NHS Digital Data Release Register over the past five years, since it started publishing complete records, raises concerns over potential conflicts of interests and a lack of transparency about what happens to the data after it is shared.
Most of the third-party recipients of the data are public bodies, such as Transport for London, local councils and universities, which use it for planning and research purposes.
But sensitive patient data was also shared with 43 different commercial organisations including McKinsey & Company, KPMG, Novavax, AstraZeneca and marketing firm Experian. These accounted for 13 per cent of the total recipients of data.
Any organisation can apply for access to NHS patient data by following a stringent procedure to prove that it can keep it secure, and will use it solely for improving the health of English patients. The data is also pseudonymised, meaning that identifying information such as names and NHS numbers are removed.
Rory Collins, chief executive of UK Biobank, a genetic database of half a million UK patients and a professor of medicine and epidemiology at Oxford university, said that while records only stretch back five years, hospitalisation data had been available to third parties “for decades” and that “it is incredibly valuable for managing the health service and also for doing research”.
But the FT found that insights from the data were often shared or sold on to other commercial entities and providers that use it to price products being sold back to the NHS, or conversely restrict the NHS’s access to analysis of its own data, creating conflicts of interest. Among the biggest criticisms focused on the opacity around the data’s fate after it leaves the NHS’s servers, and the lack of an auditing trail beyond the companies on the register.
“The idea of data going beyond the control of the NHS and not knowing where it ends up, concerns people,” said Natalie Banner, lead of Understanding Patient Data, a health data initiative by the Wellcome Trust. “Health data is particularly sensitive because it is a really precious relationship, collected in the context of your doctor; it makes it feel particularly distressing.”
To examine which groups have benefited from the NHS’s vast patient data trove, the FT compared the recipients in the 14 months before the onset of the pandemic with the same period since.
IQVIA, a little-known US data company formerly known as IMS Health and co-founded by drug mogul Arthur Sackler, received the most data in the post-pandemic period.
IMS Health was well known for tracking the detailed prescribing habits of doctors in the US on behalf of drug companies, including Purdue Pharma, which was founded by the Sackler family and was responsible for the widespread distribution of OxyContin.
The specifics of what IQVIA provides its commercial clients are not clear from its NHS disclosures, but it says it has used this data for at least 28 projects in 2020 alone, to provide analysis to pharmaceutical and medical companies and to the NHS’s various bodies.
IQVIA also purchases medicines supply data from NHS hospital pharmacy systems, then sells an aggregated data set on to drug companies.
But in an example of the power asymmetry between private sector companies and the NHS, the health service’s own access to IQVIA’s data set is restricted according to research in the British Medical Journal by the doctor and academic Ben Goldacre. In certain cases, the NHS cannot even release data to UK regulatory bodies without prior permission from IQVIA.
“This hospital medicines supply data already exists. It is provided by NHS hospitals to the drug industry for marketing purposes,” Goldacre wrote. “But the restrictive terms of the [agreement] mean that we are unable to use it for open audit to improve quality, reduce avoidable expense, and make prescribing safer in hospitals.”
Since the pandemic began, the NHS has accelerated its data sharing, with the number of corporate recipients rising to 29 between April 2020 and May 2021, from 21 in the same number of months before the pandemic.
These numbers do not include companies, such as the data analytics group Palantir, that were given access to health data under emergency measures last year for pandemic-related work.
Health data has provided the NHS with critical insights under extreme pressure, for instance identifying dexamethasone as an emergency treatment for Covid-19, a breakthrough that has to date saved 22,000 lives in the UK and another 1m worldwide.
“The [coronavirus] vaccine rollout could not have been delivered without effective use of data,” said Simon Bolton, chief executive of NHS Digital. He added that the data could only be accessed by organisations using it for healthcare planning and research purposes, and that this would be overseen by the NHS.
Critics argue that patients are often unaware of the NHS’s data-sharing practices, and even if they withhold consent it can be difficult to prevent their data from being disseminated externally.
While the NHS provides a “national data opt-out” option for patients, it still shared full, pseudonymised data sets with external organisations in 84 per cent of instances when opt-outs had been exercised.
“The fact it is being used at 10-20 per cent effectiveness is horrendous. Patients must have confidence that if they have expressed opt-out that will be respected,” said Phil Booth, head of the medical privacy campaign group MedConfidential.
The NHS said it had primarily ignored opt-outs in cases when patients are not identifiable because names and NHS numbers had been removed from individual records that were shared. Researchers have questioned how effective this type of “pseudonymisation” is in genuinely protecting privacy.
Campaigners also worry that while the NHS stipulates in its contracts with third parties that it will track where the data ends up, this is impossible in practice.
“There is no end-to-end audit or transparency on all of the users of the data. There are black holes here. We need to see comprehensively all the flows of data,” said Booth.
For instance, British medical data company Compufile Systems states that its data analytics services are offered to at least seven “medical device, medical supply and life science companies”. It is unclear if the NHS receives any proceeds from its valuable data sets being used to develop commercial products.
The company said there was “mutual benefit” to both parties because “the pharmaceutical company builds reputation and strengthens relationships with their customer [the NHS]”. It did not respond to request for comment.
In another case, a company called La-ser Europe, owned by US drug development firm Certara, used hospital data last year to study a specific subpopulation of haematological cancer patients. The study was funded by global biotech firm Amgen, which manufactures therapies for these cancers.
While the company claims that the data will not be used “primarily” for marketing purposes, it acknowledges that Amgen could use the NHS data to price its products, and to lobby for recommendations from NICE, the independent agency that approves NHS funding for new treatments.
“What are the financial relationships here? Some drugs are very expensive and a pharmaceutical company may be trying to get its drug approved by NICE,” said Booth. “The best way to do that is to prove there is demand for it. If this particular type of cancer is underserved, you can use that to lobby NICE to get your drug and then make some money. That is a possible interpretation.”
Wellcome Trust’s Banner suggested that NHS Digital could provide a health data “bill”, similar to a council tax bill that shows what your contribution has been spent on.
To this end, health economists have been trying to establish how to value health data, and therefore protect the NHS from being exploited by the private sector. Some have suggested that a fair return for the NHS would be if any financial proceeds from its health data are ringfenced for public health and social care.
Annemarie Naylor, who until recently was the director of policy and strategy at Future Care Capital, a health policy charity, said: “We all want innovation in treatments and more preventative health service that is cost effective, but we want to be assured no one is benefiting disproportionately and giving away our data, rather than [it] being deployed strategically by the government.”
The UK campaign group MedConfidential pointed us to the NHS Digital Data Release Registers, which were used to conduct this FT analysis.
S Korea parliament committee votes to curb Google, Apple commission dominance
A South Korean parliamentary committee voted early on Wednesday to recommend amending a law, a key step toward banning Google and Apple from forcibly charging software developers commissions on in-app purchases, the first such curb by a major economy.
After the vote from the legislation and judiciary committee to amend the Telecommunications Business Act, dubbed the “Anti-Google law,” the amendment will come to a final vote in parliament.
That vote could come on Wednesday https://www.reuters.com/technology/skorea-set-curb-google-apple-commission-dominance-2021-08-24, although South Korean news agency Yonhap reported that parliament would act at a later date.
A parliament official told Reuters the office had not yet received an official request not to hold the meeting on Wednesday.
Apple Inc and Alphabet Inc’s Google have both faced global criticism because they require software developers using their app stores to use proprietary payment systems that charge commissions of up to 30per cent.
In a statement on Tuesday, Apple said the bill “will put users who purchase digital goods from other sources at risk of fraud, undermine their privacy protections”, hurt user trust in App Store purchases and lead to fewer opportunities for South Korean developers.
Wilson White, senior director of public policy at Google, said “the rushed process hasn’t allowed for enough analysis of the negative impact of this legislation on Korean consumers and app developers”.
Legal experts said app store operators could work with developers and other companies to create secure payment methods other than the ones they provide.
“Google and Apple aren’t the only ones that can create a secure payment system,” said Lee Hwang, a Korea University School of Law professor specialising in competition law. “I think it’s a problem to try to inspire excessive fear by talking about safety or security about using different payment methods.”
Based on South Korean parliament records, the amendment bans app store operators with dominant market positions from forcing payment systems on content providers and “inappropriately” delaying the review of, or deleting, mobile contents from app markets.
It also allows the South Korean government to require an app market operator to “prevent damage to users and protect the rights and interests of users”, probe app market operators, and mediate disputes regarding payment, cancellations or refunds in the app market.
This month in the United States, a bipartisan group of senators introduced a bill that would rein in app stores of companies that they said exert too much market control, including Apple and Google. REUTERS
US and Chinese tech juggernauts battle over ASEAN clouds
Amid the great U.S.-China tech divide, Southeast Asia and its fast-growing digital markets have become a main battleground for the digital behemoths of both superpowers.
There, Amazon.com, Microsoft, Google, Alibaba Group Holding and other players are investing heavily in cloud computing — services that provide processing power and data storage to all sizes of corporations and government institutions.
A massive 170,000-sq.-meter structure is going up in Tanjong Kling, about a 20-minute drive from Singapore’s city center. The 11-story building is taking on the appearance of a vast logistics center or warehouse. However, strict security teams and surveillance cameras around the site betray a much more critical piece of infrastructure. As a reporter pulled out his smartphone to take a photograph of the construction site, a security guard rushed up and warned, “This is private property. No photos allowed.”
Once completed, the “private property” facility will be filled by rows and rows of servers hosting hundreds of millions of internet users’ sensitive personal information. It will be Facebook’s first custom-built data center in Asia. The company has announced it will invest 1.4 billion Singapore dollars (US$1 billion) in the project.
It is one of many data centers that global tech giants are building in Southeast Asia. With a stable political system, an abundance of skilled tech workers and its connection to an undersea communications cable that links to the rest of the world, Singapore has become a prime spot for the big players of tech vying for slices of Southeast Asia’s swelling need for cloud services.
According to real estate service company Cushman & Wakefield, Singapore data centers have 410 megawatts of capacity, with another 170 megawatts on the way, making the city-state a global hub for data, matching the likes of Frankfurt and Chicago.
But Singapore stands out in that it is also a strategic foothold for Chinese tech companies such as Alibaba and Tencent, who are competing for the same clients.
Amazon is the global leader among cloud service providers. Its Amazon Web Services (AWS) controlled more than 30% of the worldwide market in the second quarter of 2021, according to research company Canalys. It is currently adding infrastructure in Jakarta, Indonesia, which is expected to be operational by the end of 2021 or early 2022.
The data centers will be AWS’ second location in Southeast Asia. AWS centers have been operating in Singapore since 2010.
“AWS sees tremendous potential in Southeast Asia,” Conor McNamara, AWS’ managing director for ASEAN operations, said via email. “Across the board, we see all segments, including startups, enterprises, and small and medium-sized businesses, continuing to drive cloud adoption.”
Microsoft, the world’s second-largest cloud service provider, early this year announced it would establish data centers in Indonesia and Malaysia. It is bullish on the region’s growth potential.
“If you look at Southeast Asia, [there are] 650 million people, that makes it [almost] 50% bigger than in the European Union [446 million],” Microsoft Asia President Ahmed Mazhari said. And the region’s “mobile penetration and mobile-first approach that is unparalleled in the world.”
Mazhari also sees ambition. “We continue to see growth traction from somebody that wants to go from idea to building a unicorn, to micro SMEs, to the biggest enterprise of the world,” he said.
Alibaba, No. 4 in the global cloud service market, behind Amazon, Microsoft and Google, in June announced it would invest up to $1 billion over the next three years to nurture developers and support Asia-Pacific startups. “We are seeing a strong demand for cloud-native technologies in emerging verticals across the region, from e-commerce and logistics platforms to fintech and online entertainment,” Jeff Zhang, president of Alibaba Cloud Intelligence, said in a news release.
The company’s cloud division launched its third data center in Indonesia and plans to launch one in the Philippines this year.
Cloud services are becoming a revenue pillar. In the second quarter of this year, the global market was worth $47 billion, up 36% from the year-earlier period, according to Canalys.
AWS’ net sales grew to $14.8 billion in the same quarter, up 37% from the year-earlier period, with AWS accounting for more than half of Amazon’s consolidated operating income.
Microsoft’s Azure revenue grew 51% during the quarter ended June.
Until recently, the global market has been bifurcated.
In China, Alibaba and Tencent have been able to dominate mainly due to restrictions imposed upon foreign tech companies. In the West, Amazon, Microsoft, Google and other players rigorously compete.
In recent years, however, Alibaba has been pushing into the West, including the United States. However, this ambition is dimming as Washington is increasingly concerned over possible security risks for companies that avail themselves to Chinese cloud services.
Amid this global dichotomy, Southeast Asia has emerged as a battleground where Chinese and Western companies “can compete with each other,” said Kevin Imboden, senior research manager of Data Center Insights, Global Research, at Cushman & Wakefield.
The cloud service providers’ intertwined customer lists in the region reflect intense competition.
Amazon and Microsoft provide cloud services to Singapore-based supper app Grab, according to both companies. Alibaba on its website boasts of having Indonesian e-commerce leader Tokopedia as a key cloud customer, and Amazon says AWS also provides services to Tokopedia.
Among the region’s unicorns, startups with valuations of $1 billion or more, Carsome, a Malaysia-based used car marketplace, and Carro, a Singapore online car sales platform, use AWS. Bukalapak, one of Indonesia’s largest e-commerce platforms and Tokopedia competitor, uses Microsoft’s Azure. Alibaba is one of Tokopedia’s largest shareholders, and Microsoft has stakes in Grab and Bukalapak.
U.S. and Chinese cloud companies “are very focused on acquiring market share,” Imboden said, even “at the expense of profit.”
According to Google, Temasek Holdings, and Bain & Co., the gross merchandise value of the region’s internet economy is expected to grow threefold, to $300 billion, by 2025 from 2020. Cloud services, which serve as the infrastructure of this burgeoning ecosystem, will surely expand, too.
However, geopolitical risks are also emerging.
According to a report by China’s Caixin news service, Chinese internet technology company ByteDance, which owns TikTok, has stopped using Alibaba’s cloud for its businesses outside China.
Last year, the Trump administration attempted to ban the popular social media app in the U.S., citing security risks. In June, U.S. President Joe Biden withdrew a series of executive orders related to the banning of TikTok but ordered a broad security review of apps connected to “foreign adversaries,” including China.
Alibaba on Aug. 3 announced cloud computing revenue of 16.05 billion yuan ($2.48 billion) for the quarter through June, up 29% from a year earlier. However, the company’s earnings release states that the cloud computing division’s “year-on-year revenue growth began to moderate since the last quarter primarily because of revenue decline from a top cloud customer in the Internet industry that has stopped using our overseas cloud services with respect to their international business due to non-product related requirements.”
Eric Schmidt, a former Google CEO and the chair of the U.S. National Security Commission on Artificial Intelligence, wonders if Alibaba can attract clients in the West. “Alibaba Cloud and so forth are good enough that you could build on the Chinese side, but you are not going to use them in the West. Similarly, American clouds are very, very good, but you can’t use them in China,” he recently told Nikkei Asia.
“As an entrepreneur, you would prefer to have one [cloud provider] but you live with two [one in China and one everywhere else].”
While well-funded unicorns and large corporations can minimize risks by dividing their cloud needs between Western and Chinese companies, many small and mid-size companies, as well as startups, lack the wherewithal to follow suit.
With American and Chinese players competing for slices of Southeast Asia, businesses in the region “need a geopolitical strategy” and might even have to “pick sides,” said Abishur Prakash, a geopolitical futurist at Toronto-based consultancy Center for Innovating the Future.
“What is your long-term strategy? What geographies do you plan to operate in? Which consumers do you want to access the most?” he asks. “Those should be the vectors that you [use to] decide whose cloud computing infrastructures to use.” NIKKEI
Authorities warn of scammers impersonating officers from government agencies, police
Scammers have been targeting members of the public by calling them and claiming to be officers from government agencies, said the Immigration and Checkpoints Authority (ICA) on Friday (Aug 13).
In an advisory, ICA said members of the public have received calls from +65 6812 5555, similar to its SafeTravel Enquiries Helpline (6812 5555).
“They accused the recipients of either spreading fake news related to COVID-19 or breaking COVID-19 rules, further saying that a report would be made against them or they had to pay a penalty,” said the authority. “This is a scam.”
ICA added that the calls were not made by ICA officers or officers from any other government agencies, and that it “does not call members of the public to request money in any form over the phone”.
The public is advised to ignore the calls and the caller’s instructions should they receive them.
No government agency will request for personal details or transfer of money over the phone or through automated voice machines, said ICA.
“Scammers may use caller ID spoofing technology to mask the actual phone number and display a different number. Calls that appear to be from a local number may not actually be made from Singapore,” said ICA.
“Do not provide your personal information such as name, identification number, passport details, contact details, bank account or credit card details to suspicious or unknown parties.”
The authority said it takes “a serious view of such scam calls as it undermines public trust in ICA”, adding that a police report has been made.
SCAMMERS IMPERSONATING POLICE OFFICERS
Separately on Friday, the Singapore Police Force (SPF) said there have been at least 200 reports of banking-related phishing scams where police officers were impersonated.
In a news release, SPF said scammers have been posing as police officers on messaging apps by using publicly available pictures of officers to validate their identity so that the victims would provide their banking details.
The victims received WhatsApp calls from an account with a profile picture showing police officers. During the conversation, the scammer would also provide an SPF name card as proof of identity.
“The victims would be informed that their bank accounts had been found to be involved in criminal activity and were frozen,” said SPF.
The scammer would instruct victims to provide their banking details under the pretext of facilitating the release of their bank accounts.
“Victims only realised that they had fallen prey to a scam when they received notifications informing them that money had been transferred from their bank accounts to bank accounts unfamiliar to them or when they discovered unknown transactions made using their credit or debit card,” said the police. CNA
Three Australian publishers accuse Facebook of unfairly taking their content
Three Australian publishers of lifestyle content say Facebook Inc used their articles on its just-launched news service after refusing to negotiate licensing deals, and that the country’s tough new internet law has failed to protect them.
Australia this year passed a law that pressured Facebook and Alphabet Inc’s Google to sign deals with some of the country’s biggest news companies by threatening government intervention.
The dispute highlights possible shortcomings in the controversial law. While most of Australia’s main media firms have signed deals, some smaller outlets say the law has not stopped their content generating clicks and advertising revenue for Facebook without compensation.
Broadsheet Media, Urban List and Concrete Playground, websites which publish entertainment news, reviews and listings, say that after the law was passed in February they approached the social media giant about payment for their content.
Facebook knocked them back, calling their content unsuitable for its Facebook News platform and recommending they apply for grants it was offering from a A$15 million (US$11 million) fund for Australian regional and digital newsrooms, the three companies told Reuters in a joint call.
“They told me that, ‘oh well, you’re not going to be included in News tab and that’s what we’re paying for’,” said Nick Shelton, founder of Broadsheet Media.
“To our surprise, we woke one morning last week and all of our content was there.”
Facebook News went live in Australia on Aug 4.
Facebook declined to comment directly on the three companies but said it created value for publishers by sending viewers to their sites.
Under the law, Facebook and Google must negotiate payment deals with outlets or a government-appointed arbitrator will do it for them, but a publisher must first prove its primary purpose is producing news and that it has been unfairly disqualified.
The three publishers said they want Facebook to come to the table to talk but if it declined they may seek government intervention.
“If at the end of the day we don’t get included in a commercial agreement, then absolutely they need a stick,” said Shelton. “We are three prime examples of publishers and media businesses which should be included as part of this framework.”
To be covered by the law, publishers must register as a news provider with the Australian Communications and Media Authority “based on criteria including the levels of ‘core news’ (essentially public interest journalism) that they produce”, the Australian Competition and Consumer Commission (ACCC), which drafted the law, said in an email.
Urban List has registered on the list. Broadsheet and Concrete Playground have yet to register, saying they want to hold out for a private deal.
Tama Leaver, a professor of internet studies at Australia’s Curtin University, said that while Facebook had not broken the law as the matter was not yet before arbitration, its apparent treatment of the three publishers was “extremely poor practice, disingenuous and further disadvantages the smaller players in the news business arena”.
In a separate dispute, the ACCC has said it would look into a claim by The Conversation, which publishes current affairs commentary by academics, that Facebook has refused to negotiate a licensing deal. The Conversation has secured a deal with Google. REUTERS
Twitter Suspends pro Trump US Lawmaker for Covid Misinformation
Twitter said Tuesday it had suspended the account of controversial US lawmaker Marjorie Taylor Greene, a staunch supporter of former Republican president Donald Trump, for a week over a “misleading” tweet on coronavirus vaccines.
The tweet in question, sent on Monday, said the US Food and Drug Administration should not give final approval to anti-coronavirus vaccines, with Greene saying they were “failing” and did not curb the spread of the virus.
Twitter labeled the message “misleading” and suggested that users consult information provided by US health authorities about vaccines and mask-wearing.
“The tweet you referenced was labeled in line with our Covid-19 misleading information policy,” a Twitter spokesperson said in a statement to AFP.
“The account will be in read-only mode for a week due to repeated violations of the Twitter rules.”
If the first-term Georgia congresswoman were to break the rules again, she could face a permanent ban.
Greene accused Twitter of suspending her for “speaking the truth, and tweeting what so many people are saying.”
The lawmaker has been a staunch defender of Trump and his unsubstantiated claims that Democrats stole the 2020 presidential election.
In February, she apologized for her past support for QAnon conspiracy theories but was stripped of her two committee assignments.
Then in May, she courted controversy by repeatedly equating mask mandates with Nazis forcing Jews to wear yellow stars in wartime Germany. AFP
New Child Safety Features for Google, YouTube
Google on Tuesday unveiled a series of online safety measures for children including a private setting for videos uploaded by teens and safeguard for ads shown to users under 18.
The new features, which come amid heightened concerns about online child exploitation and safety at a time of growing internet usage during the global pandemic, affect Google’s YouTube video platform as well its online services such as search and Google Assistant.
“As kids and teens spend more time online, parents, educators, child safety and privacy experts, and policy makers are rightly concerned about how to keep them safe,” said Google product and user experience director Mindy Brooks.
“We engage with these groups regularly, and share these concerns.”
Google’s “safe search” — which excludes sensitive or mature content — will be the default setting for users under 18, which up to now had been the case only for under-13 users.
On the massively popular YouTube platform, content from 13- to 17-year-olds will be private by default, the tech giant said.
“With private uploads, content can only be seen by the user and whomever they choose,” said a blog post by James Beser, head of product management for YouTube Kids and Family.
“We want to help younger users make informed decisions about their online footprint and digital privacy… If the user would like to make their content public, they can change the default upload visibility setting and we’ll provide reminders indicating who can see their video.”
Google will also make it easier for families to request removal of a child’s photos from image search requests.
“Of course, removing an image from search doesn’t remove it from the web, but we believe this change will help give young people more control of their images online,” Brooks said.
In another safety move, Google will turn off location history for all users under 18 globally, without an option to turn it back on. This is already in place for those under 13.
Google will also make changes in how it shows ads to minors, blocking any “age-sensitive” categories and banning targeting based on the age, gender or interests of people under 18. AFP
- Indonesian president’s approval hit by handling of pandemic: Survey 26/08/2021
- Indonesia’s B40 biodiesel plan faces new delay due to palm price 26/08/2021
- What is the Islamic State threat in Afghanistan? 26/08/2021
- S Korea parliament committee votes to curb Google, Apple commission dominance 26/08/2021
- The trailer for Spider-Man: No Way Home is out and is that Doc Ock we see? 26/08/2021