According to a Thursday report by CNBC, Facebook had recently been in negotiations with a number of top hospitals and other healthcare groups in the United States, including Stanford Medical School and the American College of Cardiology, to share patient data like details of their ailments and prescriptions without revealing their identity.
The purpose behind this data-sharing request was a Facebook-proposed research project, directed at helping healthcare facilities provide dedicated care or treatment to patients needing them the most.
The proposal, which never managed to make it beyond the planning phase, was put on hold in the wake of the massive “data breach” scandal involving British political consultancy firm Cambridge Analytica.
The social networking giant’s efforts to test the waters for the proposed data-sharing were led by cardiologist Freddy Abnousi.
The fact that personal details like name, age and address were not being sought by the social networking giant – which of late has been in the news for all the wrong reasons – might make you wonder what purpose the nameless medical records would serve.
Well, the plan was to match the hospital-shared information about patients’ illnesses and prescriptions with information already available on Facebook’s massive database, so that patients needing special care and treatment could be identified and targeted by health caregivers.
A technique known as hashing, which has been “one of the most effective tools commonly used to compress data for fast access and analysis, as well as information integrity verification,” would have made it possible for Facebook to effectively give a name and face to the hospital medical records.
The patients, however, were not informed of the proposed data sharing; hence, the question of patient consent does not even arise here.
Of course, this reignites the debate over data security and Facebook’s intentions behind amassing such a vast amount of user data, which it has not been able to protect, intentionally or unintentionally, in spite of Zuckerberg’s tall claims and pledges.
Last month, Facebook witnessed a sharp dip in its share value following the Cambridge Analytica scandal. The British firm, reportedly, misused information inappropriately gained from 50 million Facebook users to manipulate its client Donald Trump’s 2016 presidential campaign.
According to Zuckerberg, Aleksandr Kogan – a Cambridge University professor/researcher -developed an app and used it on Facebook to gather information from some 300,000 users on the pretext of a personality test, which the users voluntary shared along with their friends’ data, thereby giving Kogan access to tens of millions of FB accounts.
However, in a clear breach of trust, Kogan not only shared the data of the wilful participants but also the personal information of their friends with Cambridge Analytica, which, in turn, used the information to unfairly benefit Donald Trump’s 2016 presidential campaign.
Cambridge Analytica, however, has denied any wrongdoing on its part in regard to the alleged breach.
Coming back to Facebook’s medical data-sharing endeavors, Regina Dugan, who was head of Facebook’s “Building 8” experiment projects group until she left in October of 2017, had been working with Abnousi on the project.
In what appears to be an attempt to defend its actions, Facebook provided CNBC with a quote from Cathleen Gates, the interim CEO of the American College of Cardiology, in which she discusses the advantages of the proposed plan.
“For the first time in history, people are sharing information about themselves online in ways that may help determine how to improve their health,” reads Gates’ statement.
“As part of its mission to transform cardiovascular care and improve heart health, the American College of Cardiology has been engaged in discussions with Facebook around the use of anonymized Facebook data, coupled with anonymized ACC data, to further scientific research on the ways social media can aid in the prevention and treatment of heart disease – the #1 cause of death in the world,” says Gates.
“This partnership is in the very early phases as we work on both sides to ensure privacy, transparency and scientific rigor. No data has been shared between any parties,” she concludes.
“Consumers wouldn’t have assumed their data would be used in this way,” said Aneesh Chopra – President of health software company CareJourney and co-founder & EVP of Hunch Analytics.
“If Facebook moves ahead (with its plans), I would be wary of efforts that repurpose user data without explicit consent,” he added.
Here’s how Facebook explained the plan in another statement to CNBC.
“The medical industry has long understood that there are general health benefits to having a close-knit circle of family and friends.
But deeper research into this link is needed to help medical professionals develop specific treatment and intervention plans that take social connection into account.
“With this in mind, last year Facebook began discussions with leading medical institutions, including the American College of Cardiology and the Stanford University School of Medicine, to explore whether scientific research using anonymized Facebook data could help the medical community advance our understanding in this area. This work has not progressed past the planning phase, and we have not received, shared, or analyzed anyone’s data.
“Last month we decided that we should pause these discussions so we can focus on other important work, including doing a better job of protecting people’s data and being clearer with them about how that data is used in our products and services.”
Talking about the Cambridge Analytica debacle, Mark Zuckerberg acknowledged in a recent Facebook post that not only was this a “breach of trust between Kogan, Cambridge Analytica and Facebook,” but also a violation of the trust between the company and the people who expect Facebook to protect their data. “We need to fix that,” he assured.
Here are the key points of how Facebook intends to prevent “bad actors from accessing people’s information.”
One: Investigate old apps that had access to huge amounts of data and thoroughly audit all apps showing questionable activity.
Developers who do not agree to the auditing, or those found to have “misused personally identifiable information,” will be banned on the platform.
Two: Apps that users have not accessed for three or more months will be blocked from accessing user information. Also, the amount of data an app can access will be limited to username, profile photo, and email address. Any developer seeking more information will be required to get prior approval and also sign a contract.
Three: The Facebook privacy settings tool which allows users to revoke apps’ permissions to user data, will now appear on top of the News Feed, making it easier for users to keep track of the apps they have allowed to access their data.