Study Shows Machine Learning Can Expose Health Information


Staff member
Mar 3, 2018
A recent study from Berkeley shows that machine learning can be used to connect anonymized health data from different sources, potentially identifying users in that data and violating federal HIPAA regulations. This specific study took physical activity data from health monitor/smartwatches and other basic information employers might have access too, as well as readily available data from health organizations, fed it all to a machine learning algorithm, and got new data that was more than the sum of its parts. Unfortunately, the study looks like the tip of an iceberg, as the researchers say there are other dangerous scenarios a machine algorithm could potentially be used for, and suggest that reforms to healthcare privacy laws are needed soon. Thanks to TechXplore for spotting the study.

Using large national physical activity data sets, we found that machine learning successfully reidentified the physical activity data of most children and adults when using 20-minute data with several pieces of demographic information. Partial aggregation of the data over time (eg, reidentifying daily-level physical activity data) did not significantly reduce the accuracy of the reidentification. These results suggest that current practices for deidentification of PAM data might be insufficient to ensure privacy and that there is a need for deidentification that aggregates the physical activity data of multiple individuals to ensure privacy for single individuals.
Nightmare. This is only useful for identifying people with pre-existing conditions in order to avoid them (which should be illegal) or identifying people with pre-existing conditions that you want to market to (which is sleazy).
This is only useful for identifying people with pre-existing conditions in order to avoid them (which should be illegal) or identifying people with pre-existing conditions that you want to market to (which is sleazy).

This is what "23 and me" is for and people opt into that.
Nightmare. This is only useful for identifying people with pre-existing conditions in order to avoid them (which should be illegal)

It should be considered that "pre-existing condition" applies to insurance coverage, which is strictly a for profit investment industry. It does not apply to actual health care. Nobody is going to be denied health care for a condition they already have. They will be denied the right to lose money of someone else who is trying to profit from them.

If you have many speeding tickets or vehicle accidents, you may be denied automobile insurance because of a pre-existing condition. If you have a dog that is identified as a aggresive breed and has a history of attacks you may be denied homeowners insurance because of a pre-existing condition.

I think it's important to point this out, in order understand the role that insurance companies are playing in this (and consider what expectations we should have of them). Additionally, one can search "high risk pool fund" to see how federal and state governments set aside money to specifically cover people who would be a loss to insurance companies.

If treatment of afflicted people is the primary concern, I don't think the gate keepers should be an industry entirely designed to make profit. Additionally, it might be worth noting that prior to 1973, the medical industry itself could not focus on making a profit.

Wikipedia said:
The Health Maintenance Organization Act of 1973 written and pushed by Kaiser Permanente, had the effect of allowing medical care services, which previously had been uniformly nonprofit, to be performed on a for-profit basis for the first time in the United States. The principal sponsor of the federal HMO Act was Sen. Edward M. Kennedy (MA).
This is what "23 and me" is for and people opt into that.

I'm somewhat worried about the behind the scenes motivations of these companies. They could be like Google or Uber where externally they offer the customer a service or product that is very enticing, but the back end function is to sell data about those customers to other companies. With Google it's widely known. Most people do not know that Uber is a "big data" company.

Fox News said:
Law enforcement’s new partnership with genetic genealogy made 2018 a year of profound impact in how years-old cold case murders and rapes are investigated and solved.

Detectives across the country said they were able to locate suspects in 28 cold cases this year after uploading crime scene DNA to, a public genealogy website, obtaining a match and then letting a genealogist create family trees through painstaking research that ultimately led to a suspect.

Governments are using the data provided by these DNA testing companies to solve crimes without you realizing you are being given to them. They can also use similar tactics like they use with cell phone "stingrays" where they use the Stingray to catch you doing something and then with that knowledge find a way to more legitimately charge you with a crime. For example they may find that you are texting a known drug dealer and know that you are planning on delivering drugs. Then they pull you over for a "routine traffic stop" and low and behold they found drugs, man they were just as surprised as you were. They don't have to reveal that the Stingray was used, because the traffic stop provided the probable cause.

Going back to 23 And Me. The founder is Anne E. Wojcicki. She is the sister of Susan Wojcicki who was a founder of Google and CEO of YouTube. Anne was also married to Sergey Brin who is also a founder a Google. So she is surrounded by family that is VERY adept at the art of giving people a product they enjoy using, and then profiting off those people on the back end.

Solving murder is good I guess. But we might need some regulation on this. For example, a company can PATENT DNA sequences. Thankfully in 2013, the US Supreme court had the sense to outlaw patenting DNA sequences that exist in living organisms. Prior to that companies had actually been given patents and sole rights to DNA sequences that you may very well have had in your body. We shouldn't be afraid of this, and I'm by no means against modifying life to be better. But we need to have due diligence because otherwise someone else might become a super mutant super hero.....before me, and that's not fair.
So I go to my PO Box to check the mail and there's a letter from the University of Vermont Health Network, which services us here in my local upstate NY location. Turns out it's a notice about a recent incident exposing personal data at my local hospital. Problem is, while it was addressed to my PO Box no., it was to the attention of a Jennifer G. Last time I looked (or copped a feel), I was still a guy though.

Machine learning? In a world chock full of GIGO? Right.
might want to check and see if she (a name) filed under your insurance. There is a lot of that going on. I got 2 bills from a colon test. I was for me and one was for a totally different person on the same day and the services and amounts were different.