Reservoirs of Patient Data: Next Generation’s Privacy Problem
posted by Danielle Citron
Patients of rare diseases find that drug companies have little interest in devoting limited R&D budgets to diseases of small populations. As a result, patients have begun to strike out on their own in the search of cures. As The New York Times explains, patients increasingly share their medical information (including details about their everday experiences living with a disease) online in the hopes that other similarly-situated patients will do the same. This would permit interested academic researchers to mine the data for observations about their diseases. Patients see online communities as offering new ways to transform medical research–especially into rare diseases that elude the current model of large-scale studies of widespread conditions.
Some experts are skeptical, asking how these sites will guarantee patient privacy. One imagines that these sites will respond to privacy concerns by employing anonymization practices. For instance, sites might delete personal identifiers like names and social security numbers and remove other potential identifiers, such as names of next of kin or student ID numbers. This ostensibly permits researchers to use the amassed data without concomitant privacy risks. But, as Paul Ohm’s important and engrossing new paper Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization argues, technology renders this privacy-protection option obsolete. Computing advances now permit clever adversaries to reidentify or deanonymize the people hidden in anonymized databases. This means that datasets that were meant to be kept apart are easily rejoined, allowing sensitive secrets to be revealed.
Patients may of course be willing to take that risk if their particpation in open-source research leads to cures of rare diseases. Yet patients also jeopardize their offsprings’ privacy: if medical information can be reidentified with ease and linked with other datasets, a patient’s children may get caught up in that web of re-identification. This may lead to genetic discrimination in the grown-up child’s life. Grown-up children may be willing to bear that risk–it is, however, worth considering this possibility when assessing privacy concerns related to such open-source research efforts.