Google’s DeepMind Faces Legal Action Over Data Misuse

Uploaded on 2021-10-12 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW, BUSINESS-Services-Law

Google's parent company and its AI business DeepMind are facing legal action for the way in which they obtained and processed over a million patient health records without consent in the UK. A legal case has been launched on behalf of more than a million people whose confidential medical records were obtained by Google.

DeepMind, a London artificial intelligence lab that was acquired by Google in 2014 and in 2015, Google's AI firm DeepMind was given the personal records of 1.6 million patients at the Royal Free London NHS Foundation Trust.

The current legal case is being led by law firm Mishcon de Reya and the lead plaintiff  Andrew Prismall said he had been "greatly concerned" about how his data had been used. Mishcon de Reya said it was launched to address public concerns about the use of private health data by tech firms. In a recent press release, Mishcon de Reya described the lawsuit as an “important step in seeking to address the very real public concerns about large-scale access to, and use of, private health data by technology companies... It also raises issues regarding the precise status and responsibility of such technology companies in the data protection context, both in this specific case, and potentially more generally,” the firm said.

When it became public that vast amounts of data had been tapped into by DeepMind, there was outrage, although the firm insisted that the patient records were being used to help create a life-saving app.

The Streams app was an alert, diagnosis and detection system that could spot when patients were at risk of developing acute kidney injury. It is in the process of being decommissioned, following DeepMind being incorporated into Google Health. There were several inquiries into the legality of the data use, and in 2017 the Information Commissioner's Office said that the hospital had not done enough to protect the privacy of patients when it shared data with Google.

In a statement in response to that ruling, DeepMind apologised and said that it had concentrated on building tools for clinicians, rather than thinking about how the project should have been shaped by the needs of patients.

Mishcon de Reya partner Ben Lasserson said: "This important claim should help to answer fundamental questions about the handling of sensitive personal data and special category data... It comes at a time of heightened public interest and understandable concern over who has access to people's personal data and medical records and how this access is managed."

There have been a number of class action suits launched in the UK, in which one plaintiff represents millions and these cases are known as opt-out representative actions because they include everyone that the case applies to, unless they specifically request not to be part of it.

In another group action a group calling itself  “Google You Owe Us” has been launched on behalf of four million iPhone users, alleging they were illegally tracked by Google.

New Scientist:      Decision Marketing:    CNBC:       BBC:      Techcrunch:      Business Insider:  

You Might Also Read:

Coronavirus Tracing Apps Conflict With Privacy:

« Don't Click On Pop-Ups
How To Use Transit Gateways To Monitor Traffic »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Caldew Consulting

Caldew Consulting

Caldew specialise in providing information assurance and cyber security consultancy, covering the full spectrum of the security life cycle.

Group-IB

Group-IB

Group-IB is a leading provider of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigating high-tech crimes, and protecting intellectual property.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Standards Council of Canada (SCC)

Standards Council of Canada (SCC)

SCC leads and facilitates the development and use of national and international standards and accreditation services in Canada.

CyberQ Group

CyberQ Group

CyberQ is an award winning cyber security consultancy and services provider and an innovator in Artificial Intelligence and Automated Cyber Security.

GlobalPass

GlobalPass

Covering 200+ countries with 78 000 databases, GlobalPass provides sophisticated facial biometrics verification and deep screening, delivering peace of mind to every client.

Cybersec Infohub

Cybersec Infohub

Cybersec Infohub is a Hong Kong government programme to enhance the exchange of cyber security information with industry and enterprises to jointly defend against cyber attacks.

BitNinja

BitNinja

BitNinja provides full-stack server security in one easy-to-use protection suite. Enjoy real-time protection, automatic false positive handling and threat analysis for more in-depth insights.

CloudBolt Software

CloudBolt Software

CloudBolt provide solutions for your toughest cloud challenges. From automation, to cost and security, and hybrid IT governance — we have you covered.

KeyData Associates

KeyData Associates

KeyData is a recognized leader in cybersecurity services specializing in Identity and Access Management (IAM), Customer Identity & Access Management (CIAM) and Privileged Access Management (PAM).

Sentrium Security

Sentrium Security

Sentrium is committed to helping organisations protect their technology, information and people. Our range of bespoke services provide solutions to tackle a broad range of cyber security challenges.

RKVST

RKVST

RKVST is a powerful tool that builds trust in multi-party processes when it’s critical to have high assurance in data for confident decisions.

watchTowr

watchTowr

Continuous Attack Surface Testing, with the watchTowr Platform. The future of Attack Surface Management.

SignalFire

SignalFire

SignalFire invest across both enterprise and consumer sectors at the seed and early growth stages.

TokenEx

TokenEx

TokenEx Cloud Security Platform protects sensitive data to strengthen our clients' security postures while future-proofing their operations.