Google’s DeepMind Faces Legal Action Over Data Misuse

Google's parent company and its AI business DeepMind are facing legal action for the way in which they obtained and processed over a million patient health records without consent in the UK. A legal case has been launched on behalf of more than a million people whose confidential medical records were obtained by Google.

DeepMind, a London artificial intelligence lab that was acquired by Google in 2014 and in 2015, Google's AI firm DeepMind was given the personal records of 1.6 million patients at the Royal Free London NHS Foundation Trust.

The current legal case is being led by law firm Mishcon de Reya and the lead plaintiff  Andrew Prismall said he had been "greatly concerned" about how his data had been used. Mishcon de Reya said it was launched to address public concerns about the use of private health data by tech firms. In a recent press release, Mishcon de Reya described the lawsuit as an “important step in seeking to address the very real public concerns about large-scale access to, and use of, private health data by technology companies... It also raises issues regarding the precise status and responsibility of such technology companies in the data protection context, both in this specific case, and potentially more generally,” the firm said.

When it became public that vast amounts of data had been tapped into by DeepMind, there was outrage, although the firm insisted that the patient records were being used to help create a life-saving app.

The Streams app was an alert, diagnosis and detection system that could spot when patients were at risk of developing acute kidney injury. It is in the process of being decommissioned, following DeepMind being incorporated into Google Health. There were several inquiries into the legality of the data use, and in 2017 the Information Commissioner's Office said that the hospital had not done enough to protect the privacy of patients when it shared data with Google.

In a statement in response to that ruling, DeepMind apologised and said that it had concentrated on building tools for clinicians, rather than thinking about how the project should have been shaped by the needs of patients.

Mishcon de Reya partner Ben Lasserson said: "This important claim should help to answer fundamental questions about the handling of sensitive personal data and special category data... It comes at a time of heightened public interest and understandable concern over who has access to people's personal data and medical records and how this access is managed."

There have been a number of class action suits launched in the UK, in which one plaintiff represents millions and these cases are known as opt-out representative actions because they include everyone that the case applies to, unless they specifically request not to be part of it.

In another group action a group calling itself  “Google You Owe Us” has been launched on behalf of four million iPhone users, alleging they were illegally tracked by Google.

New Scientist:      Decision Marketing:    CNBC:       BBC:      Techcrunch:      Business Insider:  

You Might Also Read:

Coronavirus Tracing Apps Conflict With Privacy:

« Don't Click On Pop-Ups
How To Use Transit Gateways To Monitor Traffic »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Alliance for Cyber Security

Alliance for Cyber Security

An alliance of all major players in the field of cyber security in Germany with a mission to strengthen Germany’s resistance to cyber-attacks.

ARC Advisory Group

ARC Advisory Group

ARC is a leading technology research and advisory firm with expertise in both information technologies (IT) and operational technologies (OT)

Kroll

Kroll

Protect data, people, reputation and the bottom line with end-to-end cyber security solutions from Kroll, a division of Duff & Phelps.

Cellopoint

Cellopoint

Cellopoint is a leading manufacturer of information security and email lifecycle management (ELM) products.

CICRA

CICRA

CICRA is Sri Lanka's pioneering cyber security training and consultancy provider.

H3Secure

H3Secure

H3 Secure focuses on Secure Data Erasure Solutions, Mobile Device Diagnostics and Information Technology Security Consulting.

Guardian Data Destruction

Guardian Data Destruction

Guardian Data Destruction provides a comprehensive suite of onsite e-data destruction services.

SecureWorx

SecureWorx

SecureWorx are a secure multi-cloud MSP, a provider of advanced IT security services and an independent cyber security advisory.

Pentest Limited

Pentest Limited

Pentest Limited provide information security consultation, penetration testing & red teaming services to companies across the globe.

Aristi Technologies

Aristi Technologies

Aristi provides cybersecurity risk and compliance services to help manage your unique cyber risks, safeguarding your systems and data and complying with government and industry standards.

Hyperion Gray

Hyperion Gray

Hyperion Gray are a small research and development team focused on innovative work in a variety of areas including Software & Security Research, Penetration Testing, Incident Response, and Red Teaming

National Cyber Safety and Security Standards (NCSSS) - India

National Cyber Safety and Security Standards (NCSSS) - India

National Cyber Safety and Security Standards has been started with a great vision to safeguard India from the current threats in the cyber space.

Ostendio

Ostendio

Ostendio is a cybersecurity and information management solutions provider that develops affordable compliance solutions for digital health companies and other regulated entities.

Matrixforce

Matrixforce

Matrixforce is a vetted IT support provider that uses the patented Delta Method of streamlining technology for financial and professional service firms to reduce complexity and avoid risk.

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startups Association is an umbrella organization that aims to promote, support and represent the interests of tech startups in Romania.

Allurity

Allurity

Allurity is a group of tech-enabled cybersecurity service providers, comprised of best-in-class experts with a common mission to enable a safe digital world.