227 comments

[ 4.4 ms ] story [ 226 ms ] thread
I remember when this was a conspiracy theory.
Some might have been super smart and installed an extension to autoclick on EULA/Consent (because they hate transparency on tracking).
Surveillance capitalism has gone way beyond the craziest fever dreams of 1990s shortwave radio conspiracy wackos.

The thing they never would have predicted was that nobody had to round everyone up into camps or abduct them in the night. People would willingly rush to instrument themselves and give away all their privacy for convenience and cute emojis, and when a story like this came out they’d shrug.

A while back a friend and I had just read something about all those nuclear tests in the 50s and 60s. He asked what “the fuck were they thinking?” thing we are doing today. I immediately answered: total surveillance with no regulation or oversight.

As I’ve said before: we just (in my opinion) had an attempted fascist coup. The next one won’t be so incompetent and will have a far smarter and slicker demagogue behind it.

> As I’ve said before: we just (in my opinion) had an attempted fascist coup....

What on earth are you talking about? What relevance does this political commentary have to the topic at hand?

Facism, not Nazism

"Fascism should more appropriately be called Corporatism because it is a merger of state and corporate power"

"Corporatism became one of the main tenets of fascism in Benito Mussolini's fascist regime"

Biden is a very low bar for “won’t be so incompetent”. Wonder what will next US presidential elections look like…
I feel that the partisan takes generally miss the larger picture.
To get past the partisanship all you have to do is change the jackets.

Imagine if Hillary Clinton had won in 2016, rallied the extreme left with dog whistles and charged divisive rhetoric, and then had lost to a fairly moderate Republican in 2020.

Before the election can be certified she gives a speech to a mob of angry protestors telling them to march to the capitol. Embedded among them are actual paramilitary and militia groups with strong extreme-left ideologies.

The protestors go full riot, start fights, bludgeon a police officer to death with the American flag, march into the capitol, and start ransacking the place. Many of them are wearing shirts with hammers and sickles on them, "Lenin was right," "Camp gulag," etc. A number of them are dressed in all black and are seen climbing around with zip ties calling the names of various congress members and senators. They erect a gallows out front and are chanting things like "hang Mitch McConnel!"

Clinton is reported by numerous witnesses to be watching the events on TV while she calls and threatens officials in states where her opponent won by a narrow margin, pushing them to overturn the results. She also has a team of attorneys working on tactics to overturn the election. She refuses to give a speech to call off the riot for hours and hours until the national guard shows up to clear the building. Even after that she refuses to concede the election.

I'd call that a coup attempt. You might call it an insurrection. I think that's quibbling over semantics.

I brought it up to argue for the risk posed by complete loss of privacy. We are creating a system of total surveillance that will be available to whatever much worse regime might take power in the future. If the thought of right-wing populist authoritarians is fine with you, imagine instead that it's an American Hugo Chavez or Fidel Castro. That is not out of the question either if the same people backing right wing populism become disillusioned with it and flip to left wing populism instead. Stranger things have happened. For the record that could be every bit as awful as a right wing authoritarian, especially with the kind of surveillance powers they will be able to seize and mobilize.

People who think there's nothing wrong with this panopticon we're building should convert to Islam and move to Xinjiang province.

You can take another 180 spin and ask what the Trump people think about the election results. You might even ask, given what we know about the media's willingness to mislead, how we would know if any election result was valid?

You might also ask if the figure head president is as half as important as some project meaning onto the office?

There are many hypotheticals you could take. None of it feels relevant to the discussion about compulsory DNA collection.

> I'd call that a coup attempt. You might call it an insurrection. I think that's quibbling over semantics.

This seems like a good opportunity: since this scenario/though experiment is a product of your mind, you should have access to knowledge of whether it actually was a coup attempt (the people in question genuinely had the intent to overthrow the government, and a legitimate plan of sorts) - so, did they?

Life imitates art? But Same. Full circle.
I feel like this phrase will be the motto of this year
I can't find a definitive start, but essentially as soon as samples were being tested, it was conspiracy theory time. Even if it's not for DNA, I can assure you the swabs have many conspiracy theories behind them.

(Credentials: my wife is really into conspiracy theories)

These stupid users probably didn't read the EULA. /s
Let's be honest, if you had to sign a EULA and accept the T&Cs for being born, we'd probably go extinct.
Probably because they were told they'll lose their jobs if they don't comply. (Hey, they were given a choice! They chose this voluntarily!) /s /s /s
Some fairly glaring typos:

- 4th paragraph, "4,876 privacy policy" should be "4,876 page privacy policy".

- 6th paragraph, "form of" should be "firm or".

I emailed them so hopefully they fix it. I tend to get hyper-focused on the typos and can't finish the article, strange as it may sound.

That sounds pretty debilitating and frustrating. Have you always been like that? Genuinely curious
The fact that the privacy policy is 4,876 pages also feels like it can’t be true. The surrounding typos make me worry the number itself is wrong. I mean how much money would you have to pay a law firm to write you a policy that’s 5000 pages long?
It's probably 4,876 words, not pages. That'd be excessive even by privacy policy standards.
In the article there is a quote, “There is no personal data more sensitive than our DNA.“

This seems a bogus assertion to me. I can imagine many diagnostic health test results that would be more sensitive to leak than DNA (e.g., STD and drug tests).

DNA sequencing is eventually going to be so cheap and ubiquitous that it will happen to everyone anyway.

Having published my own results (https://enki.org/2017/10/17/publishing-my-genome/), I really don’t buy into the idea that DNA is the most personal data that can be leaked.

(Nevertheless, there should be more obvious warnings to customers about how their data will be monetized.)

Edit: I think I failed to make clear that while I agree that DNA is "personal" data, I don't think it is the most "sensitive" personal data. If I had an identical twin and he released his DNA, I would not care. If I had syphilis and my test results were leaked, I would be upset about that.

Can STD and drug tests be disambiguated back to the person without attached PII? It seems that DNA is inherently the most personal data imaginable.
Those swabs have identity attached to them already.
> DNA sequencing is eventually going to be so cheap and ubiquitous that it will happen to everyone anyway.

Photography is so cheap and ubiquitous that it happens to everyone anyway. That still doesn't mean it's OK for you to sell photos of me in a private setting without my permission.

It's nice that you've chosen to publish your own genome but I bet you'd feel a little different if someone else had published it without your consent.

In private? Mostly not. But with some exceptions (basically for marketing or advertising purposes--unless it's allowed by the Ts & Cs of some event which is common) any photo taken in public (basically outside your home) is fair game.

ADDED: For those disagreeing: In general, I'll generally respect your wishes if you don't want your photo taken. But (in the US) if you're in a public place, you have no legal recourse (outside of some specific commercial uses). And that's how things are and will continue to be.

First of all, that's the UK.

Secondly, there is a lot of hand waving on that page. The bottom line is that if I take a picture of you in a public space like a park and publish it without a misleading caption on my blog, you have no real recourse (although the reality is that if it was just there for no particular purpose and you asked me to take it down after the fact I probably would).

For now. But 20 years down the line, it may be possible to create personalized poisons etc. And you cannot change your DNA like you can your password.

That said, I am not sure how this can be prevented either. We leave traces of our DNA everywhere.

Yeah but it's little different when they have to target you and different' when someone on the internet can remotely kill you by programming a (biological) virus.
A super-inefficient personalized poison.
How do you know that?

For some people, a tiny amount of peanuts is deadly. The rest of us can gorge on them without any ill effects whatsoever.

Perhaps there many other such substances that cause a runaway reaction in a tiny minority of people. We do not know.

> DNA sequencing is eventually going to be so cheap and ubiquitous that it will happen to everyone anyway.

This same argument be made to justify any erosion of personal privacy. With the level of technical sophistication western society has now, just about any invasion of privacy is too cheap to meter. Take IoT for instance. Just because it's possible for large corporations to infringe upon the privacy of individuals for pennies doesn't mean that we should just go ahead and accept it.

It does not matter how we feel about it. Every license plate scanner, every Ring doorbell, every security camera I walk by is potentially selling data.
It does, if people actually cared they'd be rioting in the streets, maybe burn down some corporate headquarters
Would burning down a building make it illegal to sell photos taken in public places?
Well getting millions of people out to protest should, otherwise do we have a democracy?

Bruning down building is more of a bug than a feature.

People do care about privacy. But, they don't have any power. Many people have to go to work, and they don't have time to fiddle in rioting etc. And, there is high chance that these people will be called terrorist for rioting such things. In fact some will even claim they are destroying property, and they should be incarcerated. And, there can be cases like rats in the group are taking advantage of protest. We can see this with BLM where few people deceived entire world by committing shenanigans in name of doing deeds.

Also, if people riot, there is no way to be sure that a positive thing will happen. We can clearly see this from Arab Spring. Many people thought there would be liberation, but what we got in return? Dictators got removed, just to be replaced by another dictator. In fact, it backfired and now autocrats have more power than past. Those days are gone where we ended horrific things like slavery and liberated the world with democracy. We have become too greedy with the capitalist society, as indicated by covid scenario. Sorry, for digressing.

That’s what the French aristocracy thought about their masses too. The masses then executed the French aristocracy.
Would such executions lead to laws prohibiting the sale of photos taken in public? Would that be a better outcome?
This question is entirely irrelevant, yet you seem fixated on it.
Maybe I am not spelling it out enough.

We have certain freedoms (e.g., speech) combined with a (relatively) free market. This opens opportunities for capitalists to monetize data they collect.

Even without monetization, some data is made public that some would prefer to keep private (e.g., a journalist can publish a photo of a politician on a boat with his mistress).

I don't see how we can put the genie back in the bottle so long as we have free speech and free markets. I think the PRC could, for example, restrict distribution of DNA data if it wanted to. I would prefer not to live under such an authoritarian regime.

I am asking if executing people to get more privacy is a desired outcome over adapting to a world where things we formerly thought of as private are just well known.

It’s not so much the loss of privacy, as the inevitable, violent exploitation of the weak that it does, will, and is meant to enable.
I think we are in agreement that corporations, governments, religions, etc. will use personal data to harm people. I am less convinced that DNA is the most "sensitive" personal data.
Also, sure, one can debate whether the masses were right to execute the aristocracy… but surely we can all agree that the aristocracy were lethally wrong that the masses didn’t matter.

I hope for their sake that the capitalists realize this before it’s too late for everyone.

That's why selling it should be heavily punished.
I am interested in how you would punish such vendors. What would make a piece of data illegal?
Same that makes some drugs illegal?
I am looking for specifics. Would photographers no longer be able to take photos of people in public and sell them? Would it be illegal for one to sell web server log files? Would Google Analytics become illegal?

Would the owner of a security camera have requirements on how they handle their data?

I am interested in how free speech and free markets enable the interesting effects we are now seeing. Maybe the answer is that there should be stricter controls on everything. That does not seem very likely to me.

> Would photographers no longer be able to take photos of people in public and sell them?

That's a grey area. I think it should be illegal if the goal of the photos is to track a person, and legal if the goal is to document a scene. And yes, that's a classification that we can do. We can apply the same rule to the people buying the photos, so it's illegal to go around buying photos about the movement of somebody even if no photographer did anything illegal.

> Would Google Analytics become illegal?

If they sell personal data? Without a doubt. Currently, AFAIK, they don't.

> Would the owner of a security camera have requirements on how they handle their data?

Yes, he can't sell it.

> We can apply the same rule to the people buying the photos, so it's illegal to go around buying photos about the movement of somebody even if no photographer did anything illegal.

I am trying to imagine the state capable of enforcing such a law. I don’t think that is where anyone wants to live.

> > Would Google Analytics become illegal?

> If they sell personal data? Without a doubt. Currently, AFAIK, they don't.

Google can obviously construct a dossier on a person from his analytics cookie. It’s okay for Google to have this data so long as they do not sell it, just sell access to it to advertisers or release it to governments?

Is it legal to own heroin, not sell it to anyone, but have guests over and offer them some (for a payment)?
drug test? how about dna markers that say you are likely to have a drug problem?
My 23andMe results show that I have the rs2472297 marker associated with slightly increased caffeine consumption. I also have the Irish ancestry associated with alcoholism that has been a problem in my family. I still consider my current diagnostic health test results to be more "sensitive" than the personal data I inherited and have no control over.
fyi, 23andme decodes less than 1% of your genome. Full decoding is getting cheaper every year. New genetic papers come out every week. Even if you think it isn't that big of a deal at the moment, who knows what will be able to be inferred from a full genome in 10 years from now.
I realize that. I don’t think my stance will change. The DNA I was born with is less important and sensitive to me than my decisions and outcomes.
> DNA sequencing is eventually going to be so cheap and ubiquitous that it will happen to everyone anyway.

That still doesn't imply that DNA will be shared freely. On the contrary, it is important that we ensure that people retain control over their own genetic information.

How do you propose that people “retain control”? We leave copies of our DNA everywhere. Even if I were very careful, my relatives and potential descendants can leak enough information to piece my DNA together.
> "DNA sequencing is eventually going to be so cheap and ubiquitous that it will happen to everyone anyway"

Filming porn is going to be so cheap it's going to happen to everyone anyway

I think of this every time someone tells me they used AirBnB.
You can still legislate access pretty easily. Cameras are ubiquitous and you still are not allowed to take pictures of anyone in any situation.
Please elaborate. I do not understand what you mean about the photos and I do not see how legislation would be easy where there is free speech combined with free markets.
Imagine you're 38 years old, you go like a normal person to a normal persons job interview.

Now your new employer obviously doesn't have access to your DNA, but he has an active subscription to "NaturalCheck(tm)whatever" which does have access to most people's DNAs.

Sorry, we can't hire you, your NaturalCheck came back as red.

You call NaturalCheck, after getting tossed through 2-3 support staff you finally learn your dna has some markers for some kind of cancer. Welcome to a new world.

P.S. If you think this is unrealistic: Credit check? Credit score? I see people have no problem with this stuff...

"Under Title II of GINA, it is illegal to discriminate against employees or applicants because of genetic information." (https://www.eeoc.gov/genetic-information-discrimination)

Potential employers also have photos of me that indicate my skin color. We have laws against discrimination over some attributes.

That's what "poor culture fit" is for.

Technically illegal and enforcably illegal are not the same. People with pregnancies or disabilities get fired all the time; as long as they're not putting "we're firing you for getting prengant" in writing somewhere, chances are they get away with it.

That criminals can commit crimes does not change the fact that this personal data will be easily found. I am still unconvinced that it is the most "sensitive" personal data.
Over speeding is also illegal. Yet, we see a lot of people committing it.

Same here, they will say they care about equal rights, but in reality they oust pregnant ladies, old peoples etc..

Potential future employers will easily get a copy of my DNA if they want one. I am not arguing that discrimination is wrong. I am arguing that DNA is not the most "sensitive" personal data.
> Potential future employers will easily get a copy of my DNA if they want one.

They should be forbidden from doing so. Not forbidden from using it for discrimination; forbidden from obtaining or posessing or sequencing an employee's DNA without their express consent, even via a third party.

> I am arguing that DNA is not the most "sensitive" personal data.

"The most" is debatable, and to some extent a matter of opinion. "One of the most" is hard to argue. It's highly personal information.

>> I am arguing that DNA is not the most "sensitive" personal data.

>"The most" is debatable, and to some extent a matter of opinion. "One of the most" is hard to argue. It's highly personal information.

Agreed. I am arguing with the statement as written in the article.

>> Potential future employers will easily get a copy of my DNA if they want one.

>They should be forbidden from doing so. Not forbidden from using it for discrimination; forbidden from obtaining or posessing or sequencing an employee's DNA without their express consent, even via a third party.

I am imagining that sequencing will be so cheap and ubiquitous that it will be like Facebook glasses (or whatever they are called now). Restaurants will sequence food to ensure provenance and quality. Environments will be sampling the air looking for viruses. Toilets will sequence whatever goes into them to find pathogens, both at the service of their owners and their users. I am not saying this is good. I am saying it is inevitable. Not tomorrow, but it's coming. Given that, I consider the personal data I have choice over to be more sensitive.

There are many thing that are illegal on paper, but are done every day in practice, especially with anti-discrimination laws. You need to be very blatant about your discrimination.
We all know that illegal discrimination happens. I was replying to the notion that this is a "new world". We have been living in that world for quite a while now. (That law was passed in 2008.)
(comment deleted)
> In the article there is a quote, “There is no personal data more sensitive than our DNA.“

> This seems a bogus assertion to me. I can imagine many diagnostic health test results that would be more sensitive to leak than DNA (e.g., STD and drug tests).

> DNA sequencing is eventually going to be so cheap and ubiquitous that it will happen to everyone anyway.

> Having published my own results (https://enki.org/2017/10/17/publishing-my-genome/), I really don’t buy into the idea that DNA is the most personal data that can be leaked.

> (Nevertheless, there should be more obvious warnings to customers about how their data will be monetized.)

> In the article there is a quote, “There is no personal data more sensitive than our DNA.“

> This seems a bogus assertion to me. I can imagine many diagnostic health test results that would be more sensitive to leak than DNA (e.g., STD and drug tests).

It's still PHI, and in this case subject to at least the Data Protection Act. The walk-in centers at Gatwick and Heathrow may have tested non-UK citizens. If so, they may run into compliance issues with GDPR or other privacy regs. Not sure how that plays out.

Guess I'll have to wait for the investigation results....

> Having published my own results (https://enki.org/2017/10/17/publishing-my-genome/), I really don’t buy into the idea that DNA is the most personal data that can be leaked.

Being as (at least in the US) DNA is used as evidence to conclusively identify (or exclude) those accused of crime (i.e. rape kits, etc) I'd say that a court of law would consider it to be essentially personal info.

I agree it is "personal data". I disagree that it is "more sensitive" than other data.
When Edgar Sengier amassed Shinkolobwe Uranium prior to the Manhattan project, was the sensitivity less because the bomb did not yet exist?
I agree that value is added merely by aggregation. Nevertheless, my diagnostic health test results are more sensitive to me than my DNA is. I imagine this is so for the vast majority.
My comment is less about the aggregation and more about the future. Right now diagnostic health test results are a larger concern for you, but that is likely going to change as technology advances sufficiently to take advantage of massive DNA surveillance. Let's say for instance that your DNA could be used to essentially derive your health results today and accurately predict outcomes into the future, surely that must be a concern for you since you are explicitly concerned about health test results. Maybe its not even the DNA on the swabs that gives it away, but instead something else in your mucous?
I welcome knowledge that would more accurately predict adverse outcomes.
> I imagine this is so for the vast majority.

Even if that is true, societies should still take extra care to protect the interests of minorities, since they typically suffer disproportionate consequences from human rights abuses.

To give a hypothetical example, if someone had Jewish ancestry and also a diagnosis that they had diabetes, I would guess that they'd want the first piece of information to have more protection than the second.

Of course the situation may be different in different countries and for different people (who I am not qualified to speak on behalf of), but I'm just cautioning against seeing DNA as being somehow "neutral".

This made me think. Yes, I see how in scenarios where there is tribalism-induced discrimination, one would carefully guard ancestry that is not obvious. I still object to the blanket assertion that it is the most sensitive data. I would agree if it were caveated: "For many, there is no personal data more sensitive than our DNA."
> "For many, there is no personal data more sensitive than our DNA."

I think that's a reasonable framing. Would you perhaps also accept the claim that "DNA is the most personal data that can be known about someone"?

It's true in the reductive sense that a person is made of cells and the information content of those cells is their DNA, but it's also true in the more nuanced sense that millions of people might share the same diagnosis as you (or even the same shameful secret), but no one who has ever lived, or will ever live, shares your DNA (unless you have an identical twin, or get cloned).

No, I would not accept it. For me, personally, my choices and outcomes are more personal than the immutable attributes I was born with. My browser history is more sensitive to me than my DNA.

I am intrigued that someone might genuinely think otherwise. Would anyone rather have their browser history published over their DNA?

You're probably right that most people think of their browser history as more secret or sensitive than their DNA, and maybe we're just disagreeing over semantics here, but "personal" can have a significantly different connotation.

One way to look at it is that someone's choices (and the pages they've visited) are things in their past, and even a medical diagnosis could be old news if they've since been cured. Their unique DNA signature, on the other hand, has been with them since before they were born, and will remain with them, largely unchanged, for the rest of their life, and even some time beyond. (Their DNA may also have a big effect on when they die, and the sort of life they live while they are alive too).

That's why DNA feels to me like it's an intrinsic part of someone's personhood, in a way that "They visited Hacker News yesterday" doesn't.

As always, it'll probably not affect most people, but some people will have very interesting markers/indicators on their DNA that might be worth protecting more than an STD or drug test.
I've always been extremely pessimistic regarding the slow erosion of rights in a digital world that's increasingly controlled by players too big to regulate. Yet why am I always so shocked when things like this happen? If you asked me at any point in the past whether I think things are going to get better, or worse, I would unequivocally have said the latter? Yet when things do get worse in some totally foreseeable but awful way, I'm inexplicably shocked and appalled. Maybe for all of my pessimism, my imagination for calamity is actually terrible.
What do Covid tests by a pharmaceutical-ish company have to do with "digital world controlled by players too big to regulate"?
I was speaking very generally. I think that my concerns regarding the regulation of individual privacy in the digital realm, and my concerns about the regulation of the major players in 'surveillance capitalism' is shared by many. The brokering of PII is such a large, and interconnected business. I would like control over who has access to my medical data, my DNA included.
Is it capitalism or corporatism?

What's free-market about being compelled by the state to use these services?

https://qz.com/1145669/googles-true-origin-partly-lies-in-ci...

Pick any major tech platform and you'll find similar connections. The CCP has their own platforms, just like Russia has their own.

Digital ID, pushed by WEF isn't being promoted by the free-market. It is better described as corporatism. Hopefully this more accurate terminology will help diffuse the more contentious implications.

https://en.wikipedia.org/wiki/Klaus_Schwab#:~:text=Schwab%20....

'No true scottsman' free market strikes again.

This is an inherent property of the system.

Id we didn't have these sort of issues, Communism is a perfect system, USSR wasnt the real deal!

We can disagree on those premises, but hopefully agree that corporatism better describes the observed phenomenon.

Maybe someone else here can take up the more contentious elements of your assertion. There's very little I can say here on HN about these points.

If "corporatism" is the name of the condition, then free-market capitalism is the virus that causes the infection.
Indeed, I purposefully compare 'free market people' with Communists, both live in an imaginary world where human relationships are mechanistic like APIs.

In their world everything is perfectly rational, there is no such thing as imbalance of power, market leverage, collusion between competitors, etc. In modern concience people clearly understand how an all-powerfull state can turn tyranical, but when an all-powerfull company turns tyranical it's always a surprise!

So you will get "let free market do it's thing without government interference, remove safeguards, guardrails and regulation." Then free market finds that the best way to make money is to form cartels or illegally abuse people who can't afford a layer, or to sell digital eyeballs and organs that require a subscribtion to work and it's a surprised picachu face all over again

For some reason these people are madly in love with a system that is basically just natural selection / evolution. They go around saying how planning is pointless because you can't be wiser than evolution is anyway. They seem to forget that evolution had 6 mass extinctions and that 99.9% of all specieces have gone extinct.

(comment deleted)
> What's free-market about being compelled by the state to use these services?

It's free-market that they are allowed to set a EULA like this which permits them to sell-on your DNA. It's notable that this happened with a private service, not one which was contracted by the state to provide tests.

Culture. Big players produce a body of professionals who are used to certain practices, and when these move to other companies, the practices propagate there. Especially if they make money - but even if they don't; as you see from the number of companies that employ a data engineer when they don't have enough data for one.
They were mandatory to validate a green pass, their results were associated with a QR code which has the potential to allow tracking.
The company found itself in a commercial environment where it could exploit and monetize misbehavior. If we had legal protections of private data, including DNA, stealing people's DNA wouldn't be profitable. The "typical" behavior of harvesting every bit of customer information has resulted in a culture in which such exploitation is almost expected.

Unelected technocrats are in charge, and it turns out that might not be the best way of running the world.

(comment deleted)
Well, you can get a headstart on what is planned by looking through the rather tiresome WEF's website. Here is an example of what I mean: https://www.weforum.org/reports/advancing-digital-agency-the...

"With the integration of screenless technology into everyday life, the data ecosystem is growing increasingly complicated. New ambient data collection methods bring many benefits, but they also have the potential to amplify mistrust between people and technology. In this Insight Report, the World Economic Forum’s Taskforce on Data Intermediaries explores the potential to outsource human decision points to an agent acting on an individual’s behalf, in the form of a data intermediary. "

This is talking about have a trusted intermediary between you and your data.

Its plainly a bad joke - morally, its unambigious - you own your data.

But that cannot work with the planned infrastructure, so we have to go through a charade of building trust etc with google, Apple, 3-letter agencies, etc.

Question: who will own/run those purported 'trusted intermediaries'? Government and business will provide leadership here...

That doesn't make me feel all warm and cozy, no.

Data fiduciaries (if it’s anything like how it’s being done in India) seem like a very good idea, actually — so long as the entity holding the data has fiduciary responsibility to the users, and cannot merge/collude with the entity using the data for whatever. Enforcing this without corruption is obviously non-trivial, but it seems a substantially easier task to regulate the interface between clearly delineated entities (with competition on each side) than trying to regulate huge monoliths (Eg: Facebook) that are incentivized to make internal information flows look like a ball of mud architecture, to avoid legibility to outsiders and the consequent regulation.
Name one responsible entity.
(comment deleted)
I wonder who would be the actual buyer of those swabs and why they would buy them.
I'm sure there are innocent scientific pursuits that benefit from more data samples, even without other data to correlate to.

Then there's always government agencies interested in labeled name-DNA pairs which can be used to find criminals, or for general mass tracking (though that'd be a poor and error-prone way to do so).

And suddenly the conspiracy theorist is not so crazy once again. This is a pretty scummy thing to do an jeopardizes future pandemic testing as people will feel they are being lied to and won’t trust testing. But by the. I suspect it won’t matter. They will have so many DNA samples that even if you are a slight relative they will be able to figure out who you are from a unknown sample of DNA.
Yep. The most prolific conspiracies have always had an unfortunate nugget of truth behind them.

"They're using it to track us". Or "Its to make a database to remove our freedoms" claims don't looks crazy at first glance.

At the some time I'm now glad biology had such a reproducibility problem, they probably can't identify a human strand from a rat in most "biotech" start ups I reckon...

I like to think of the reproducibility problem as a sort of modern Tower of Babel. It's obviously not a perfectly 1:1, but interesting similarities to be sure.
This comes as a surprise to people?

Companies and other large groups have been able to get away effectively illegal activities in the name of covid for over 2 years already... Don't get me wrong I prefer that the righteous cross of public indignation is changing to target the fat cats who exploited this chaos, but frankly this is the same "ban the plastic straw" "use extra face masks in non workable settings" hypocrisy from the last 2 years.

If this company said doing this would improve vaccines 2 years ago there's a certain large group of public opinion that would have given this cart blanche regardless of the damage it could/will do...

Well I, and my family took several tests with this firm - and I am very upset about this.

I will be speaking to a barrister today or on Monday to explore what, if any, remedies we can seek over this in court.

Please if anyone could recommend a London-based barrister who specialises in this sort of matter by DM or in reply that would be much appreciated.

I used them once as there was no one else who’d give us a rapid test in time. Have emailed their support. Curious to see the answer.

Barrister would be the heavy option, but complaints to the ICO and health authorities also an option.

Better to send them an email than a real letter in the post, otherwise they could sell the dna on the stamp.
Stamps are self adhesive now, for this reason and others.
Why would someone be branded a conspiracy theorist for hiring a legal representative for what looks at first glance like a straightforward violation of the specific + informed + non-coerced consent requirement of GDPR with regard to the processing of personal data? One which is in the news because it is actively under investigation by the authorities?
The question highlights rather well that there is no consistent logical reason for this attitude. Unfortunately it prevails very strongly at the moment.

I agree that the company should be sued into oblivion. And I think should this be say on other antigen or histamitic testing they would. My point is that because it has simply touched covid many people are having reactionary not cognative responses...

(comment deleted)
You may want a solicitor rather than a barrister.

Historically (in the UK) barristers specialised in arguing before a judge, while solicitors did the rest of the job. This division has now been relaxed a bit, but what you are asking about would normally be the solicitors part of the job I think.

Don't have any specific recommendations for lawyers.

Thanks for clarifying the difference.
If you're really angry you should look into a class action lawsuit, maybe someone is starting one. Contact your representative(s) state and federal with personal letters of concern. They are always looking for stuff like this to further their names and fame.
This story is happening in the UK, and PP asked for a "London-based barrister", and class-action suits, states, representatives and the Federal government are American things.
In the UK, parties to a lawsuit can apply to the court for a group litigation order, which groups the lawsuits together and allows parties to join. They are somewhat analogous to American class actions.
Since US law is heavily based on British law all I can say is uhhhhh.....

https://nypost.com/2022/01/14/facebook-faces-massive-lawsuit...

Britain has populous based representative system so they have representatives: https://en.wikipedia.org/wiki/Government_of_the_United_Kingd...

Britain does have an elected government so they can contact their government for help.

I don't understand your attack? The meat of my argument is true and you are attacking small details which is a cheap illogical tactic.

He's not attacking the argument. He's attacking that the rest of the world isn't like America here, which, was kinda strongly emphasised in the post...
https://www.lawsociety.org.uk is the professional association for lawyers in England. Any reputable firm will be registered with it and you can search the register for some potential firms to approach. Edit: It's not the regulator that's a different body.
You can't ask for (nor give) a consent that broad: "use my dna for whatever research you want by whoever". Having been involved a bit with asking for informed consent in a hospital, it's sooo difficult to design a specific- and useful-enough consent form for legitimate not-for-profit medical research. I hope these jokers go to prison for a long time.
don't hold your breath. ex-doctor the OG antivax Wakefield committed malpractice by not getting informed consent to do all kinds of tests on autistic children, and he's free as ever. :/
Aye, and that sucks, but (1) he did his thing before the Data Protection Act 1998 let alone GDPR, and (2) violations of medical consent are different from and (IMO as a generalisation) much more serious than violations of data processing consent. Not sure what laws he might have violated, though I think he would be breaking one if he calls himself “doctor” at this point?
He conducted research for money. This involved ~7 children spending 1 week in a hospital. The children were young (mean age 6) and some had severe autism, so they had to be sedated, held down by adults, etc.

His "informed consent" form does not describe the risks.

https://www.youtube.com/watch?v=8BIcAZxFfrc&t=1h7m17s

(Where was the IRB during all this? Good question.)

I was already in agreement that he sucks, but that doesn’t actually tell me he committed an offence under section Foo of the Perfectly Sensible Yet Obscure Medical Consent Act 1869 or whatever, so I don’t know if legally speaking he ought to have been locked up.
They will get clobbered by the ICO as it's clear this was neither informed consent nor was the data retention period reasonable.

Burying terms of such significance results in unenforceable agreements, so it's naive (but not unexpected) of Cignpost to come out saying they are in full compliance with data protection laws.

I would urge anyone potentially impacted to write to the ICO to register their concerns.

The particularly shitty part is that often people are/were REQUIRED to test themselves for COVID and people were stuck with whatever tests were available. So governments demanded people buy goods from private companies, and then the private companies abused their customers. It's like a giant shining example of why we're quickly becoming no-trust societies.

When I give my blood and DNA for MS trials, I get long consent forms and details, which I can alter. (I always cross out the parts that enable my data to be used for profit; if they want to know why I have benign MS, I hope they figure it out, but I want them to use my information to help people, not gouge them.)

I recently obtained an At-Home Covid test that stated it was 'the 1st ever app-assisted test' and using the app was compulsory. The instruction pamphlets were entirely focused on how to install and use the app and not a single mention of how to read the results beyond "removing human interpretation errors". Turns out, the stick produced TWO control lines(another 1st ever) and a third line would indicate a positive result. I dug up the ghosted replies to several deleted Reddit & Twitter posts to find the information to deduce the results... after fretting about my "positive" result. The manufacturer's primary concern was clearly stated in the included pamphlets, IMO: data collection.
Where did you obtain such a test, if you don't mind sharing that detail? Did you know what you'd be getting, or did the "app-assisted" aspect come as a surprise (which is how it sounds)?
I received it from work. I had no idea it used an app. If I had known, I would have sought out another kit. Instead of installing the apkx(bundle?), I did some research and found the ghosted posts' comments where other confused users contacted the company directly and shared their findings, verifying two lines = negative.

edit:grammar

If you are okay with it, please share the name of this testing company. Not specifically to "name and shame" but instead, so others can avoid using them.
Oh look who sponsored the committee on covid testing. Seems like the government welcomed these people with open arms

https://www.politicshome.com/news/article/covid-testing-comp...

Which cabinet member has got a friend on the board.

And guess who will be justifying the slap on the wrist fines because "emergency" and giving them effective clean slate moving forward.
Covid testing policies influenced by.. covid testing companies. 'Covid experts' working for companies with similar interests?
If proven unlawful which it most likely is at face value, will the companies who received samples from Cignpost both destroy the samples and any data or derivative data associated with this?

If not then the crime pays off, irrespective of how stern the watchdog is.

I wonder. Perhaps they're overseas, in places like China.
Private company sell customer data cause no regulation

Blame 'totalitarian' government

> All driven by useful idiots that chanted "it's just two weeks" and "if it only saves one life".

Nope, just the "useful idiots".

Let's not kid ourselves, we _all_ saw this coming a mile away. Unfortunately. :(
Yet, it seems most who raised an alarm were told to be quiet and sit down.
Something something blissful ignorance...
That is a horribly relevant thread.
We've gained information and further confirmation of this specific issue.

The underlying patterns which precipitated that thread continue.

Have you tried to message that guy? I'd love to read his response.
I'm not sure what I would say to him. Went down to negative three on that one, which is about par for the course here.

Imagine messaging everyone. I don't have the time and things would continue as usual regardless.

(2021)

This report is actually 3 months old, it would be useful to know if there have been updates.

Probably not, the interest follows public outrage which wasn't there in 2021 because how dare you speak the word "endemic"...
And this is one of the reason why people will be afraid to test themselves.

While many are just anti-vaxxers or Covid denialists, you can't argue that the system hadn't done its' best to cultivate these issues.

This is a really common practice and I hate it. The leftover biological material after a text (blood, urine, whatever) is considered waste and legal to sell in most US states.

This used to not mean anything because no one wanted random blood. But now with dna so cheap, those samples can be sequenced and stored in a bio bank. They are “de-identified” from the lab info, but dna can’t be truly deidentified because it’s dna.

I don’t know how much money it makes for the labs, but it’s scary to me. I’ve never been able to opt out of this process and there’s no privacy policy for LabCorp or Qwest or major labs that includes protections for individuals biomaterial being used beyond the paid for test.

Here’s some more info on human bio banks, https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3118708/

In college, I signed up for a medical test where you got $20 for filling out a massive questionnaire about health, habits, family, just about everything you'd need to build a massive medical background. We got another $20 when we showed up to spit in a vial for DNA sequencing. I don't think we ever provided names or addresses but I'm sure you could build a pretty complete profile.
> They are “de-identified” from the lab info, but dna can’t be truly deidentified because it’s dna.

DNA is not just random numbers. You can reconstruct the whole family tree from just DNA samples. With DNA samples of the whole population we could reconstruct the family tree of the whole nation alive and even some generations back. Add in some DNA samples associated with medical records and you can use this to predict the probability genetic disorders. The more data points you can connect to this structure the less anonymous it becomes.

The key is to get DNA from a majority of the population to close the gaps in your relationship network.

Then what?
in the good universe, they use that information to make drugs that are better-tailored to people's population-specific genetics (one type of "personalized med")

in the bad universe, they give it to an ad agency that then beams ads for the wrong medicine into your retina 24/7

Seems like you have a very firm grasp of what can and cannot be done with a person's DNA.
Yes? I got a phd in biophysics, studying the structure and function of DNA, and have donated my genome to science (publicly available for anybody to analyze).
Unfortunately, I can imagine worse "bad universe" cases than that.

Pandora's box. Just because we can does not mean we should.

Yep, well, we all knew that was going to happen... Taking a lighter note for a moment: it will be funny when the mass DNA data identifies the humanoid aliens and mutants living among us ;) ;p xx :p
Even if I don't consent to this, it is sufficient that some of my relatives do so to expose information about me. Thus individuals should not even be allowed to give such general consent, as they cannot possible give consent only for themselves.
I don't think conspiracy theorists are surprised about this turn of events.
I mean, sure, but you hardly have to believe that JFK was killed by mobsters to think, "I bet a lot of companies are going to take advantage of a worldwide, multi-year panic."
Conspiracy theorists are never surprised. That's the deal.

Any information can be effortlessly be turned to support or expand the theory. The government could announce we've been in contact with aliens since the 1950s, and conspiracists would go "see! but they're not telling you <new variant on theory>!"

> When buying tests, customers were asked to tick a box agreeing to a 4,876 [sic] privacy policy which links to a separate document outlining the research programme, The Sunday Times reported.

This needs to change.

The simple non-serious solution to this is for governments to require that before a user can consent to a legal "agreement" (like a privacy policy, or an EULA) they have to have it read to them, live, by a lawyer. At 150 words per minute, that agreement would have taken half an hour to read, which lawyers would charge at least £50 for.