|
AlisonRobinsSecondEssay 3 - 23 Dec 2020 - Main.AlisonRobins
|
| |
| META TOPICPARENT | name="SecondEssay" |
|---|
| |
<
< | Removing the Cause and the Symptom: Effective Health Data Protection Through Universal Single-Payer Healthcare | >
> | Classifying Personal Data as Inalienable to Achieve Medicare For All | | | | |
<
< | -- By AlisonRobins - 20 Nov 2020 | >
> | -- By AlisonRobins - 23 Dec 2020 | | | | |
<
< | More than Medicare for All, we need Healthcare for All. Only when the entire medical system—treatment, insurance, pharmaceutical—is consolidated as a federal service governed by a data-centered inalienability rule, with no private options, can the health of our nation be furthered both safely and ethically. | >
> | Medicare for All (“MFA”) could feasibly work, but only if we govern personal data under an inalienability rule. The federal government could run a personal data bank to ensure privacy in a system in which all medical services—treatment, insurance, pharmaceutical—are under a single-payer program. | | | I. The Virus in Us, The Virus About Us | |
<
< | A. The Technology at Hand | >
> | A. Technology: When Personal Data Becomes Patient Data | | | | |
<
< | In an ideal world, our data would be publicly available to good-faith actors who just want to rid the world of disease. That was, of course, one of the origins of the Net: a collaborative tool for scientists and academics to share information in a non-hierarchical manner. However, when the Net grew and as the barrier to entry became a working internet connection, so did the influx of private companies into industries like healthcare. | >
> | This option must include all personal data. Due to the increase in competition, private medical and related companies began collecting, using, buying, and selling user data as early as 1998. Though the marketplace prior to the internet was based on knowing personal information about buyers—product preference, shopping behavior, addresses—the Net allows for one seller to know about the buyer’s preferences in every sphere of the buyer’s online life outside of the individual transaction with the click of a button. In the sphere of medical care, buying and selling personal data becomes a violation of patient data as third-parties, such as insurers and private care facilities, can purchase someone’s behavioral data and deny them access to healthcare on that basis, not on their medical history (see below: digital redlining). | | | | |
<
< | Due to the increase in competition, in order to stay operable as businesses, medical and related companies began collecting, using, buying, and selling their gold mine: user data. Large, competitive websites have been selling information on its users to data companies since as early as 1998. At this point, the chairman and CEO of Merrill Lynch proudly stated, “As a business person, having the option to ‘data-mine’ investment traits. . . It's an important advantage,” ignoring the inability for someone to consent to all of their observable and unobservable behavior being up for grabs. Information about a person’s behavior, I argue, should not be a commodity gleefully for sale by those with means in order to give them more means. Rather, a person’s behavior is a person’s identity that should not be sacrificed for commercial gain. | >
> | B. Legislating Personal Data Protection | | | | |
<
< |
When was this ever true? Sellers learn about individual buyers and try to sell to them more effectively. This happens in every souk and bazaar, in every village, in every town and market. Why would we be in a position, let alone likely, to abandon our existing understanding about this? What are the First Amendment implications of deciding to prohibit learning about one another? If this is a proposition you intend to consider, rather than just tossing on the fire to see how it burns, you would need an essay all to itself.
| | | | |
<
< | B. Political Issues: The Specter of Socialism, The Boogeyman of Behavior Mining | >
> | i. The Lack of Knowledge on Personal Data | | | | |
>
> | MFA will be inherently flawed unless lawmakers understand personal data privacy. HIPAA may protect patient data, but other personal data (behavior) is fair game. When private companies can sell non-patient data, they can take part in digital redlining. An insurer may access this data and see that you made risky purchases, limiting your ability to pay a claim, or that you browsed websites selling e-cigarettes, indicating a change in health not otherwise disclosed. The data bought may seem anonymous in the aggregate, but it can be identified technically. Without a law that limits all personal data sale and a single-payer plan, private medical services may use undisclosed personal data to deny treatment. | | | | |
<
< | i. The Partisan Aversion to Government-Run Healthcare | | | | |
<
< | For there to be Healthcare for All, we need a government that would see it as necessary policy. This is difficult when the phrase “Medicare for All” makes most politicians quake in their boots. Even the government-centered insurance we do have (the Affordable Care Act) (“ACA”) gets challenged in the courts every five years. The ACA did not clarify how a government should provide for the health of its people, but instead “became the object of intense conflict over both the boundaries between the market and state and tensions between individual and social responsibility,” making the ACA the ripe sticking point for the Republican party. At this point in politics, there needs to be bipartisan support for universal healthcare, which seems near impossible from Republicans. | >
> | ii. An Inalienable Personal Data Rule | | | | |
<
< | But Republicans are not solely to blame: Democrats are also terrified to endorse Medicare for All (“MFA”). MFA is a single-payer system “in which a government entity reimburses doctors and hospitals at a set rate.” Any 2020 presidential candidate who supported it full-throatily ended up either walking it back (Warren) or ultimately lost the candidacy (Sanders). And, instead of offering compromises aimed at fixing the objective, non-partisan problems in the ACA (“Marketplace instability, inadequate subsidies, the affordability of insurance, and the coverage gap for lower-income people in states that haven’t expanded Medicaid”), the candidates campaigned on compromises--that you could keep you beloved doctor, insurance network, pharmaceutical giant. | >
> | The problem with any of the laws that attempt to govern our data is that they are run under a property rule: that data can be bought and sold. But this is a flawed scheme. Even when there is a breach, there are limited remedies under the property rule. Plaintiffs must have Article III standing in these cases, but it is difficult to determine proximate cause or ascertain the imminence of harm. Clapper v. Amnesty Int’l USA, 568 U.S. 398 (2013) established a strict standard of “certainly impending” harm that most times cannot be shown via a plaintiff’s asymmetrical information. If someone can show “certainly impending” harm, it is another challenge determining the value of the harm under a property rule. | | | | |
<
< | This is an illusion of choice. While there is a private option in treatment, insurance, and/or drugs, there will be a market for selling behavior data. We need Healthcare for All because only with public insurance, providers, and prescriptions does that market incentive disappear and data integrity remains. | >
> | An inalienability rule both allows for proper redress when there is a harm and further protects the data from future harm by taking it off the market. Consolidating all this data under a unified, government-run data bank eliminates an open data market. It also makes proving causation easier because there is only one option rather than dozens of other breaches to sift through. It may make it more difficult for an individual to share their own data, but it is better for a person’s rights in the long run not to sell data in the short run in order to prevent invasions of privacy in future transactions. | | | | |
<
< |
If this is a proposal for nationalization of all health care, in the British style, does it make any difference whether there is public enthusiasm for it? There has never been a moment when there was significant political support in the US for this outcome, and with the exception of Britain there's no wealthy society that shows any interest in adopting it. So it seems to me that something should be said about the difficulty of reaching this result democratically. Once again, this would take 1,000 words on its own, I think.
| | | | |
<
< | ii. The Lack of Legislative Knowledge on Data Privacy | >
> | iii. Concerns | | | | |
<
< | No legislation can be achieved when lawmakers do not understand what data privacy means. This proves pivotal when legislation may be the only hope for Americans’ data security. Courts are unclear as to what counts as damages in the cases of data breaches. Comprehending the behavior collected by private companies can also aid in preventing digital redlining, because when insurance companies can sell information on patients with everyone from their doctor to their loan agent, a pre-existing condition becomes one on a person’s economic freedom. | >
> | Some may see having the government gatekeep more than their patient data as a violation of their individualism, but one person’s data does not just affect them. I may not want my genetic and familial information openly accessible; my father decides to use an ancestry-typing service that now means strangers with access to the site can see my history. I could sue him, the website, etc.; I may not be successful, but I, and likeminded others, drive up the transaction costs to a point where it is no longer cost effective to allow each situation to figure itself out. Because identities can be inferred not just from your own data but from others, we need an inalienability rule that protects all data for the purpose of protecting all people. | | | | |
<
< |
Does this reflect the actual state of US law? Surely HIPAA says otherwise, does it not?
| >
> | There is the fear that the government would be just as susceptible to hacks as private businesses. It is true that healthcare.gov has experienced breaches; surprisingly, or not, private insurance has more. And, having only one legal locale for personal data, overseen by the government entrusted to protect us, allows for secure transfer of data to parties whom need it, more directed resources at protecting the measure, and clear proximate cause in case of breach. | | | | |
<
< | C. Legislation Under an Inalienability Rule | | | | |
<
< | The problem with any of the laws that attempt to govern our data is that they are run under a property rule: that data is something that can be bought and sold. Yet, data is our very essence, so powerful a tool that businesses trip over themselves to buy it, to influence us. The fear, though, is that the government would be just as susceptible to hacks as private businesses. It is true that healthcare.gov has experienced breaches; surprisingly, or not, [[https://blog.malwarebytes.com/security-world/2019/11/would-medicare-for-all-help-secure-health-data/] [private insurance has more]]. | >
> | II. Conclusion: Passing MFA in This Political Economy | | | | |
<
< |
I don't understand the point here. "Data" is many different things, one of which only is patient data identified with or capable of being linked to a particular patient, I don't think anyone actually advocates an open market in such data, and that's not the current state of the law. It would be helpful to be more precise both about what "data" is under discussion, and what the existing rules are.
| >
> | For there to be MFA, we need a government that would see it as necessary policy. The majority of Americans view the government as responsible for healthcare, with more than half of that majority favoring a single national scheme. But, the government-centered insurance we do have (the Affordable Care Act) (“ACA”) gets challenged in the courts every five years. The ACA did not clarify how a government should provide for the health of its people, but instead “became the object of intense conflict over both the boundaries between the market and state and tensions between individual and social responsibility,” making the ACA the ripe sticking point for the Republican party. At this point in politics, there needs to be bipartisan support for universal healthcare (pending the Georgia Senate races), which seems near impossible from Republicans. | | | | |
<
< | With an inalienability rule over a property rule, legislators can make it clear that our behavior is not for sale, provide a marketplace in which it is not needed to be sold, and create a remedy scheme that reflects how high the stakes are of such a breach. | >
> | But, should the political landscape change, so too could the political economy. With a legislature and citizenry that sees the connection between personal and patient data, there could be a mass overhaul that not only allows for the adoption of MFA in whatever form, but also a more plaintiff-friendly “certainly impending” harm rule. After living with a centralized and federally-protected personal data management bank which could in turn limit breaches, the effects of rare harms may be more striking and thus more remediable. | | | | |
<
< |
Is that what an inalienability rule does? Doesn't it also prohibit patients from sharing information they want others to have? If not, what sort of licensing does this anti-licensing principle permit?
Currently, the legal landscape regarding a remedy when your behavioral data are breached by a company is to sue under negligence. This requires a showing that your injury is “(1) ‘concrete, particularized and actual or imminent,’ (2) caused by the defendant, and (3) redressable by a court of law.” But, courts are not agreed on what the imminent harm of a breach is. Truthfully, the future harm can be limitless, up to and including stealing your social security number and finances, but with no guidance, there can be no remedy.
But why should we consider there to be "no guidance"? Can you show some examples of this absence of understanding? I think this is about cases, not blog entries.
II. Conclusion
An inalienability rule for data collection, though the best move for general health, will never pass until we grasp two things. One, that our data is our life, full stop; and two, that protecting data, and therefore the life of constituents, is beyond partisanship. Cutting out private endeavors may not be the most efficient way to regulate medical care, but it is the most effective when we consider health more comprehensively.
I think the best route to improvement here is focus. There are several interesting and doubtful propositions advanced in a draft that simply does not have room for more than one of them. And the parts of the essay that are about law could use more legal precision for which there isn't presently room. The best step seems to me to concentrate attention on one of the ideas you have, and to work that one through at full length. I don't know which of the roads is most desirable from your point of view, but as Robert Frost once observed, you cannot travel three roads and be one traveller, at least under these circumstances.
| | |
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable. |
|
|
AlisonRobinsSecondEssay 2 - 21 Dec 2020 - Main.EbenMoglen
|
| |
| META TOPICPARENT | name="SecondEssay" |
|---|
| | | Due to the increase in competition, in order to stay operable as businesses, medical and related companies began collecting, using, buying, and selling their gold mine: user data. Large, competitive websites have been selling information on its users to data companies since as early as 1998. At this point, the chairman and CEO of Merrill Lynch proudly stated, “As a business person, having the option to ‘data-mine’ investment traits. . . It's an important advantage,” ignoring the inability for someone to consent to all of their observable and unobservable behavior being up for grabs. Information about a person’s behavior, I argue, should not be a commodity gleefully for sale by those with means in order to give them more means. Rather, a person’s behavior is a person’s identity that should not be sacrificed for commercial gain. | |
>
> |
When was this ever true? Sellers learn about individual buyers and try to sell to them more effectively. This happens in every souk and bazaar, in every village, in every town and market. Why would we be in a position, let alone likely, to abandon our existing understanding about this? What are the First Amendment implications of deciding to prohibit learning about one another? If this is a proposition you intend to consider, rather than just tossing on the fire to see how it burns, you would need an essay all to itself.
| | | B. Political Issues: The Specter of Socialism, The Boogeyman of Behavior Mining | | | This is an illusion of choice. While there is a private option in treatment, insurance, and/or drugs, there will be a market for selling behavior data. We need Healthcare for All because only with public insurance, providers, and prescriptions does that market incentive disappear and data integrity remains. | |
>
> |
If this is a proposal for nationalization of all health care, in the British style, does it make any difference whether there is public enthusiasm for it? There has never been a moment when there was significant political support in the US for this outcome, and with the exception of Britain there's no wealthy society that shows any interest in adopting it. So it seems to me that something should be said about the difficulty of reaching this result democratically. Once again, this would take 1,000 words on its own, I think.
| | | ii. The Lack of Legislative Knowledge on Data Privacy
No legislation can be achieved when lawmakers do not understand what data privacy means. This proves pivotal when legislation may be the only hope for Americans’ data security. Courts are unclear as to what counts as damages in the cases of data breaches. Comprehending the behavior collected by private companies can also aid in preventing digital redlining, because when insurance companies can sell information on patients with everyone from their doctor to their loan agent, a pre-existing condition becomes one on a person’s economic freedom. | |
>
> |
Does this reflect the actual state of US law? Surely HIPAA says otherwise, does it not?
| | | C. Legislation Under an Inalienability Rule
The problem with any of the laws that attempt to govern our data is that they are run under a property rule: that data is something that can be bought and sold. Yet, data is our very essence, so powerful a tool that businesses trip over themselves to buy it, to influence us. The fear, though, is that the government would be just as susceptible to hacks as private businesses. It is true that healthcare.gov has experienced breaches; surprisingly, or not, [[https://blog.malwarebytes.com/security-world/2019/11/would-medicare-for-all-help-secure-health-data/] [private insurance has more]]. | |
<
< | With an inalienability rule over a property rule, legislators can make it clear that our behavior is not for sale, provide a marketplace in which it is not needed to be sold, and create a remedy scheme that reflects how high the stakes are of such a breach. Currently, the legal landscape regarding a remedy when your behavioral data are breached by a company is to sue under negligence. This requires a showing that your injury is “(1) ‘concrete, particularized and actual or imminent,’ (2) caused by the defendant, and (3) redressable by a court of law.” But, courts are not agreed on what the imminent harm of a breach is. Truthfully, the future harm can be limitless, up to and including stealing your social security number and finances, but with no guidance, there can be no remedy. | >
> |
I don't understand the point here. "Data" is many different things, one of which only is patient data identified with or capable of being linked to a particular patient, I don't think anyone actually advocates an open market in such data, and that's not the current state of the law. It would be helpful to be more precise both about what "data" is under discussion, and what the existing rules are.
With an inalienability rule over a property rule, legislators can make it clear that our behavior is not for sale, provide a marketplace in which it is not needed to be sold, and create a remedy scheme that reflects how high the stakes are of such a breach.
Is that what an inalienability rule does? Doesn't it also prohibit patients from sharing information they want others to have? If not, what sort of licensing does this anti-licensing principle permit?
Currently, the legal landscape regarding a remedy when your behavioral data are breached by a company is to sue under negligence. This requires a showing that your injury is “(1) ‘concrete, particularized and actual or imminent,’ (2) caused by the defendant, and (3) redressable by a court of law.” But, courts are not agreed on what the imminent harm of a breach is. Truthfully, the future harm can be limitless, up to and including stealing your social security number and finances, but with no guidance, there can be no remedy.
But why should we consider there to be "no guidance"? Can you show some examples of this absence of understanding? I think this is about cases, not blog entries.
| | | II. Conclusion
An inalienability rule for data collection, though the best move for general health, will never pass until we grasp two things. One, that our data is our life, full stop; and two, that protecting data, and therefore the life of constituents, is beyond partisanship. Cutting out private endeavors may not be the most efficient way to regulate medical care, but it is the most effective when we consider health more comprehensively. | |
>
> |
I think the best route to improvement here is focus. There are several interesting and doubtful propositions advanced in a draft that simply does not have room for more than one of them. And the parts of the essay that are about law could use more legal precision for which there isn't presently room. The best step seems to me to concentrate attention on one of the ideas you have, and to work that one through at full length. I don't know which of the roads is most desirable from your point of view, but as Robert Frost once observed, you cannot travel three roads and be one traveller, at least under these circumstances.
| | |
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.
To restrict access to your paper simply delete the "#" character on the next two lines: |
|
|
AlisonRobinsSecondEssay 1 - 20 Nov 2020 - Main.AlisonRobins
|
|
>
> |
| META TOPICPARENT | name="SecondEssay" |
|---|
Removing the Cause and the Symptom: Effective Health Data Protection Through Universal Single-Payer Healthcare
-- By AlisonRobins - 20 Nov 2020
More than Medicare for All, we need Healthcare for All. Only when the entire medical system—treatment, insurance, pharmaceutical—is consolidated as a federal service governed by a data-centered inalienability rule, with no private options, can the health of our nation be furthered both safely and ethically.
I. The Virus in Us, The Virus About Us
A. The Technology at Hand
In an ideal world, our data would be publicly available to good-faith actors who just want to rid the world of disease. That was, of course, one of the origins of the Net: a collaborative tool for scientists and academics to share information in a non-hierarchical manner. However, when the Net grew and as the barrier to entry became a working internet connection, so did the influx of private companies into industries like healthcare.
Due to the increase in competition, in order to stay operable as businesses, medical and related companies began collecting, using, buying, and selling their gold mine: user data. Large, competitive websites have been selling information on its users to data companies since as early as 1998. At this point, the chairman and CEO of Merrill Lynch proudly stated, “As a business person, having the option to ‘data-mine’ investment traits. . . It's an important advantage,” ignoring the inability for someone to consent to all of their observable and unobservable behavior being up for grabs. Information about a person’s behavior, I argue, should not be a commodity gleefully for sale by those with means in order to give them more means. Rather, a person’s behavior is a person’s identity that should not be sacrificed for commercial gain.
B. Political Issues: The Specter of Socialism, The Boogeyman of Behavior Mining
i. The Partisan Aversion to Government-Run Healthcare
For there to be Healthcare for All, we need a government that would see it as necessary policy. This is difficult when the phrase “Medicare for All” makes most politicians quake in their boots. Even the government-centered insurance we do have (the Affordable Care Act) (“ACA”) gets challenged in the courts every five years. The ACA did not clarify how a government should provide for the health of its people, but instead “became the object of intense conflict over both the boundaries between the market and state and tensions between individual and social responsibility,” making the ACA the ripe sticking point for the Republican party. At this point in politics, there needs to be bipartisan support for universal healthcare, which seems near impossible from Republicans.
But Republicans are not solely to blame: Democrats are also terrified to endorse Medicare for All (“MFA”). MFA is a single-payer system “in which a government entity reimburses doctors and hospitals at a set rate.” Any 2020 presidential candidate who supported it full-throatily ended up either walking it back (Warren) or ultimately lost the candidacy (Sanders). And, instead of offering compromises aimed at fixing the objective, non-partisan problems in the ACA (“Marketplace instability, inadequate subsidies, the affordability of insurance, and the coverage gap for lower-income people in states that haven’t expanded Medicaid”), the candidates campaigned on compromises--that you could keep you beloved doctor, insurance network, pharmaceutical giant.
This is an illusion of choice. While there is a private option in treatment, insurance, and/or drugs, there will be a market for selling behavior data. We need Healthcare for All because only with public insurance, providers, and prescriptions does that market incentive disappear and data integrity remains.
ii. The Lack of Legislative Knowledge on Data Privacy
No legislation can be achieved when lawmakers do not understand what data privacy means. This proves pivotal when legislation may be the only hope for Americans’ data security. Courts are unclear as to what counts as damages in the cases of data breaches. Comprehending the behavior collected by private companies can also aid in preventing digital redlining, because when insurance companies can sell information on patients with everyone from their doctor to their loan agent, a pre-existing condition becomes one on a person’s economic freedom.
C. Legislation Under an Inalienability Rule
The problem with any of the laws that attempt to govern our data is that they are run under a property rule: that data is something that can be bought and sold. Yet, data is our very essence, so powerful a tool that businesses trip over themselves to buy it, to influence us. The fear, though, is that the government would be just as susceptible to hacks as private businesses. It is true that healthcare.gov has experienced breaches; surprisingly, or not, [[https://blog.malwarebytes.com/security-world/2019/11/would-medicare-for-all-help-secure-health-data/] [private insurance has more]].
With an inalienability rule over a property rule, legislators can make it clear that our behavior is not for sale, provide a marketplace in which it is not needed to be sold, and create a remedy scheme that reflects how high the stakes are of such a breach. Currently, the legal landscape regarding a remedy when your behavioral data are breached by a company is to sue under negligence. This requires a showing that your injury is “(1) ‘concrete, particularized and actual or imminent,’ (2) caused by the defendant, and (3) redressable by a court of law.” But, courts are not agreed on what the imminent harm of a breach is. Truthfully, the future harm can be limitless, up to and including stealing your social security number and finances, but with no guidance, there can be no remedy.
II. Conclusion
An inalienability rule for data collection, though the best move for general health, will never pass until we grasp two things. One, that our data is our life, full stop; and two, that protecting data, and therefore the life of constituents, is beyond partisanship. Cutting out private endeavors may not be the most efficient way to regulate medical care, but it is the most effective when we consider health more comprehensively.
You are entitled to restrict access to your paper if you want to. But we all derive immense benefit from reading one another's work, and I hope you won't feel the need unless the subject matter is personal and its disclosure would be harmful or undesirable.
To restrict access to your paper simply delete the "#" character on the next two lines:
Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list. |
|
|
|
|
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
|
|