When was this ever true? Sellers learn about individual buyers and try to sell to them more effectively. This happens in every souk and bazaar, in every village, in every town and market. Why would we be in a position, let alone likely, to abandon our existing understanding about this? What are the First Amendment implications of deciding to prohibit learning about one another? If this is a proposition you intend to consider, rather than just tossing on the fire to see how it burns, you would need an essay all to itself.

If this is a proposal for nationalization of all health care, in the British style, does it make any difference whether there is public enthusiasm for it? There has never been a moment when there was significant political support in the US for this outcome, and with the exception of Britain there's no wealthy society that shows any interest in adopting it. So it seems to me that something should be said about the difficulty of reaching this result democratically. Once again, this would take 1,000 words on its own, I think.

Does this reflect the actual state of US law? Surely HIPAA says otherwise, does it not?

I don't understand the point here. "Data" is many different things, one of which only is patient data identified with or capable of being linked to a particular patient, I don't think anyone actually advocates an open market in such data, and that's not the current state of the law. It would be helpful to be more precise both about what "data" is under discussion, and what the existing rules are.

With an inalienability rule over a property rule, legislators can make it clear that our behavior is not for sale, provide a marketplace in which it is not needed to be sold, and create a remedy scheme that reflects how high the stakes are of such a breach.

Is that what an inalienability rule does? Doesn't it also prohibit patients from sharing information they want others to have? If not, what sort of licensing does this anti-licensing principle permit?

Currently, the legal landscape regarding a remedy when your behavioral data are breached by a company is to sue under negligence. This requires a showing that your injury is “(1) ‘concrete, particularized and actual or imminent,’ (2) caused by the defendant, and (3) redressable by a court of law.” But, courts are not agreed on what the imminent harm of a breach is. Truthfully, the future harm can be limitless, up to and including stealing your social security number and finances, but with no guidance, there can be no remedy.

But why should we consider there to be "no guidance"? Can you show some examples of this absence of understanding? I think this is about cases, not blog entries.

I think the best route to improvement here is focus. There are several interesting and doubtful propositions advanced in a draft that simply does not have room for more than one of them. And the parts of the essay that are about law could use more legal precision for which there isn't presently room. The best step seems to me to concentrate attention on one of the ideas you have, and to work that one through at full length. I don't know which of the roads is most desirable from your point of view, but as Robert Frost once observed, you cannot travel three roads and be one traveller, at least under these circumstances.

Removing the Cause and the Symptom: Effective Health Data Protection Through Universal Single-Payer Healthcare

-- By AlisonRobins - 20 Nov 2020

More than Medicare for All, we need Healthcare for All. Only when the entire medical system—treatment, insurance, pharmaceutical—is consolidated as a federal service governed by a data-centered inalienability rule, with no private options, can the health of our nation be furthered both safely and ethically.

I. The Virus in Us, The Virus About Us

A. The Technology at Hand

In an ideal world, our data would be publicly available to good-faith actors who just want to rid the world of disease. That was, of course, one of the origins of the Net: a collaborative tool for scientists and academics to share information in a non-hierarchical manner. However, when the Net grew and as the barrier to entry became a working internet connection, so did the influx of private companies into industries like healthcare.

Due to the increase in competition, in order to stay operable as businesses, medical and related companies began collecting, using, buying, and selling their gold mine: user data. Large, competitive websites have been selling information on its users to data companies since as early as 1998. At this point, the chairman and CEO of Merrill Lynch proudly stated, “As a business person, having the option to ‘data-mine’ investment traits. . . It's an important advantage,” ignoring the inability for someone to consent to all of their observable and unobservable behavior being up for grabs. Information about a person’s behavior, I argue, should not be a commodity gleefully for sale by those with means in order to give them more means. Rather, a person’s behavior is a person’s identity that should not be sacrificed for commercial gain.

B. Political Issues: The Specter of Socialism, The Boogeyman of Behavior Mining

i. The Partisan Aversion to Government-Run Healthcare

For there to be Healthcare for All, we need a government that would see it as necessary policy. This is difficult when the phrase “Medicare for All” makes most politicians quake in their boots. Even the government-centered insurance we do have (the Affordable Care Act) (“ACA”) gets challenged in the courts every five years. The ACA did not clarify how a government should provide for the health of its people, but instead “became the object of intense conflict over both the boundaries between the market and state and tensions between individual and social responsibility,” making the ACA the ripe sticking point for the Republican party. At this point in politics, there needs to be bipartisan support for universal healthcare, which seems near impossible from Republicans.

But Republicans are not solely to blame: Democrats are also terrified to endorse Medicare for All (“MFA”). MFA is a single-payer system “in which a government entity reimburses doctors and hospitals at a set rate.” Any 2020 presidential candidate who supported it full-throatily ended up either walking it back (Warren) or ultimately lost the candidacy (Sanders). And, instead of offering compromises aimed at fixing the objective, non-partisan problems in the ACA (“Marketplace instability, inadequate subsidies, the affordability of insurance, and the coverage gap for lower-income people in states that haven’t expanded Medicaid”), the candidates campaigned on compromises--that you could keep you beloved doctor, insurance network, pharmaceutical giant.

This is an illusion of choice. While there is a private option in treatment, insurance, and/or drugs, there will be a market for selling behavior data. We need Healthcare for All because only with public insurance, providers, and prescriptions does that market incentive disappear and data integrity remains.

ii. The Lack of Legislative Knowledge on Data Privacy

No legislation can be achieved when lawmakers do not understand what data privacy means. This proves pivotal when legislation may be the only hope for Americans’ data security. Courts are unclear as to what counts as damages in the cases of data breaches. Comprehending the behavior collected by private companies can also aid in preventing digital redlining, because when insurance companies can sell information on patients with everyone from their doctor to their loan agent, a pre-existing condition becomes one on a person’s economic freedom.

C. Legislation Under an Inalienability Rule

The problem with any of the laws that attempt to govern our data is that they are run under a property rule: that data is something that can be bought and sold. Yet, data is our very essence, so powerful a tool that businesses trip over themselves to buy it, to influence us. The fear, though, is that the government would be just as susceptible to hacks as private businesses. It is true that healthcare.gov has experienced breaches; surprisingly, or not, [[https://blog.malwarebytes.com/security-world/2019/11/would-medicare-for-all-help-secure-health-data/] [private insurance has more]].

With an inalienability rule over a property rule, legislators can make it clear that our behavior is not for sale, provide a marketplace in which it is not needed to be sold, and create a remedy scheme that reflects how high the stakes are of such a breach. Currently, the legal landscape regarding a remedy when your behavioral data are breached by a company is to sue under negligence. This requires a showing that your injury is “(1) ‘concrete, particularized and actual or imminent,’ (2) caused by the defendant, and (3) redressable by a court of law.” But, courts are not agreed on what the imminent harm of a breach is. Truthfully, the future harm can be limitless, up to and including stealing your social security number and finances, but with no guidance, there can be no remedy.

II. Conclusion

An inalienability rule for data collection, though the best move for general health, will never pass until we grasp two things. One, that our data is our life, full stop; and two, that protecting data, and therefore the life of constituents, is beyond partisanship. Cutting out private endeavors may not be the most efficient way to regulate medical care, but it is the most effective when we consider health more comprehensively.

• #Set ALLOWTOPICVIEW = TWikiAdminGroup, AlisonRobins
• #Set DENYTOPICVIEW = TWikiGuest

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.