And yet people are not allowed to sue the companies that are meant to safeguard their information.
893
zane9102 days ago
+162
We can only rely on the EU to start taking this seriously since it's the only collective force that would seem to at least care about such issues and can make rulings that companies have to comply to.
Can't trust the US since companies have rigged the system so much they are now collective considered people for some dumb ass reason. Not to mention the current dumbass in chief who'd want to be in on the scam if he isn't already.
162
microworry2 days ago
+66
Too bad the UK have left the EU, they’re on their own now.
66
Calm_Bit_throwaway1 day ago
+3
I mean who would you hold accountable in this scenario? It seems to be a non profit with legitimate agreements for sharing the data with universities. Researchers then used their credentials and sold the data. Presumably the researchers at the far end but they're in a different jurisdiction which probably makes this hard to prosecute if at all.
3
JayTravers2 days ago
+2543
This is why people are truly apprehensive of digital IDs. The selling of data is profitable.
Third party holders being used as scapegoats instead of governments handling data themselves and being held liable doesn’t help neither.
2543
nahnahnahthatsnotme2 days ago
+247
i agree but also isn’t this existing data like nhs data breached.
so essentially anything digitised is potentially getting hacked.
so how do we have digital services without this?
obviously overall, security should be at the core of every service
247
Stoyfan2 days ago
+208
Health research relies on data. In this case this was anonymised data for research on Parkinson’s and cancer and was maintained by a charity so other institutions can use it for their studies.
This data is already semi-public and has been modified so that people cannot be identified if records were released. It has been taken down because it was being sold contrary to the terms of the licence of the dataset
Simply mandating that health organisations cannot maintain digital data is simply not realistic
208
GoldCoinDonation2 days ago
+2
Having worked in this area I can assure you, it is not de-identified properly.
2
TheRealSectimus2 days ago
+40
Ok random guy on listnook, I can assure you, that it 100% is. It is a regulated requirement.
Sometimes hackers can draw correlations to publicly available info or other leak lists based on various data points to try identify who you actually are. But the source data sent from the NHS ***will*** be protected unless we are going hollywood here and claiming a leak from the inside. Even that, will have a paper trail.
Source: *Literitally wrote patient safety software used in NHS hospitals, nobody in my department could even look at the actual data, any data from a tenant was* ***heavily*** *obfuscated.*
40
AgentCirceLuna2 days ago
+5
This makes sense as a frequent flying patient, too; I’m part of multiple services as a secondary patient, so there’s often questions about the medical history of the other one. They usually know barely anything.
5
TechnalityPulse2 days ago
+10
There's a reason the Cybersecurity > Homesteading timeline exists. We aren't coding for security, we're coding for profit.
10
Not_invented-Here16 hr ago
+1
The best I can think of, is you have some form of digital if no, issued by the gov that is just yes you are over 18.
Def has problems to do with anonymity. But got to be better than having to use signs ups that take all the other relevant data about you (like biometrics, passport photos etc, being held by third party companies who treat security as a cost reduction exercise.
1
DifficultCarob4082 days ago
-17
Good luck with anything being safe anymore. Anthropic’s Mythos will seem like Stone Age tech in a couple of years, with how exponentially AI capability is ramping up.
-17
sdrawkcabsihtetorW2 days ago
+6
That's like saying encrypting things is pointless because super computers exist.
6
DifficultCarob4081 day ago
+2
That's not what I said at all, how the f*** did you glean that from my comment?
2
podkayne30001 day ago
+1
It will soon be pointless to encrypt things because commercial quantum computers exist.
1
TheRealSectimus1 day ago
+1
So people have been saying for the past 15 years
1
__Atlas___2 days ago
+27
The best form of data security is for the data to not exist. Every form of id we create and collect just results in more potential vulnerabilities (see p*** ban verification)
That’s on top of it being a UK government procured IT system which either don’t work or leak like a sieve.
Our government (both sides of the fence) has consistently shown it cannot legislate the digital domain with any form of effectiveness.
27
thesyldon2 days ago
+10
And without digital processing the UK will go backwards. You cannot have better healthcare and services without the knowledge gained of what we need.
10
__Atlas___2 days ago
+3
Not saying we shouldn’t be going digital. But there needs to be a lot of work put in to bringing UK procurement processes up to snuff. Currently every government website is shite. That cannot continue.
We also need to be looking at what data we are collecting. Is it all necessary? Is it anonymised where possible? Is the way we dispose of that data effective?
For one thing, we should not be outsourcing our government digital services to companies based in foreign nations (friend or foe). Instead we should be supporting sovereign solutions and setting stringent standards on what is acceptable
3
rigsta1 day ago
+2
> Currently every government website is shite
What's the issue? I don't often need a gov.uk site but when I do it has worked quickly and flawlessly.
2
__Atlas___1 day ago
+2
.gov is an exception.
Try and apply for a dbs check or use the NHS without having to phone someone up. You will very quickly find that there is no consistency, poor ui design, and half of the time it just doesn’t work
It’s generally more the software/websites used to do government work (council, civil servant, defence, nhs) that is severely lacking in investment
2
composedofidiot1 day ago
+1
Gov.uk stuff is a paragon of how it should be done.
1
thesyldon2 days ago
-4
You probably want to read up on what the issue with Palantir is.
[Phil Moorhouse just did a video on it.](https://www.youtube.com/watch?v=y56yWji67bo)
There are huge concerns regarding our data and its abuse. But what is very evident is that we need to start making strides in this direction. There will be hiccups on the way. And from past experiences in this area, that is an inevitability.
-4
__Atlas___2 days ago
+3
I’m not just referring to the Palantir situation. We have seen a number of services brought into place over the past 5 years that are not fit for purpose.
The NHS for example is a shit show underneath. I personally know of multiple people that have had scans not sent to specialists because the IT system closes cases if they are not dealt with in a timely manner. There should be a system that flags overdue results, this is killing people.
Until the government reviews its data collection/security procedures I would rather they didn’t roll out half baked digital solutions. It is clearly a domain that they do not fully understand and are unwilling to spend the money to get it right.
I don’t consider health data breaches to be a minor hiccup. That is a completely unacceptable major data breach that potentially puts millions of citizens at risk.
3
TeaAndLifting2 days ago
-2
> Our government (both sides of the fence) has consistently shown it cannot legislate the digital domain with any form of effectiveness.
It's crazy to me how incompetent and tech illiterate all these GenX and older Millennial politicians are. The government has digital records of people's ID, their passports, driving licences, etc. They could just have a token verification system where signing up, where you can generate a seecure token that can bee used on third party websites. The actual ID information remains in government hands, but you can still verify things online.
But it's always all or nothing with these luddites. They get a presentation from some tech startup that promises the world and that they'll safely and securely handle people's personal data, and lo behold, there are inveitable breaches and fuckups because they in fact, did not safely or securely handle the data and kept it in some plain text file or some shit.
-2
Wait_for_BM1 day ago
+3
IT company that implement the database should bare the most blame. It is their business to know about security and provide feedback. Politicians aren't in the job to code databases. They are there to represent the voters. Voters aren't coders either.
3
__Atlas___1 day ago
+1
This is true but when you run a procurement strategy where lowest bidder wins you inevitably end up with unqualified/overworked contractors who take shortcuts.
I can guarantee you there will have been meetings where the contractor presents the solution and says “you need this at a minimum but we recommend doing that” and the answer would have been “which is cheaper”
1
Mesapholis2 days ago
+39
when blockchain was the belle of the ball someone on here was trying to call me an idiot, for not wanting personal medical information to be stored on a blockchain.
39
Big_Department42092 days ago
+29
Such proposal never even made sense, it's in the realms of "not even wrong" since what a blockchain provides (distributed trust done through consensus by a cluster of untrustworthy clients without a centralised entity) has no application whatsoever to medical records, lol.
29
noir_lord2 days ago
+19
Go back to that era, replace "blockchain" with "AI" and it makes just as little sense *now* as it did *then*.
I've simply stopped paying attention to the pro-AI folks, if it turns out to be as good as they think (and I strongly suspect it won't, not my first hype cycle) then I'll hear about it *anyway*.
19
Caffeine_Monster2 days ago
+3
Distribution does make sense if we genuinely care about data ownership. Central databases are increasingly a liability (juicy target).
The whole distributed trust chain thing is redundant though for records. Central verification is fine and far more efficient than blockchain.
3
Mesapholis2 days ago
+1
I asked him if he wants verifiable redundancy of his last STI in multiple ledgers - he said I’m too stupid to understand how blockchain/NFT/Ai will revolutionise the world and I will loose my job as a software developer.
I’m still here :D
1
sliversniper2 days ago
+2
You CAN trust blockchain and the well-researched mathematically provable security.
You CANNOT trust the HUMANS operates or uses them.
2
sdrawkcabsihtetorW2 days ago
I mean, you can find anyone on the internet to call you an idiot for any reason. Why have you been carrying that random online interaction all these years?
0
Mesapholis2 days ago
+1
I don't I just remembered the interaction how someone with no clue was so passionate about something they didn't understand, and it is cyclical
1
ptapobane2 days ago
+5
also it's sky news so I'm just going to assume it's 10% truth + 40% bullshit + 50% racism and good ol' fashion xenophobia
5
TheTreeDweller2 days ago
+3
You know who has digital copies of your id already, the passport offices and DVLA.
Where's the outrage on that?
3
itszaidbtw1 day ago
+1
but nobody purchased it. wtf are people going to do with this data.
1
jimjamjahaa1 day ago
+1
It could be done right, but it won't. You could have a physical key like a passport. Heck it could be built in to your passport. This is your private key and it is matched with a public key that can be saved to all your devices and browsers. We don't care if anyone has your public key. The website sends a challenge to lock something with your private key. You beep your booper on the thing and it takes the challenge, encrypts it and sends back the locked message, which can be unlocked with ONLY your public key. Hey presto, you are authenticated and no device except your magic passport ever gets to see the private key.
1
Hot-Delay56082 days ago
-8
How is the government responsible for 3rd party breaches? What things are actually happening in libertarians brains? Like The government cannot be made all powerful but at the same time the government must be made responsible for the faults of third party private companies. Are the basic logic circuits shorted there?
-8
Koolio_Koala2 days ago
+23
Because when you c**** out on contracts, fail to set up adequate oversight and security, and fail to learn from your mistakes because "it’s not our problem", you share some of the responsibility. The governing bodies and those deciding on contracts need to have vetted organisations and gone through a whole assessment process before awarding massive contracts, and they do for the most part.
There are whole departments across government for this exact purpose, and if they haven't done their jobs you end up with data breaches, millions wasted in useless PPE during a pandemic, and corruption and cronyism when dishing out multimillion pound contracts to your friends.
Those responsible for all of that might have done their job properly and it's solely the fault of the 3rd party. Or they could have cheaped out, not done their dilligence, or pocketed some nice bonuses awarding the contract to a company that didn’t exist a week ago. Either way there needs to be oversight and accountability at each level, otherwise we won’t know what went wrong, and the same thing can just happen again and again.
It's what every functional organisation and government that has ever negotiated a contract does as standard, not really a difficult or "libertarian" concept. There are billions of pounds of taxpayer's money in these contracts, there should at least be *some* accountability and review of processes there...
23
zane9102 days ago
+23
Because the government is trying to force digital ID's on citizens for goods and services that don't nor shouldn't require it in a time of the digital age where hackers and data breaches are a consistent and very real risk.
People don't like having their personal information being given out without their consent, yet it's increasingly being made to. And there are a lot of bad actors who either take the data and sells it to whoever for their own profit while the people whose data is being sold gets told nothing nor benefit from it.
Even worse with foreign powers taking that information for any number of potential reasons that can easily constitute a severe security risk for a nation or a constant annoyance and violation to one's personally autonomy. Even worse if it's anything to do with one's financial data, which causes a whole number of problems for individuals where their lives can be impacted to severely ruined.
23
shredditorburnit2 days ago
+4
Mandated use via those chosen third parties.
If someone is contracted to build a house and the carpenter causes problems and does a runner, it's ultimately the primary contractors responsibility to sort it out for the client, not to just point at the carpenter and say "not my fault". But it is their fault if they hired the man.
4
WeWereInfinite2 days ago
+11
Because governments are enforcing *mandatory* age verification without providing a government tool for it, so companies and the governments themselves are forced to outsource it to third party companies?
Get your own logic circuits sorted out.
11
Hot-Delay56082 days ago
-11
So you want the BIG BAD government to provide age verification tools so that you can later claim that the government wants to control even more of our data? LMFAO
-11
flypirat2 days ago
+3
Look at the EU's zero trust age verification project. It aims to do exactly that, provide age verification without actually handling any data that can be exposed in a breach. The project is open source, so any government shenanigans are out in the open.
3
Pleasant_Narwhal_3502 days ago
-1
> This is why people are truly apprehensive of digital IDs. The selling of data is profitable.
You could say that robbery and extortion are profitable, but most developed countries don't disband their police and military just because they could potentially go rogue and rob/extort civilians.
I think the fundamental issue here is that the British government in general is either incompetent, malicious, or both. I'd trust my own government's implementation of digital IDs (and I use it all the time), but after years of first-hand experience living in Britain, I would not trust the British government to have my digital ID data.
-1
cardboard_dinosaur2 days ago
+1
What data do you think digital ID will give them that they don’t already have?
1
OneMonk2 days ago
-6
Digital IDs make this less likely not more likely
-6
Joosh932 days ago
+356
Overweight and getting old, how much do I get?
356
tthrowaway7122 days ago
+51
The south asian se- tourism industry, turkish hair implant and dental industry are going to be killing themselves over your data
51
[deleted]2 days ago
+7
[deleted]
7
10YearsANoob2 days ago
+11
A lot of people think south asia=south east asia. Easy enough mistake to make but the two are culturally worlds apart lol
11
nifty-necromancer2 days ago
+10
Typing sex is too much for you but killing is fine?
10
tthrowaway7122 days ago
-18
You wouldn't recognize humor if it bit you in a d***. I cut the word off to imply the humorous stereotype of saying something truthful but impolite - in this case that fat, old, white men travel to asia for sex industry and replaced that with the polite version - tourism, in a kind of tongue-in-cheek humor, where the reader understands what impolite thing I'm implying without me having to state it plainly.
-18
nifty-necromancer2 days ago
+9
Lol there is zero humor in you
9
killer_corg2 days ago
+7
You’ll now start seeing Ozempic, Gold and Silver, and foxnews ads.
7
TheMagicTorch2 days ago
+68
I've worked with a tech organisation in the UK that runs GP surgeries in SE England (and therefore stores and processes sensitive medical data) with access into the NHS private WAN (can't remember the acronym) and they were an absolute shit show. I'm more surprised this hasn't happened more often.
Database dumps in public S3 buckets, the works.
68
ledow2 days ago
+32
The NHS backbone is atrocious.
My ex- used to run genetics labs in hospitals you've DEFINITELY heard of, and I've seen the kit, the way it's connected, the VPN, even the atrocious machines they supply doctors and researchers
The whole NHS backbone is a shit-show, and working in IT, I advise all my staff to steer well-clear of NHS IT if they are ever considering an industry change.
I saw things like ActiveX-based login from Windows 7 laptops over an insecure VPN (just a few years ago), £1m scanners and lab equipment that still run insecured XP installs and saves its output files to open shares that are then manually retrieved from the "secure" system to add to patient records, etc.
Horrendous and atrocious legacy setups slammed together with patient records, "secure" systems, and connected nationwide with basically free access to a LOT of people (e.g. a lab manager might well require access to any/all patient records that they deal with, and that access is basically unaudited from what I can see, unless there's something REALLY well-hidden and sneaky monitoring it all somehow, but I can't even imagine how that would work in such a mess).
Do. Not. Ever. Work. IT. For. The. NHS.
32
ztomiczombie2 days ago
+5
Back when the NHS was being digitised in the 90s they wanted people to be given "smart cards" with a memory chip that would hold their medical records because the IT guys at the time did not believe that security could be maintained across the internet and worried that even if it could necessary equipment that could not be renewed would be a massive issue.
5
quipstickle2 days ago
+2
3N network? Still using ITK or did FHIR take off?
2
TheMagicTorch2 days ago
+2
It was via Redcentric at the time, HSCN it's called (replaced 3N), they were paying £30k/mo for that link 😭
2
leisurechef2 days ago
+205
3 mins away from an AI training dataset
205
811545b2-4ff7-40412 days ago
+32
This is actually the worst thing - the value of this dataset is now lost, in a sense. It's worth a decent amount of money to be used for research and now it's just available to use.
Although, it's not getting refreshed, so you it's value isn't as much as an active de-identified dataset (and there are a few providers of those).
And.. turning this into useful (or valuable) AI models is not as easy as you might think
32
Stoyfan2 days ago
+13
I doubt this charity is making tonnes of money for dataset access. I would be intrigued how much they were paying institutions to access it.
13
811545b2-4ff7-40412 days ago
+10
They are 'not for profit' but they receive around £2-3m per year for data access fees.
10
Stoyfan2 days ago
+2
Just had a look. 76 million gbp in income and 30 million in expenditure although their activities are a bit more broad than just holding records.
Them being not for profit doesn’t mean that income and expenditure has to match each year of course. If there is a surplus then it just have to be reinvested into future activities
2
811545b2-4ff7-40412 days ago
+1
My real concern is how exactly did this breach happen. You don't carry around this sort of stuff on a memory stick and lose it on the train.
1
Stoyfan2 days ago
+2
Well, the dataset is given to institutions for research purposes so there is your obvious vector
2
811545b2-4ff7-40412 days ago
+3
Is it given, or is 'access given' - i.e. they can remote into Biobank systems and deploy their code/queries on it.
I.e. on their cloud-based system - [https://www.ukbiobank.ac.uk/use-our-data/research-analysis-platform/](https://www.ukbiobank.ac.uk/use-our-data/research-analysis-platform/)
Like I said.. you don't just share around datasets like this. It's meant to be kept in one place, and securely accessed.
To give some context, I worked with a data supplier to them once, and during the covid-19 era, my concern was state actors attempting to breach the dataset.
3
flypirat2 days ago
+2
Well in theory, sure. Researchers are an impatient bunch, and many are not very aware of smart data security practices. I can count on more than one hand the amount of times a researcher asked me how to download the data they need from the provided URL (just the URL, no further checks). Having to explain to them why this is a bad idea and not how we do things can be quite frustrating when they refuse to be understanding.
2
811545b2-4ff7-40412 days ago
+2
Do you pen-testers not test for the capability of doing this?
Now I know there are some funky ways of getting data out of systems (just discovered it's possible using DNS queries) but really this shouldn't be doable if it's a known exploit.
2
D4ltaOne2 days ago
+1
> Researchers are an impatient bunch, and many are not very aware of smart data security practices
Saw a prof(i think? Something like that) on a university going online with windows xp. In 2020. They have literally zero idea that thats an issue.
1
Stoyfan2 days ago
+4
Even if you only had access remotely, surely you can just deploy some code to download the data
4
811545b2-4ff7-40412 days ago
+4
This is why you pen-test systems, so that can't be done (easily)
4
Master-Leopard-78302 days ago
+75
READ THE ARTICLE
THE DATA WAS DOWNLOADED LEGITIMATELY AND THEN ADVERTISED FOR SALE
75
Whoknowsknows19622 days ago
+25
This is Listnook no one is reading shit
25
Normal_Red_Sky1 day ago
+5
This time. Have a read of this
https://www.theguardian.com/science/2026/mar/14/confidential-health-records-exposed-online-uk-biobank
They had serious data security issues.
5
__Atlas___2 days ago
+6
Whilst that’s true in this case it does start a good conversation about how our data is used and protected
6
eloquentirvine2 days ago
+3
Regardless it’s still a crazily worrying situation
3
Master-Leopard-78301 day ago
+2
Agreed
2
NerveFibre2 days ago
+1
Already hundreds of Chinese scientific articles using UK biobank data. I doubt all of them use the data with a legitimate licence. Its a great way for medical doctors to produce paper mill research and get tenure.
1
MusterBuster2 days ago
+60
People please for the love of sanity, read the article.
This isn't a data breach. It's poor governance. Three research institutions who had legitimate access to the datasets (eg. they had an agreement for legitimate use of the data) decided to put that data up for sale on Alibaba, which they were not supposed to do.
Nothing to do with technology, hacks, or anything other than a breach of contract by foreign third parties.
It's also nothing to do with the NHS. This was a charity, and the people whose data was up for sale all volunteered to give that data to research institutions.
60
Holmesdale2 days ago
+6
I mean, it is something to do with the NHS in that the NHS shared medical data with Biobank, and of course the NHS's name was used in recruiting people to volunteer for the Biobank.
6
NerveFibre2 days ago
+3
Indeed. This is more like piracy tbh - the UK biobank is a gold mine for scientists
3
NA_0_10_never_forget2 days ago
-3
this is even worse. far FAR worse even. but within expectations. now hand over your ID, picture and voice or they'll cut off your internet
-3
AliceLunar2 days ago
+5
Can we just sell our own information at this point? Might as well profit from the inevitable.
5
VagueSomething2 days ago
+6
We should be paid for our data when collected, we should be compensated for breaches. Without punishment CEOs don't understand responsibility.
6
alueron1 day ago
+4
Palantir should immediately loose all their contracts with the UK over this. Not only can they not be trusted to not help fascists but they also suck at cybersecurity
4
TheWhomItConcerns2 days ago
+9
>He said data sets including gender, age, month and year of birth, socio-economic status, lifestyle habits, and measures from biological samples were included.
Why would anyone even buy this? What value does it have to even nefarious actors if it doesn't include any identifying information?
9
tthrowaway7122 days ago
+4
Imagine you run a medical company making pills and get data that is representative of british population, you'd be able to plan accordingly what medicine and stuff you need to start advertising, researching and selling them in 5-10 years
4
TheWhomItConcerns1 day ago
+2
Isn't there already pretty comprehensive legitimate means of purchasing this kind of data? Social media companies, for example, already have pretty robust population data on their users.
Also, on broad population scales, isn't a lot of this kind of data already available through research, government statistics, and other legitimate means? For a medical company attempting to develop a long-term business strategy, this seems like a pretty strange way to go about it.
2
NerveFibre2 days ago
+2
Many scientists can use these data in their research. The large size of the database both in terms of participants and types of analyses made on various bodily fluids, makes it a gold mine. Wondering whether diet influences the gut microbiome? Instead of running a time consuming, difficult and expensive study, you can just buy a licence to a part of the UK biobank. Or maybe you want to know whether blood cholesterol is higher among men taking a certain drug? There are endless opportunities...
2
TheWhomItConcerns1 day ago
+2
>Many scientists can use these data in their research.
I mean, I know that China isn't exactly the most ethical country, but any major journal would immediately reject research published on such unethically sourced data, and the scientists could further be blacklisted too. Any credible scientist would have to be out of their f****** mind to purchase this data, let alone publish research based on it.
2
Objective_Law50131 day ago
+1
I don't know if a scientific journal has the resources to check if you licensed the data or bought/p****** from a third party. Hundreds of academic institutions around the world already legitimately use and publish papers based on the data. it costs $9000 to get maximum access for 1 year directly from the UK biobank website. https://www.ukbiobank.ac.uk/use-our-data/fees/
1
TheWhomItConcerns1 day ago
+1
>don't know if a scientific journal has the resources to check if you licensed the data or bought/p****** from a third party.
Any credible research needs to be explicit in how they sourced their data, and peer reviewers will absolutely scrutinise any referenced datasets. If anyone attempted to use a fraudulent dataset, it would very likely be discovered before it was even published, if not certainly at a later point.
1
Large_Leader_98642 days ago
+5
They can be used for personalised scams, identity theft, blackmail, and to aid decision makers of adversaries. They are also valuable simply for the fact that it’s personal information.
5
TheWhomItConcerns2 days ago
+2
How? They have no identifying information associated with them - it's basically just a bunch of data.
2
NA_0_10_never_forget2 days ago
+1
they can find out who it belongs to from advanced inferencing blabla tech that data brokers use
1
TheWhomItConcerns1 day ago
+1
Unless there is a *lot* of information contained in this data which can be cross-referenced with other identifying data, I'm not sure how that would be possible. You could have all the data in the world on a person's medical history, but unless you can actually tie it to tangible identifying information, it's just an anonymous data point.
1
Outside-Ad45321 day ago
+1
Sorry Jeremy we never charged you for your pills please fill your debit into our website
1
TheWhomItConcerns1 day ago
+2
As far as has been reported, there's no identifying information. They don't know the names, phone numbers, addresses, email addresses, or anything else that could enable anyone to contact or target the people in this data.
As far as the article describes, this is basically just an anonymous data set.
2
JulienBrightside2 days ago
+1
Do you mean advertisements?
1
NyxUK_OW2 days ago
+3
Our government already sold out our private data to palantir, what's the big deal if the Chinese have it too. Our data is already being used for every nefarious means we could probably think of, including AI training
3
Majestic_Matt_4592 days ago
+3
I've got Bunions
3
CilanEAmber2 days ago
+3
If a chinese person gets mine, can they share it with me please? I'd like access to it.
3
dontdropthesope12 days ago
+3
What would they even use it for? Genuine curiosity.
3
AndrewWhite972 days ago
+3
Oh yay how fun.
3
Haru1st2 days ago
+15
Now the children are not only not protected but well in the hands of their nation’s rivals. So much for keeping them safe.
15
Stoyfan2 days ago
What children?
0
Haru1st2 days ago
+7
Oh you must have missed all the hype behind the Online Safety Act and how it was supposed to bring about safety and security for children in the digital space.
What it ended up being though, is a vehicle to legally mandate the gathering of personal data on even more British citizens than ever before and the erosion of the one thing truly protecting most people online - anonymity.
Welcome to the UK. Your info’s for sale. Your children’s info is for sale. Time to see what your geopolitical adversaries do with it now that all the warnings from security specialists went unheeded by politicians bought and paid for by foreign interests.
7
nvmenotfound2 days ago
+2
the amount of data companies harvest from people needs to be limited. it’s crazy just how much information is out there.
2
Old-Law-73952 days ago
+2
Why would people pay to know about my monster dong
2
Kromagg81 day ago
+1
You spelled dung wrong
1
Old-Law-73951 day ago
+2
I do generally score high on the couric scale, but im referring to my monster hog
2
Standard_Response_431 day ago
+2
As long as it is anonymous I don't see a problem.
It's not like I'll suddenly see back pain advertising on my phone
Oh, wait there ..shit
2
DaNuker22 days ago
+16
I wonder who did this, couldn’t be Palantir could it?Right after the UK government gave them access to NHS data?
16
Stoyfan2 days ago
+53
You know, if you read the article. You will find the answer to your question.
53
nid02 days ago
+33
I mean, the article doesn't actually answer the question.
The data held by Biobank, who made it available to, quoting directly from the article "researchers at three academic institutions" was found to be for sale.
Cool. So did researchers at those institutions offer the data for sale, or did a compromise of those institutions' systems get the data stolen and offered for sale, or do those institutions use a health data aggregation platform, such as the one offered by, say, Palantir, and was the operator of that platform compromised or did it directly steal the data and offer it for sale?
The article very much does not answer this question whatsoever.
33
Stoyfan2 days ago
-2
DaNuker asked whether it had anything to do with palantir. It clearly states in the article that it doesn’t.
He could have read the article before post this question. You could have read his question as well
-2
nid02 days ago
+11
The article very explicitly does not say that this doesn't have anything to do with Palantir and that conclusion can categorically not be drawn from anything that is stated in the article.
11
slightlysublevel2 days ago
+2
The article also doesn't explicitly say that this doesn't have anything to do with Jewish space lasers. That must mean it has to do with Jewish space lasers!!!
2
TheFlanker2 days ago
+10
Do you have any understanding of how the Palantir contract with the NHS works? Like, any notion at all?
10
5Hjsdnujhdfu8nubi2 days ago
+9
It's a charity called Biobank where volunteers supply the data, not the NHS.
>He added the charity had said the data "did not contain participants, names, addresses, contact details or telephone numbers".
Theoretically you *could* identify someone through their DOB and less unique information but this isn't a massive problem.
9
811545b2-4ff7-40412 days ago
+1
Theoretically, but in reality - you need lots and lots of identifiable data to match it against. So you can 'add' to existing data, but it's not that easy to go in blind and re-identify.
1
5Hjsdnujhdfu8nubi2 days ago
Exactly. You'd practically need to know someone was in this data before trying to identify them.
0
811545b2-4ff7-40412 days ago
+1
I still argue you could just stand in pharmacies for a few days and you'd learn far more identifiable clinical info about people. Really boring info.
1
poppin-n-sailin2 days ago
+3
Quick! add a requirement of uploading birth certificates and social security/SIN/equivalent to internet ID requirements. that'll protect the children.
3
NorwegianSpaniard2 days ago
+2
Not even from the UK and this makes me furious. Disgusting what these people are capable of to make their excess money they'll never consume in their lifetime.
2
Oolacile_Resident2 days ago
+2
Thanks, Palantir
2
Biomorph_2 days ago
+1
It’s okay palantir has access to our data im sure they will protect it 😂😂
1
pat_the_tree2 days ago
+2
GDPR includes a right to be forgotten, we should send these requests to that company en masse
2
Workout_Ham2 days ago
+1
[ Removed by Listnook ]
1
pivovy2 days ago
+1
No names or addresses, but "gender, age, month and year of birth, socio-economic status, lifestyle habits, and measures from biological samples". So, might be identifiable for some when crosschecking with other lists.
1
williamgman2 days ago
+1
Here in the US we get messages literally each year from all healthcare providers saying our data has been stolen.
1
poppop7020252 days ago
+1
The price per patient??🤔
1
AmericanSahara1 day ago
+1
I guess some special interests in the western world are nervous about Chinese entering the competition in sales of personal information.
Trillions are being invested into the process of personal data being gathered by AI and stored in all those huge data centers. People in the USA no longer have the constitutional rights such as freedom of association, right to privacy, right to a trial, and protection against unlawful search and seizure.
1
thethrowaway30271 day ago
+1
And the government wants to introduce electronic ids with loads of details in the same place.
Yea how about no
1
zoppaTheDim6 hr ago
+1
So, prepare for c**** erectile dysfunction drug ads on your internet, UK.
1
m15otw2 days ago
🎶That's Palantir 🎵
0
irondethimpreza2 days ago
-1
But Europe thinks China isn't a threat to them...
-1
Bazrjarmek2 days ago
+3
Not reading the article is a threat to Listnookors' brains. It's not China's fault some research institution decided to download the data and put it for sale on a Chinese website.
3
uselesc2 days ago
+1
Crazy the amount of profit from gathering and selling personal information - all in an effort to better target us as consumers or chumps, lmao
1
brunogadaleta2 days ago
+1
So UK life insurances will raise mysteriously in a few months...
1
Cakeski2 days ago
-2
Because the Tories sold it via the NHS at the very end.
-2
fitzgoldy2 days ago
-2
Yeah...but lets get closer to China because why not.
-2
Bazrjarmek2 days ago
+4
Lol, your own country downloaded the data and then put it for sale on a Chinese website.
4
lochnesslapras2 days ago
-1
Whoever could've guessed that the NHS pivot to sell our data could get leaked/hacked away to others
149 Comments