Published on November 14th, 2019 📆 | 5276 Views ⚑0
Hillicon Valley: Federal inquiry opened into Google health data deal | Facebook reports millions of post takedowns | Microsoft shakes up privacy debate | Disney plus tops 10M sign-ups in first day
Welcome to Hillicon Valley, The Hill’s newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don’t already, be sure to sign up for our newsletter with this LINK.
Welcome! Follow the cyber team, Maggie Miller (@magmill95), and the tech team, Emily Birnbaum (@birnbaum_e) and Chris Mills Rodrigo (@chrisismills)
HHS TO PROBE GOOGLE: Google’s partnership with Ascension, the nation’s largest nonprofit health system, is the subject of a federal inquiry, a senior official told The Hill Wednesday.
The Office for Civil Rights (OCR) in the Department of Health and Human Services (HHS) “will seek to learn more information about this mass collection of individuals’ medical records to ensure that HIPAA protections were fully implemented,” Roger Severino, the office’s director, said in a statement, referring to the federal law restricting the release of medical information.
The inquiry was first reported by The Wall Street Journal on Tuesday.
The project, codenamed “Nightingale,” received little attention until the Journal publicly reported details of it for the first time on Monday.
The backlash: The partnership to collect and analyze health data received swift criticism from lawmakers and privacy advocates concerned about sensitive patient information.
One significant concern raised was whether the deal violated the Health Insurance Portability and Accountability Act and its rules on handling health care data, which the OCR is now investigating.
In a press release posted hours after the Journal report, Google said Ascension was using Google’s cloud services to “securely manage their patient data, under strict privacy and security standards,” including HIPAA.
Google pointed The Hill to a Q&A on their site where the tech giant said “we are happy to cooperate with any questions about the project.”
Read more on the probe here.
HYPE OVER HIPPA: Google’s work to help Ascension, the nation’s largest nonprofit health system, collect and analyze data on millions of patients is coming under intense scrutiny from lawmakers, privacy advocates and regulators.
Experts who spoke to The Hill agreed that the Google-Ascension partnership does not violate HIPAA, the 1996 rule that regulates health data privacy.
“There are many areas in which the HIPAA privacy rules give the covered entities wide leeway to use information,” Mark Rothstein, a public health law scholar at the University of Louisville, said.
Google’s cloud services could be interpreted as “quality improvement,” one of HIPAA’s permitted uses for business associates, he explained.
“Within the letter of the law it appears to be meeting all of HIPAA requirements,” said Margaret Riley, a law professor at the University of Virginia who focuses on health law.
Where Congress comes in: Sens. Amy KlobucharAmy Jean KlobucharGoogle sparks new privacy fears over health care data Krystal Ball credits Gabbard’s upswing in 2020 race to ‘feckless’ Democratic establishment Outsider candidates outpoll insider candidates MORE (D-Minn.) and Lisa MurkowskiLisa Ann MurkowskiGoogle sparks new privacy fears over health care data This week: House kicks off public phase of impeachment inquiry GOP senators plan to tune out impeachment week MORE (R-Alaska) in June introduced the Protecting Personal Health Data Act, which gives consumers more control over their health data.
“This collaboration isn’t the only one that raises serious privacy concerns,” Klobuchar, who is running for president, told The Hill in a statement about Google’s work. She also cited concerns with technology like smartwatches and home DNA kits that also collect personal data.
The House is also considering new health data policy rules, and a House Energy and Commerce Committee spokesperson said that “meaningful protections and consumer control for health data not covered by HIPAA” will be included in upcoming comprehensive privacy legislation.
Read more here.
IN THE SPIRIT OF HONESTY: Facebook on Wednesday announced it has pulled down millions of posts over the past three months for violating its policies against hate speech and child exploitation, marking an increase in the number of posts it took action against amid heightened scrutiny of how the company polices its enormous social networks.
Facebook’s latest transparency report, which was released on Wednesday, explains in more granular detail than ever before which posts the company is removing from its main social network as well as its popular image-sharing platform Instagram.
According to the report, between July and September, Facebook took action against 11.6 million posts, images or videos for depicting child sexual exploitation, 7 million for promoting hate speech, 3.2 million for bullying or harassment violations and 5.2 million for sharing terrorist propaganda. Facebook has more than 2.4 billion users.
On Instagram during that time period, the company took action against 754,000 posts depicting child exploitation and 133,000 posts for violating its policies against terrorist content. Facebook’s transparency report did not detail the number of posts removed from Instagram for violating its policies against hate speech or harassment. Instagram has approximately 1 billion users.
On a press call, Facebook CEO Mark ZuckerbergMark Elliot ZuckerbergThere are poor ideas, bad ones and Facebook’s Libra Facebook announces new payment service Computer software pioneer John McAfee rips Facebook’s Libra project MORE implicitly hit rivals including Twitter and Google’s YouTube, which do not offer transparency reports with the same level of detail.
“Some folks look at the numbers that we’re putting out … and come to the conclusion that because we’re reporting big numbers, that must mean so much more harmful content is happening on our services than others,” Zuckerberg said. “I don’t think that’s what this says at all.”
He added that he believes the enormous numbers reported show Facebook is “working harder” than other companies to identify, take down and offer details on such content decisions.
Read more on the report here.
A+ FOR DISNEY+: Disney’s new streaming service garnered more than 10 million sign-ups on its first day, despite some technical glitches slightly derailing its launch.
The Associated Press on Wednesday reported Disney Plus nabbed the subscribers to its service as viewers flocked to the platform offering a catalog of Marvel and Star Wars movies, along with all the Disney classics.
The service costs $7 a month or $70 a year after a free 7-day trial. Disney did not disclose where the subscriptions came from or if they were free or paid monthly or yearly.
The AP noted some analysts initially believed it would take Disney up to a year to accumulate 10 million subscribers.
Read more here.
CHINA BEING SKETCHY: An influential U.S. manufacturing group was breached by suspected Chinese hackers over the summer amid trade negotiations between the U.S. and China, according to a Reuters report.
Two sources told the news agency that a cybersecurity firm determined that the attack on the National Association of Manufacturers (NAM) was initiated in China.
The determination was made by identifying hacking tools and methods that have previously been affiliated with Chinese groups, Reuters reported.
It was not clear what data was taken.
NAM spokeswoman Erin Streeter told Reuters that because of the group’s prominence, “we know we are a target for cyberattacks. We identified suspicious activity relating to certain company systems and investigated the matter.”
Read more here.
SHAKE IT UP/OFF: Microsoft shook up the debate over privacy rules with its announcement that the company will follow the principles of California’s tough online privacy law across the U.S.
The tech giant received accolades from privacy advocates and some Democratic lawmakers over its decision on Monday to meet California’s standards in every U.S. state. But Microsoft’s decision could serve as a wake-up call on Capitol Hill, where bipartisan efforts to draw up federal privacy legislation have blown past a slew of deadlines.
Other tech companies will almost certainly follow Microsoft’s lead, fixing California’s law as the de facto U.S. standard without congressional input, industry watchers said.
“When one of the biggest tech companies in America voluntarily adopts California’s standard, it’s very likely to become America’s standard,” Jamie Court, the president of California-based Consumer Watchdog, told The Hill.
Key Democrats in the Senate lauded Microsoft’s decision but said it underlined the need for federally mandated safeguards around what user information companies can collect and what they’re required to share with users about that data.
“I’m glad to see that there are companies like Microsoft and Apple that continue to take privacy issues very seriously,” Sen. Mark WarnerMark Robert WarnerMicrosoft embraces California law, shaking up privacy debate Google sparks new privacy fears over health care data GOP senators warn against Trump firing intelligence community official MORE (Va.), the top Democrat on the Senate Intelligence Committee, said in a statement to The Hill.
“However, the fact that companies are voluntarily adopting their own standards because of Congress’ lack of action underscores the need for regulators and Congress to get serious about guardrails at the federal level to protect user data and privacy,” he said. “The status quo isn’t working for consumers.”
Read more on Microsoft’s decision here.
PRESSURE OVER FITBIT: Rep. David CicillineDavid Nicola CicillineHillicon Valley: California AG reveals Facebook investigation | McConnell criticizes Twitter’s political ad ban | Lawmakers raise concerns over Google takeover of Fitbit | Dem pushes FCC to secure 5G networks Critics fear Google’s power in Fitbit deal Google to acquire Fitbit for .1 billion MORE (D-R.I.), chairman of the House Judiciary Committee’s panel on antitrust, on Wednesday pressed top officials at the Justice Department and Federal Trade Commission over Google’s proposed acquisition of fitness tracking company Fitbit.
“Google’s proposed acquisition of Fitbit would threaten to give it yet another way to surveil users and entrench its monopoly power online,” the Rhode Island lawmaker said during a subcommittee hearing on antitrust in digital markets.
“Do you think we need to consider a merger moratorium for dominant platforms during the course of these ongoing investigations?”
Makan Delrahim, the head of the DOJ’s Antitrust Division, responded that “there’s a lot that can be done short of a merger moratorium.”
“By doing that we might risk actually harming consumers because there could be mergers and transactions that could be pro-competitive,” he added.
Read more about the hearing here.
A LIGHTER CLICK: PR nightmare
AN OP-ED TO CHEW ON: ‘Ok, boomer’ is much more than a meme
NOTABLE LINKS FROM AROUND THE WEB:
Soldiers with top-secret clearances say they were forced to use an app that could endanger them (The Washington Post)
Facebook says government demands for user data are at a record high (TechCrunch)
Before Mark Zuckerberg tried to kill TikTok, he wanted to own it (Buzzfeed News)
YouTube’s new kids’ content system has creators scrambling (The Verge)