> Sure, some questioned the purity of Tapio’s motives; Kristian Wahlbeck, director of development at Finland’s oldest mental health nonprofit, says he was “a bit frowned-upon” and “perceived as too business-minded.” And yes, there were occasional stories about Vastaamo doing shady-seeming things, such as using Google ads to try to poach prospective patients from a university clinic, as the newspaper Iltalehti reported. But people kept signing up.
> But the slick exterior concealed deep vulnerabilities. Mikael Koivukangas, head of R&D at a Finnish medtech firm called Onesys Medical, points out that Vastaamo’s system violated one of the “first principles of cybersecurity”: It didn’t anonymize the records. It didn’t even encrypt them. The only thing protecting patients’ confessions and confidences were a couple of firewalls and a server login screen. Anyone with experience in the field, Koivukangas says, could’ve helped Vastaamo design a safer system.
IMO leaking health records should be fined life-long. Like when you caused an accident where someone lost 50% of their sight those people responsible for the leak (including bad security practise) should pay monthly till the end of the victims life.
Certain leaks cannot be undone and can continue to have consequences for the victims.
Storage continues to get cheaper, devices smaller and faster - more capable of facial recognition.
Already, if a person has the motivation and tech aptitude, they can torrent or buy TBs of private records, and cobble together a script to identify passers-by and display a report of their leaked, private details.
We are speeding toward a gargantuan privacy train-wreck.
By design, this free chat bot is probably about as good as Eliza (maybe a little better), can help an individual think through issues, and you can talk to it on an offline PC. Nothing is stored, so there is nothing to hack: https://locserendipity.com/Therapy.html
Unfortunately, that almost certainly is not how it will work.
If everyone's dirt is public, indeed that may lessen the stigma of common mistakes: an embarrassing slip of the tongue, tripping over one's shoe laces, etc.
But different people have very different liabilities. Alice's 2009 misdiagnosis of AIDS does not cancel out Bob's 2015 false accusation of murder. Alice will still have trouble on dating apps (because strangers suspect she has AIDS). Bob will still have trouble finding employment (because strangers suspect he is a killer).
The closest to 'no one actually being dirty' it could be is if we just stop caring when tech unfairly destroys a person's life.
james-redwood|3 years ago
> But the slick exterior concealed deep vulnerabilities. Mikael Koivukangas, head of R&D at a Finnish medtech firm called Onesys Medical, points out that Vastaamo’s system violated one of the “first principles of cybersecurity”: It didn’t anonymize the records. It didn’t even encrypt them. The only thing protecting patients’ confessions and confidences were a couple of firewalls and a server login screen. Anyone with experience in the field, Koivukangas says, could’ve helped Vastaamo design a safer system.
Disappointing, but I'm not surprised.
atoav|3 years ago
Certain leaks cannot be undone and can continue to have consequences for the victims.
thomassmith65|3 years ago
Meanwhile, we're less than a decade away from AR glasses being commonplace (https://news.ycombinator.com/item?id=32405565)
Storage continues to get cheaper, devices smaller and faster - more capable of facial recognition.
Already, if a person has the motivation and tech aptitude, they can torrent or buy TBs of private records, and cobble together a script to identify passers-by and display a report of their leaked, private details.
We are speeding toward a gargantuan privacy train-wreck.
westcort|3 years ago
Rogerian version: https://locserendipity.com/Rogerian.html
Scoundreller|3 years ago
https://en.m.wikipedia.org/wiki/Dr._Sbaitso
contingencies|3 years ago
Ken_At_EM|3 years ago
thomassmith65|3 years ago
If everyone's dirt is public, indeed that may lessen the stigma of common mistakes: an embarrassing slip of the tongue, tripping over one's shoe laces, etc.
But different people have very different liabilities. Alice's 2009 misdiagnosis of AIDS does not cancel out Bob's 2015 false accusation of murder. Alice will still have trouble on dating apps (because strangers suspect she has AIDS). Bob will still have trouble finding employment (because strangers suspect he is a killer).
The closest to 'no one actually being dirty' it could be is if we just stop caring when tech unfairly destroys a person's life.