Monday, 18 August 2014

There's something deeply personal about my numbers

Have you ever been testing your bgs and someone has asked "What's your number?", maybe they have even tried to peer over and look at the meter reading to see the number for themselves?
I know they are asking for all the right reasons - they care about my health and well being.
They've taken an interest in my condition and want to be supportive ...yet, it can sometimes feel deeply intrusive.

I go to cover up the meter with my hand so I can see the number first. I want to be the one that knows (and be comfortable in sharing) that number with someone else. After I've seen the number I might reply with the exact number; I might even show the number displayed on my meter (if it's really good); give an "about" number if it's kind of "ok"; or declare "it's rubbish" if, well, it's rubbish - that usually garners a response to tease the exact number out of me - making me feel more uncomfortable in the process.

You can tell me there is no such thing as a good or bad number (and that's true!) but, the reality of the situation is, I can't help judging my performance on every bg reading.

Maybe it's me? Maybe I'm too self-critical? Maybe it's because I feel others will judge me on my numbers? It's a complex feeling, but mostly I think it's about being in control. My numbers, my responsibility, my business.

When I go to clinic they download the readings from my meter and the consultant looks over them with me. I can find it to be the most stressful part of the consultation. They focus on all the high and low readings, trying to find out what's going on as I frantically flick through my notebook to provide excuses, justifications... explanations. They rarely acknowledge my "in target" readings and why would they? They don't need to focus on those number, they're ok.

They ask about the highs and lows because that's where they can add most value. They're looking to help improve my self-management and give me the tools and knowledge I need to do that. Yet (as you can see from my language) it can sometimes feel like an assessment I'm failing in, with little recognition given for the hard work I put in day and night to get and maintain control. Most people don't go to work to do a bad job and so it is with diabetes management, yet sometimes it would be nice to be have a little bit recognition for the good work done - it would be a powerful motivator.

A page from my notebook


My notebooks record everything I've eaten each day since receiving my type 1 diagnosis, every blood test, every meal and carbohydrate count, every insulin dose, everything unusual I did on a particular day that could justify an unusual reading, every thought process. It is deeply personal to me. I have even created my own shorthand, my own code, to explain certain actions and activities I do. It is my most personal of diaries and yet those around me can thoughtlessly treat it like an open book:

"Let's see what your numbers have been like today" as they reach out to take the latest notebook from the "bag of life" I carry around with me.

Don't get me wrong, I can and do share this information at times - but I'm the one in control of sharing that data. People get to see it when I'm comfortable with sharing it.

People are usually surprised when they see I record all my data in paper format. They are confused about why I don't use a mobile phone application to store all the information, after all I'm a technology geek and the apps are "free". I usually joke that pen and paper doesn't require a battery to operate, but the real reason is much deeper than that. Let me explain...

At diagnosis I immediately looked for diabetes applications for my mobile. I found a huge collection of diabetes apps: most of them were absolute rubbish (either making it difficult and time consuming to enter data or impossible to extract or edit the data once entered, some clearly had absolutely no input from people with diabetes and completely missed the basic requirements someone with diabetes would need); a few showed promise with interesting ways to speed up data entry and some I ended up using for quite some time. I never found an app that was perfect for me and eventually I even got involved in helping a company create a diabetes app which helped to give me insight to the development process and some of the business models used when creating applications.

Many applications now like to store your data in "the cloud" and this can bring great benefits to those using these types applications as you can enter and view your data on a number of different devices. With the data held centrally it is available anywhere and everywhere and usually means you can share your data with other people (should you wish) more easily too.
It also allows the company providing the "free" application with more ways to make money. This isn't necessarily a bad thing. The cost of developing an application, marketing it, providing servers in the cloud to store and process your data etc all adds up and they need to find ways to recoup those costs (both development and ongoing storage and processing) as well as a profit. Until recently most applications relied on either in-application advertising; asking you to sign up with an email address to gain access to further features; or getting you to pay for additional features. In all these scenarios the amount of personal information given in exchange for using the application was minimal and there was a choice of what information you provided, but times change and now things are different.

Many of these "free" applications hold a lot more information about you, they know your name, your email address, your age, weight, what insulins you use, your account may even be linked to a facebook or twitter account profile providing even more demographic profiling and with every entry you make they build up a profile:

What are you eating/drinking? How many carbs? How much insulin did you take? What was your bg reading? What was your location? (Yes many apps now use the GPS information from your phone to locate where the entry is made), some even ask you to take photographs of the food you are eating etc.

This is all valuable information and can be sold on to other companies with an interest in it.
They can gain commission by identifying appropriate people to sign up to clinical studies & trials, create more targeted advertising etc. From the GPS information they know where you live, where you work, what restaurants you prefer. From the images supplied they know what food you like, what your favourite food brands are - a marketers dream!

Apple aren't getting into the health market just because it is a good thing to do for people, they are doing it because the market is worth millions. When they recently announced their intention to move into the health tracking market one of the example applications shown was a blood glucose monitoring app. Embarrassingly for them they got the unit of measurement wrong (which is an issue I might come back to in another blog).

Google also sees the value of being a player in this market and have partnered up with a pharmaceutical firm to create the Google contact lens that monitors bgs and well as providing a platform for health apps similar to Apple. Google is in the business of advertising, the health market is just another opportunity for them to sell health data and market health products.

So our data is valuable.

When you start looking deeper into companies polices you start to see that many seem to make great efforts to hide the fact that they are planning to use and sell your data and I wonder why. After all Google makes no secret of the fact they use programs to read your emails to create more targeted advertisements - you have a choice: use the "free" Gmail service and accept this advertising process or use another mail service. The key here is that Google tells you explicitly what you are signing up for. It's the same with Facebook (although they have and continue to have "run ins" with privacy rights groups) options are provided to allow you to opt out of certain advertising and data selling processes.

I've talked about care.data in the past - I'm not a fan of it in it's current form and have opt-ed out until I see sensible safeguards in place. It got in to a lot of problems because of a lack of clarity on how data would be used and who could see it. Ben Goldacre has written many articles on this issue. Checks and balances need to be in place to protect peoples privacy and rights. Sensibly the care.data programme has been delayed to try and fix some of these fundamental issues. If the resulting changes are acceptable to me I will opt back in.

So why do diabetes applications (and other mobile health apps for that matter) make it difficult to know how, why and what your personal data is going to be used for? Are they worried we might not use their applications if we knew how widely they want to trade our data?

Let's take a look at some examples: Dario and DiabetesPA. I could have picked any diabetes mobile app company, they are in no way special when it comes to how they treat your data other than they do provide some form of privacy statement - many don't!

Dario

Dario (or LabStyle Innovations Corp.) is a company traded on the OTC QBunderstock exchange (OTCQ:BDRIO) with a market capitalisation of around $4.4million. On their investor website they have an investors presentation which on page 20 or 26 explains how they plan to monetise their offering.

Dario sees several potential revenue streams

The third being data monetisation through clinical studies, trial recruitment and partnerships.

Now, pop over to the Dario website (and/or download the application to your phone) and try and find out, as a user of the application, what you are signing up to.

Not so easy? Well their privacy policy can be found here (right at the bottom of the web page) and section 5 covers the main point "We may disclose your Personal Information..." and section 2.3 of the terms of use (within the app) states: "You understand and agree that the personal data you enter into your account may be used by us or by any third party for research, development, commercialization and/or academic purposes..."

Interestingly you can email Dario to opt-out of emails being sent to you, but there is no option to opt out of your data being used for commercialisation.

Obviously everyone reads the privacy policies and terms of use in great detail before signing up to use an app, right?

What's "great" about these privacy policies is that they can change them whenever they want, to suit their purposes, without the need to tell you... Section 9:

"This Privacy Policy is subject to revisions from time to time, upon our sole discretion and without prior notice. [...] All such changes will apply to previously collected information. Therefore, please make sure you read this Privacy Policy regularly."

How many people using the application will repeatedly go back and check if any policy changes have been implemented?

DiabetesPA

DiabetesPA is a mobile phone application created by Diabetes Digital Media Limited, the people behind the website diabetes.co.uk. Initially the website didn't provide any privacy statement (the link went nowhere). After pointing this out they fixed the link and after reading it I tweeted them some questions. They got in touch with me by email to ask for more details about my questions and I responded to their email on the 29th June 2014 with the following text:
Thank you for the email.

My main concerns are around the terms used in the privacy statement. They seem to be very loose and open to interpretation which I feel at times seem contradictory.

For example, Section 5 makes it very clear that information captured via the app will only be viewed by your "medical team" and not passed on to anyone else except for complying with the law/regulators and when people choose to take part in a clinical trial:

You should be aware that information captured via our App may be viewed by our medical team. None of this information will be passed to any other person except for:

   + disclosure for the prevention of crime;
   + in accordance with the law;
   + compliance with the direction of any regulatory or governing bodies;
   + for the purposes of preventing injury or harm to you as the data subject; or
   + when registering to take part in clinical trials, to the responsible clinical research organisation(s).

However, Section 6.2, 7.1 and 7.2 suggest otherwise:

In 6.2 it is not clear what data will be used, but clearly in the case of your company it would be more than the medical team using it. If third parties are using the data is that not against section 5?

6.2. We may also use your data, or permit selected third parties to use your data, to provide you with information about goods and services which may be of interest to you and we or they may contact you about these by post, email or telephone. If you are an existing customer, we will contact you by post or email with information about goods and services which may be of interest to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by post or email, only if you have consented to this.

Again there is no clarity in section 7.1 as to what information is being disclosed, but the entities listed are not the your companies medical team.

7.1. We may disclose your information to:

   + advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;
   + analytics and search engine providers that assist us in the improvement and optimisation of our Website;
   + pharmaceutical research organisations.
   + Please note, we do not disclose information about identifiable individuals to such third parties, but we may provide them with aggregate information about our users.

...and in section 7.2 (and I appreciate this is a boiler plate statement) it does suggest that information could be shared with others outside of the medical team.

7.2. We may disclose your personal information to third parties:

   + in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;

There is also no clarity as to the reasons the medical team may be required to look at data.

I appreciate that the data input via the app has value and I don't have a problem with you mining this information and even selling the information on to third parties such as pharma companies BUT I want to understand what I am agreeing to in order to use a "free" app.

I also have some concerns over the possibility of data being taken outside of the EEA, something your ICO registrations says isn't the case.

4.1.    The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.

ICO registration:

Transfers

It may sometimes be necessary to transfer personal information overseas. When this is needed information is only shared within the European Economic Area (EEA). Any transfers made will be in full compliance with all aspects of the data protection act.

Again I suspect this is a boilerplate statement yet on Twitter the suggestion was that taking the data outside of the EEA was a theoretical possibility and it would be easier to change the ICO entry than the privacy statement - something I find very hard to believe given you can change the privacy statement without going to a 3rd party.

I hope that gives an idea of the concerns I have.

After several chasers I finally received a response on the 12th August saying they would upload changes to their policy that very day. They said they'd make some amendments to the privacy statement and in particular add some additional words to section 5 (changes shown in bold here):
You should be aware that medical information captured via our App may be viewed by our medical team in order to provide you with the MyLifeStyle services. None of this information will be passed to any other person except for:

• disclosure for the prevention of crime;
• in accordance with the law;
• compliance with the direction of any regulatory or governing bodies;
• for the purposes of preventing injury or harm to you as the data subject; or
• when registering to take part in clinical trials, to the responsible clinical research organisation(s). ; or
• otherwise in accordance with this Privacy Policy.

As of today (18th August 2014) those changes haven't been implemented.

You can read the full privacy statement on their website: DiabetesPA (Diabetes Digital Media Limited / www.diabetespa.com) privacy statement

The change would (if added) at least make it more explicit as to what happens to your data but ideally I would like to see more. I shared my thoughts with the DiabetesPA team specifically explaining how I'd like references to data use to be split into three different categories:

I guess for me data broadly falls into three categories:

1. Usage data - IP, browser, URLs etc (data described in Section 2 of your privacy policy)
2. Personal data - name, address, email, facebook, twitter, phone etc
3. Sensitive data - bg results, insulin requirements, mood etc

I believe a gold standard policy would identify which type of data is being disclosed to whom.

ie. In Section 7.1 I suspect the first two bullet points relate to "Usage data" in the definition above, but the third one relating to Phara companies would be "Sensitive data" that has been anonymised and aggregated for reporting purposes.

Although they agreed that people would start to think about their data more and more they clearly aren't going to implement a clear and transparent policy unless users stop using the app and make them aware that reason is due to a lack of clarity on their data usage.

In Summary


So, if I'm not happy with the people around me (that have a true interest in my health and well being) riffling through my notebooks, why would I not only let a company do this for themselves but also allow them sell all my notebook entries to others?

...and now you know the real reason why I use pen and paper to record information and not a mobile phone application. Until companies have true transparency around how they use my data and provide opt-outs (or ideally opt-ins) to it's use I'm going to keep my diary under my control.

It all comes down to who really owns the data. My advice is if the application is "free" you shouldn't assume the data you input is yours until you have proof otherwise. If it is a paid-for application, sadly it seems (in the vast majority of case) the same is true!

If you aren't sure what a particular company policy is, ask them. If it's not clear, ask them to clarify (in writing) and, if you don't like the responses you get use a different application with an acceptable policy or like me, use pen & paper to control how and when the data is used for yourself.

Additional Reading