Google’s DeepMind Faces Legal Action Over Data Misuse

Uploaded on 2021-10-12 in TECHNOLOGY-Key Areas-Artificial Intelligence, FREE TO VIEW, BUSINESS-Services-Law

Google's parent company and its AI business DeepMind are facing legal action for the way in which they obtained and processed over a million patient health records without consent in the UK. A legal case has been launched on behalf of more than a million people whose confidential medical records were obtained by Google.

DeepMind, a London artificial intelligence lab that was acquired by Google in 2014 and in 2015, Google's AI firm DeepMind was given the personal records of 1.6 million patients at the Royal Free London NHS Foundation Trust.

The current legal case is being led by law firm Mishcon de Reya and the lead plaintiff  Andrew Prismall said he had been "greatly concerned" about how his data had been used. Mishcon de Reya said it was launched to address public concerns about the use of private health data by tech firms. In a recent press release, Mishcon de Reya described the lawsuit as an “important step in seeking to address the very real public concerns about large-scale access to, and use of, private health data by technology companies... It also raises issues regarding the precise status and responsibility of such technology companies in the data protection context, both in this specific case, and potentially more generally,” the firm said.

When it became public that vast amounts of data had been tapped into by DeepMind, there was outrage, although the firm insisted that the patient records were being used to help create a life-saving app.

The Streams app was an alert, diagnosis and detection system that could spot when patients were at risk of developing acute kidney injury. It is in the process of being decommissioned, following DeepMind being incorporated into Google Health. There were several inquiries into the legality of the data use, and in 2017 the Information Commissioner's Office said that the hospital had not done enough to protect the privacy of patients when it shared data with Google.

In a statement in response to that ruling, DeepMind apologised and said that it had concentrated on building tools for clinicians, rather than thinking about how the project should have been shaped by the needs of patients.

Mishcon de Reya partner Ben Lasserson said: "This important claim should help to answer fundamental questions about the handling of sensitive personal data and special category data... It comes at a time of heightened public interest and understandable concern over who has access to people's personal data and medical records and how this access is managed."

There have been a number of class action suits launched in the UK, in which one plaintiff represents millions and these cases are known as opt-out representative actions because they include everyone that the case applies to, unless they specifically request not to be part of it.

In another group action a group calling itself  “Google You Owe Us” has been launched on behalf of four million iPhone users, alleging they were illegally tracked by Google.

New Scientist:      Decision Marketing:    CNBC:       BBC:      Techcrunch:      Business Insider:  

You Might Also Read:

Coronavirus Tracing Apps Conflict With Privacy:

« Don't Click On Pop-Ups
How To Use Transit Gateways To Monitor Traffic »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Securosis

Securosis

Securosis is an information security research and advisory firm dedicated to improving the practice of information security.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Corero Network Security

Corero Network Security

Corero Network Security is dedicated to improving the security of the Internet through the deployment of its innovative DDoS & Network Security Solutions.

Ambersail

Ambersail

Ambersail provide Penetration Testing and Cyber Security Compliance services.

Norton

Norton

NortonLifeLock is dedicated to helping secure the devices, identities, online privacy, and home and family needs of approximately 50 million consumers.

Wallarm

Wallarm

Wallarm is the only unified, best-in-class API Security and WAAP (Web App and API Protection) platform to protect your entire API and web application portfolio.

Rublon

Rublon

Rublon protects endpoints, networks and applications by providing trusted access via two-factor authentication (2FA).

Innovasec

Innovasec

Innovasec provide information security consulting and training services.

Level39 (L39)

Level39 (L39)

Level39 is the world's most connected tech community, with over 200 tech startups and scaleups based onsite.

oneclick

oneclick

oneclick is a central access and distribution platform in the cloud, enabling the management of the entire technology stack for application provisioning.

AdaCore

AdaCore

AdaCore is focused on helping developers build safe, secure and reliable software.

Axiado

Axiado

Axiado Corporation is a security processor company redefining hardware root of trust with hardware-based security technologies, including per-system AI.

Raxis

Raxis

Raxis is a cybersecurity company that hacks into computer networks and physical structures to perform penetration tests, assessing corporate vulnerability to real-world threats.

Raman Power Technologies

Raman Power Technologies

Raman Power Technologies focus on bringing value and solving business challenges through the delivery of modern IT services and solutions including cybersecurity.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.