Google’s “Project Nightingale” is a Nightmare for Privacy Advocates

I put in a great deal of effort to keep my life and the lives of my family members private. We don’t have an Alexa or a Google Home in our house, we limit our Facebook and Instagram use and most recently at the doctor’s office we declined to have our medical records shared with the State – even though they claimed it was for emergency purposes only. I make these decisions to keep my family safe and I trust that the providers that I do choose to use feel the same way.

My fears have always been about some rouge actor “hacking” into the system and gaining access to our personal information, including my family’s medical records, through the back door. Should it come as a surprise that a company like Google is coming through the front door to access the medical records of millions of patients unbeknownst to them? No, not really. After all, that is the Google way.

The program dubbed “Project Nightingale” was first reported by The Wall Street Journal which revealed a partnership between Google and one of the nation’s largest healthcare providers in the U.S. – Ascension. The problem? The patients had no idea.

In typical Google fashion the company used a “loophole” in the law that “allows” Ascension to share the data with Google so long as it’s used to “help the covered entity carry out its health care functions.” But the information collected is downright alarming:

The data involved in the initiative encompasses lab results, doctor diagnoses and hospitalization records, among other categories, and amounts to a complete health history, including patient names and dates of birth.

Neither patients nor doctors have been notified. At least 150 Google employees already have access to much of the data on tens of millions of patients, according to a person familiar with the matter and the documents.

As we have seen time and time again with Big Tech companies – just because something is “permissible” under the eyes of the law it doesn’t mean that it should be happening. Everyone from you and me to our leaders in Congress should be outraged that Google of all companies has a hand in such personal matters – especially when they are not disclosing this “arrangement” with patients.

Google already tracks your shopping and spending habits, they are purchasing Fitbit so they can track our biometric data, and now they are being given direct access to millions of Americans most sensitive health information. The outsized power and rapid growth and expansion of Google is  concerning and needs to be addressed.

What is Google’s plan? Why do they want this information? It seems like the possibilities are endless:

Stacey Torvino, a bioethics expert and law professor at the University of Nevada, says that some privacy concerns around large tech companies handling medical records stem from the vast amount of other data that they store about people, including search and location history. Even if patient records were de-identified as outlined by the Health Insurance Portability and Accountability Act, HIPAA, the likes of Google and Facebook are uniquely capable of using other mined data to determine who a patient is.

We need to begin to re-evaluate our relationship with Big Tech and its role in our society. We must begin to ask ourselves do we feel safe with Google in our lives? I for one, do not.