James Flint

Tag: Health

  • What’s the matter with WhatsApp?

    Broken-Whatsapp.png

    Given that I run a messaging platform,  Hospify, specifically designed to offer people a data-compliant alternative to tools like WhatsApp, Messenger and Telegram when chatting in a health care context, it’s no surprise that I’m often asked: “What’s the matter with WhatsApp?”

    So here it is: my cut-out-n-keep guide to the subject, in eight easy lessons.

    1. Where it’s at

    Under the EU’s  General Data Protection Regulation, which got enacted in UK law back in May (just in case you’ve had your head under a rock all year), personally identifiable data held about other people by you as a user of a technology platform should be stored, physically, somewhere in Europe. Meaning that the servers have to be in Europe and only in Europe, not spread all round the planet, like WhatsApp’s are.

    Why does this matter in health care? Because users of a health care messaging platform are likely to include doctors and nurses, and doctors and nurses tend to talk about patients. As soon as you mention a patient by name in a text message and add any details about their condition, then you’re holding personally identifiable data about them — and data of the most personal kind.

    If you worked in insurance or marketing, you’d have to ask (and get a record of) the patient’s permission before you could send or store that information on the internet. But  thankfully GDPR contains an exemption for those who work in health and care: they are allowed to communicate and store details about patients without asking express permission, as long as they’re doing it in the course of delivering their care.

    To take advantage of this exemption, though, UK & EU-based health care professionals need to use a communications system that handles data in a way that is otherwise compliant with both GDPR and the information governance rules of their health care employer. WhatsApp is compliant with neither, purely on the basis of the geographical location of its servers.

    2. Hand it over

    The second problem is to do with accessing the information once it exists. WhatsApp messages are encrypted both in transit as they ping around the internet and at rest on WhatsApp’s servers, where they’re stored. But storing them like this creates big problems. If you’re a doctor and you’ve chatted with another doctor about one of your patients — to get some advice or a second opinion about their condition, for example — then you don’t own that data. Your employer, i.e. the hospital or surgery where you work, owns it instead, even if it’s on your phone. Your employer is therefore ultimately responsible for it, and — by law — has to be able to hand it over to the patient if the patient asks for it, which patients can do by issuing a fairly straightforward subject data access request.

    As we’ve seen from cases like the  2017 Westminster knife attack, when WhatsApp refused to hand over the content of the attacker’s messages to the Home Office on the grounds that even it couldn’t de-encrypt them, getting access to WhatsApp messages is tricky. This creates a paradox. In the case of the patient, the law says that the hospital has to hand them over. But if they’re on WhatsApp it cannot hand them over, because without de-encrypting them it can’t work out which ones they are. So because a doctor talked about a patient on WhatsApp, and that patient issued a subject data access request, the hospital is now in data breach twice over: because the messages are being stored on a server outside of Europe (most likely at a WhatsApp server farm on the Eastern seaboard of the US), and because it cannot de-encrypt the messages and hand them over.

    3. Snap happy

    Another issue one is photos. Have you ever received a picture on WhatsApp? Have a look in your phone’s main photo gallery. The picture will most likely appear there, as well as in WhatsApp itself. This is because nearly everyone’s devices automatically backup such pictures to cloud services that are likely to be geographically-located outside of Europe, and often shared with other members of your family. Even if you switch this feature off, gaffs by Apple and others can mean it gets switched back on without your knowledge.

    4. Notify me

    Another inadvertent source of data breach is the home screen notification. You can switch notifications off for WhatsApp, but almost no one does — you want to know when you’ve got a new message, after all. The trouble is that the notification contains a snippet of that message, available for anyone within viewing distance of your phone to see. This potentially exposes sensitive patient data to prying eyes, breaks most employers’ “clean screen” policies, and is therefore another reason that WhatsApp doesn’t pass muster when it comes to health care information governance.

    5. UnPINned access

    It’s also not possible to set a separate PIN code or fingerprint lock on the WhatsApp app itself, which therefore relies solely on your phone’s security lock to keep intruders out. If your phone is stolen or you leave it on the train and you’ve left it unlocked for any reason — increasingly likely now that lots of phones offer to keep themselves unlocked for convenience when they’re connected to wireless devices like keyboards or headphones — then there’s nothing to stop someone getting access to your entire message history.

    6. Conspiracy theories

    Then there’s the question of what WhatsApp is really doing with your data. Earlier this year Google  struck a deal  with WhatsApp (which itself is owned by  Facebook) to allow WhatsApp users to back up all their chats and photos to their Google Drive accounts without impinging the 15GB free storage limit set on those accounts.

    Now, this seems quite an odd thing for Google to agree to, given that Google and Facebook are major league competitors for online advertising spend. Would Google do such a deal out of the goodness of its heart? Call me paranoid, but I don’t believe it would. Presumably it’s getting some kind of value out of storing all that content which, despite being encrypted, would still be rich with all kinds of associated metadata that the search giant could use to improve its profile and advertising of — yes, dear reader — you.

    7. Secure doesn’t mean secure

    All of which bring us to the thorny issue of security. People think that WhatsApp is really secure because all its messages are encrypted. But it turns out that it’s not that secure at all. A bunch of white-hat hackers called  Check Point Research  recently found that WhatsApp’s QR-code feature, which allows a user to route his or her account via a laptop or desktop computer for ease of access, contains a vulnerability that allows an attacker to intercept group messages, change the identify of the sender, alter the text of replies to the group, and send private messages that go public to a group when responded to — all of which open the app to abuse and compromise privacy.

    8. WhatsApp is changing

    Finally, did I mention that WhatsApp is now owned by Facebook? Back in June WhatsApp’s original founders Jan Koum and Brian Acton  resigned from the board of the company  in protest at Facebook’s plans to introduce marketing and advertising into their chat app — which they’d faithfully promised from the service’s inception would never be allowed. (They were serious, too — their resignations cost them around $1.5bn in forfeited share options; a hefty price to pay for sticking to your principles). What does this mean? It means that Facebook’s coming after the data you expose through WhatsApp in order to allow businesses to target you. And if the data you’re exposing is information about someone else’s health, then that’s a major problem.

    To conclude…

    Don’t get me wrong. WhatsApp is a great tool that delivers 65 billion messages a day to its 1.5bn users around the world with incredible efficiency. I use it to keep in touch with family and friends, and you probably use it too. But that utility does not make it appropriate for communicating in situations where one user has a legal and social responsibility to safeguard another user’s privacy, and that’s the case in health care.

    Which is exactly why we built  Hospify  — a chat app with the utility of WhatsApp but without the vulnerabilities outlined above, that health care professionals and patients can use without worrying that they are inadvertently going to fall foul of the increasingly stringent data protection laws now in place in the UK and EU.

    If you work in health care check it out — the basic service is free because there’s a premium version that people pay for, not because we sell your data!

  • Move Slow and Fix Things

    Hospify — the compliant chat and data company I founded with two surgeons four years ago, in anticipation of the current storm over widespread data abuse

    Hospify — the compliant chat and data company I founded with two surgeons four years ago, in anticipation of the current storm over widespread data abuse

    I’ve been meaning to blog about my role as CEO of  Hospify for a while now, and the events of the last week or two have convinced me that now’s the time to do it. The exposé of the data abuse conducted by Cambridge Analytica, and its impact on the business models underpinning Facebook in particular but also Google, YouTube and many other digital businesses have underlined the reasons that we founded company in the first place.

    I’m often asked what a journalist is doing running a health chat company, and the Cambridge Analytica story allows me to answer that question very neatly. Besides being a writer, I’d always had a strong interest in technology and like many proto-geeks of my generation did a lot of coding as a teenager thanks to the advent of home computers like the ZX81 and BBC Micro.

    I got my first career break — an editorial position on Wired UK back in the mid-nineties — by combining these two interests, and although my career has ranged fairly widely since, these two things have always remained close to the heart of everything I’ve done.

    After Wired I worked at the BBC for a period, building an early social network based around a TV drama. When that project was killed by the September 11th attacks (long story) I migrated to the Telegraph, where I looked after, by turns, online digital development, online video, and the Telegraph Weekly World Edition newspaper — for which I also built a social network, this time for British Expats.

    My proudest moment at the Telegraph Weekly was producing this: a front page that The Atlantic and The Huffington Post deemed “the greatest newspaper front page ever”

    My proudest moment at the Telegraph Weekly was producing this: a front page that The Atlantic and The Huffington Post deemed “the greatest newspaper front page ever”

    My career has, therefore, always been about both content and its expression, “expression” at this particular period in history meaning the internet, the web, social media, and — latterly — mobile, which combines all these things in the almost magical devices that billions of us carry with us everywhere, all the time, and use to mediate all aspects of our lives.

    I was at the Telegraph long enough to earn a coveted window seat, and when I looked out of that window what I saw was Google, whose offices were right across the street from mine. Because every time I looked at my computer I saw Google too, it followed that I should spend quite a bit of time in those offices, which I did, generally discussing the finer details of Search Engine Optimisation (SEO), then in its infancy but still of considerable importance to a newspaper group.

    While the Telegraph initially did well out of the web, as time went by that success began to wane. This was partly as the result of poor strategic decisions by senior management (don’t get me started), but also because the media as a whole and newspapers in particular were being reconfigured by the exponential expansion of Google, Facebook and others, especially as the world began the shift from the desktop to the phone.


    The Block — a valiant attempt to build a social network around a TV drama four years before Facebook (and decent broadband penetration). Set in a 1 kilometre-high tower, the project was shelved by the BBC in the wake of the 9/11 attacks.

    Sitting in that window seat between 2009 and 2012, it became ever more apparent to me that content was becoming increasingly commodified and that I should put more focus on the expression side of my equation if I wanted to stay remotely relevant. It also became clear to me that this data pact that consumers — and, indeed, the newspapers, themselves — were making with the new tech giants by handing over detailed information about their personalities and habits in return for “free” online services was deeply problematic, not least because of the effect it was having on the economics of my own industry, which I witnessed in a very literal way as month after month more of the excellent journalists who sat all around me got laid off. But it was a new world, everyone wanted to try it out for size, and the services were so good that no one really seemed to care.

    Still, I felt that change was coming one way or another, so when the cutbacks reduced my own team to the point where I felt we could no longer put out a quality product, I left the Telegraph to focus more on online video. When that didn’t work out (another long story) I was contacted by two surgeons, one of whom I’d known since university, and ask to bring my media tech experience to bear on an idea they’d had for improving comms in health.

    I didn’t know too much about healthcare as an industry, but my undergrad degree was in experimental psychology and I’d just spent a decade helping my father through an extended battle with chronic lymphatic leukaemia, so the area wasn’t completely alien to me. I did some research and it was soon obvious to me that not only could the kind of consumer messaging and social media tools provided by the likes of Facebook and the companies it had acquired — notably WhatsApp and Instagram — make a huge difference to efficiency in the provision of healthcare, but that here was an area where, however blasé they were in other areas of their lives, people really would care about what happened to their data.

    I therefore threw my lot in with the surgeons, Neville Dastur and Charles Nduka. We talked to the Information Commissioner’s Office, looked at the data protection legislation in health, did a lot of market testing, reviewed the General Data Protection Regulation that was due to come down the line from Europe (and is due to arrive on May 25th), and built a service with an innovative, data compliant architecture for handling chat and data that provided both with best practice, transparency and simplicity for users and employers — without being funded by sharing personal information or serving ads.

    For much of the three years it took us to do this, most people we spoke to told us we were wasting our time, that the service wasn’t necessary, that people didn’t care, that the big companies would surely beat us to it. But our service went live in the Apple and Android app stores in February, and a few weeks later we’ve seen $50bn wiped off the value of Facebook as the extent of the data misuse enabled by its service has become incontrovertibly obvious to everyone.

    In the meantime, Hospify is being all but overwhelmed with enquiries from clinicians, Trusts, unions and chief information officers, app downloads are increasing every day, and several of the big companies that were perceived as such a threat are now instead in the midst of legal, political and cultural firestorms over the chaos that their lax attitudes to handling data have ignited.

    Into this mess rides GDPR, which is looking extraordinarily relevant all of a sudden. It’s true, of course, that regulation doesn’t change things on its own. The Equal Pay Act of 1970 years ago demonstrates that. It’s only now that the #metoo movement has amplified the frustration of women sufficiently (thanks to social media for once acting in the way it was supposed to) that we’re seeing companies opening up their books on the gender pay gap, and change is actually starting to happen.

    So it goes with data privacy. GDPR on its own could easily be in large part ignored. But when week after week we’re hearing about the awful implications of not taking due care over data, revelations that are coming out as a result of the tireless work of reporters such as the Guardian’s Carole Cadwalladr, who I’m proud to say that I know from my time as journalist (and who deserves to pick up a slew of awards for her efforts), we’re seeing not just regulatory change, but culture change too. And the combination is all but unstoppable.

    We are therefore, I believe, about to enter a new era of data compliance. It’s the era we built Hospify for. Yes, it’s taken a while, but good things take time. Unlike Mark Zuckerberg, who extolled his team to move fast and break things until, alas, they ended up breaking democracy, Hospify’s approach is somewhat more measured. “Move slow and fix things” pretty much sums it up. This is not advertising we’re talking about. It’s health. Mistakes have very real consequences, for very real people. You can’t muck about it with it. It really is life and death.

    So join us! Change will ultimately only come if you, the user, demand it, and choose the tools that help you to enact it. Be the change you want to see in the world, as we have tried to do. Hospify is just one of many other great tools coming through that put data compliance and privacy at the heart of everything they do. Seek them out, use them, tell your friends about them. Because information might want to be free — to quote the Wired axiom from my old dotcom days — but as is now abundantly clear, someone always ends up paying.