NHS ordered to hand over security keys of NHS data to GCHQ
By Rob Woodward – TruePublica: Britain’s NHS has become the latest target for big tech to stick its money funnel into and harvest our most personal and private data. It was bad enough that the state illegally and secretly stole our privacy, captured our secrets, recorded our conversations, filmed our private moments, took images of our children and invited in the biggest crooks on the planet to exploit the swag. But now, there’s a plan to capitalise, abuse, manipulate and profit from our physical and mental vulnerabilities.
Google and Amazon already have their tentacles shoved deeply into NHS patient databases and there’s a queue from America’s silicone Valley banging on the door. This week, we’ve found out that another shady company is to exploit the COVID-19 pandemic when we’re all looking the other way. This time, the links are with our own government, with Dominic Cummings, with his pals who just a few years ago were scratching their backsides in Uni but now are ‘data scientists’ at the heart of decision making over our lives.
Anonymised data for research purposes is one thing but the commercial exploitation of health data is another. And it demonstrates what this government is up to right now. They are preparing the NHS for a post-Brexit world irrespective of the wishes of the general public who are unanimous that the NHS should remain a fully-funded public institution without commercial interference.
Not satisfied with the work they have done already to destroy what is left of our most private information, or concerned with the damage that these tech companies will do – the government are equally indifferent to others whose intentions are just as nefarious.
The NHS has now been ordered to hand over its most secure information from its IT systems to the UK’s intelligence and security authority during the covid-19 pandemic after the agency was granted extra powers by Matt Hancock – the Health Service Journal has just revealed.
Government Communications Headquarters (GCHQ), the same authority that lost court cases over its illegal mass hacking programmes and data collection regimes – now has the power to simply take any information which relates to “the security” of the health service’s networks and information systems.
The move, authorised by Mr Hancock earlier this month, appears from the outside to be an attempt to strengthen the NHS’ cyber defences amid warnings from GCHQ of a growing trend in covid-19 themed cyber attacks.
According to a government document published last week, the purpose of the new directions is to support and maintain the security of any network and information system which is held by — or on behalf of — the NHS, including systems that support NHS services intended to address coronavirus.
What this does is grant GCHQ unprecedented powers it did not have previously, under the Computer Misuse Act 1990
SafeSubcribe/Instant Unsubscribe - One Email, Every Sunday Morning - So You Miss Nothing - That's It
Apparently, the same directions also apply to all public health bodies. That means that the state now has access to every piece of information ever generated by any public body in Britain and the security systems that keep that data safe.
What this does is grant GCHQ unprecedented powers it did not have previously, under the Computer Misuse Act 1990. The COVID-19 crisis was used by the government as an opportunistic attack on Britain’s democracy which it attempted to grab for a minimum of two years. In so doing, it has already changed the information security landscape irrevocably.
Access to this data now gives the state extraordinary power over all of our lives. This is the last battleground of information access and they’ve used a crisis to accomplish it.
A spokesman for the National Cyber Security Centre, which is part of GCHQ, said the directions were part of “our ongoing commitment to protect health services during the coronavirus pandemic.
“These directions give us consent to check the security of NHS IT systems,” he added.
The unnamed spokesman was quick to point out that they “do not seek to authorise” GCHQ to receive patient data, and he added: “We have no desire to receive any patient data.”
It is not good enough to state that these so-called directions will only apply until the end of 2020. They have access to their security systems.
Meanwhile, GCHQ has been advising NHSX (a new unit designed to transform digital health) on the creation of its new contact tracing app that privacy group medConfidential has stated is a clear opportunity for abuse of anonymised data.
Health Secretary Matt Hancock said in the April 12 coronavirus press briefing that the app would enable people to anonymously share their data, but according to The Guardian, a government document labelled “draft – not yet approved” suggests they have considered identifying users.
The March memo detailed how the app could work using Bluetooth to trace people’s movements and alert them if they may have come into contact with someone reporting symptoms.
However, the memo also suggested that “more controversially” the app could use device IDs to “to enable de-anonymisation if ministers judge that to be proportionate at some stage.”
The state has now become a 360-degree total access surveillance system over our entire lives. It has always been sold to the public under the guise of national security but have lost court case after court case for their illegal activities and abuses unconnected with our general wellbeing.
Who will be the highest bidder of all this data? The list is endless but it begins with health insurance companies, private hospitals and outsourced healthcare services. Britain’s prized health service is heading into 2021 facing an entirely new crisis, one that almost no-one thinks will ever happen. NHS data is valuable simply because it is not corrupted by the tension strings of private interests. Last July, Ernst and Young estimated that data held by the NHS could be worth nearly £10bn a year. The fact that E&Y, a company that has hugely profited from privatisation calculated this in the first place, is itself a cause for concern.