Current situation and outlook Breakthrough in personal identifiers and the health care agenda - Big data and augmented reality, the new challenges
Ten years ago, we took a close look at the planned introduction of personal identifiers. The identifier was developed as part of the register harmonization plan, and the intention was to allow a census to be taken by means of the register of permanent residents. We took issue with the fact that the intended use of this unique identifier had not been defined sufficiently clearly, and that the number could be used for a wide range of unspecified administrative purposes. Unfortunately, our original suggestion that sector-specific numbers be created to obviate this problem was rejected. The new social security (AHV) number has now been introduced, and it can be used for purposes that the legislator has defined in very broad terms (Article 50e of the Social Security Act). That definition has now been further expanded, and entire cantonal administrations are now using the number, while new requests for its use are being made all the time. At the beginning, it was clear that the social security number would be used for e-patient files. Pascal Couchepin, who was the responsible Minister at the time, had already taken a decision of principle concerning this matter, although we had raised serious concerns regarding the breadth of its use (for workplace, education, and tax purposes, etc.), the fact that it was likely to be expanded even further, and that it was clearly no longer an anonymous number, which had been the original intention. When a new Minister was appointed, we were able to raise the issue anew, notwithstanding the decision of principle, and we were able to make some headway: The Federal Council (Swiss government) has now agreed that the Central Compensation Office (CCO) will create e-patient numbers on a randomized basis which it will store together with the social security number. We are convinced that the CCO will in future be able to use sector-specific numbers for other sensitive domains - such as e-voting - based on this model.
Another point worth highlighting is a significant improvement in Switzerland's health system. For many years we have criticized the fact that an enormous amount of data has been exchanged between medical care providers and health insurers, even though this was not absolutely necessary. Consequently, we repeatedly asked the health insurers to provide us with details about how they processed invoices. However, rather than giving us the detailed information we were looking for, we were fobbed off with the standard answer that health insurers needed all available patient data in order to be able to determine the effectiveness, appropriateness and economic efficiency of a particular measure. We knew that the great majority of invoices were checked using an automated process, and that reimbursements were then made without any further checks. With a view to the introduction of the flat-rate payment system (SwissDRG), we needed to counter the danger that health insurers would build up enormous quantities of digitized medical data. We have been recommending for some time that an independent certified data collection point be set up between medical care providers and health insurers. The idea would be to put in place an automatic triage system which would determine which invoices needed to be examined in greater detail. Thanks to the support we received from Federal Councillor Alain Berset, this recommendation suddenly became the focus of discussions and it was finally included in the government ordinance. We believe that although the new system has not been implemented across the board, and that there are still many points that need to be clarified, it will enhance privacy rights in the health sector.
We are pleased to announce that during 2012, i.e. six years after the Freedom of Information Act came into effect, the staff numbers that had been promised in the Federal Council's message to parliament became a reality. Obviously, that does not mean that the mountain of outstanding cases will be eliminated at a stroke, but it does give us hope that the 75 cases which could not be processed within the legal time limit, will at least be substantially reduced by the end of the year. During the course of the year under review, an important clarification was introduced with regard to the Freedom of Information Act. An increasing number of federal government agencies tried to have themselves exempted from the application of the law, arguing that the constraints under which they operated prevented them from carrying out their duties in the appropriate manner. The Swiss Federal Audit Office (SFAO), for example, asked for an exemption, saying that it feared it would no longer be able to have access to important information if informers felt afraid that the principle of transparency could be used against them. We countered that position by arguing that it would be totally inappropriate for a supervisory body, whose job was to uncover mistakes made by the federal authorities, to refuse to subject its own actions to the same scrutiny. The Federal Council accepted our position and has now rejected the application for review submitted by the SFAO. Similar attempts are also being made by other agencies and we intend to counter their arguments. We believe that the intelligence services and the competition authorities, like other bodies, should be duty bound to act in a transparent manner.
During the past year, we also carried out a substantive examination of certain key issues (e.g. video surveillance in changing rooms or credit reference agencies) and published our opinion on important laws within the context of inter-ministerial consultations (e.g. the Law on the Monitoring of Postal and Telecommunications Traffic, the Federal Act on Measures to Safeguard National Security, the online commercial register and the Postal Ordinance). Our remarks and criticisms concerning the regulation of Trojan software used by the authorities (State Trojan) and interference by the intelligence services in the private sphere of individuals have to a large extent been taken into account. We continue to hope that some of the unresolved questions will be addressed during the parliamentary debate. The revision of the Postal Ordinance provided us with an opportunity to raise an issue that has been a cause of concern for a considerable time. Since the end of last year, Swiss Post has been prevented from charging its clients 30 francs if they objected to their change of address order being communicated to third parties. Communications from Swiss Post regarding change of address orders have also become more transparent: as of now, Swiss Post must provide a detailed list of all persons who have been notified of a change of address, i.e. address brokers, credit reference agencies, insurance companies, banks, etc. A blanket consent is not sufficient and does not allow Swiss Post to transmit information to third parties.
Finally, we also published comments and information on our website covering a range of topics, for example on the subject of naming-and-shaming on the internet; data protection during mass sports events; or the use of web analysis tools by federal government agencies. To mark the occasion of the Data Protection Day, we produced a brochure on data protection at the workplace.
During the year, credit reference agencies and address brokers proved to be extremely challenging for the FDPIC. It all started when a number of citizens discovered during a Google search that an enormous amount of information concerning them was available on the internet, ranging from the name of the person they lived with, to data on their credit-worthiness. The shock was particularly great for those who had asked their telephone provider or Swiss Post not to publish their address, and to find that their full details were available online. We immediately took the matter in hand and achieved, as a precautionary measure, that the people whose addresses had been blocked for security reasons were better protected. We also carried out a detailed fact-finding mission on credit rating agencies and data flows connected with the selling of addresses. We issued the company concerned with a set of recommendations, including the demand for a process to be established that guarantees the privacy rights of the individuals concerned. The recommendations obviously apply to all companies that are active in this field. We intend to observe carefully how the recommendations are put into practice, and shall propose additional measures if we feel that not enough has been done. Our initial focus was limited to the use of blocked addresses. However, this brought many other problems and issues to the surface which clearly need to be addressed. One of the key questions is how data, which are obtained from a variety of sources and for different purposes, can be collected, recombined and analysed, and the result then published on the internet without the consent of the individuals concerned. Those who turned to us for advice on the matter are quite visibly unhappy with the fact that such detailed information about them is being made available online. They don't see why they should have to accept this situation. Without wishing to pre-empt our findings, we can already say at this juncture that the legal situation regarding credit reference agencies, address brokers and the publication of personal data on the internet is of such a fragmentary nature that for this reason alone a revision of the Data Protection Act would be warranted.
Data protection is really being tested, and not only because of the internet. In the future we will have to deal with technical developments and products that allow both governments as well as private companies to supervise and to exercise full control over our social lives. Didn't the Mayor of New York authorize the use of military drones capable of operating at a great height and monitoring down to the smallest detail everything that was going on down in the city? Thus a person who is sitting on a park bench reading a book can expect a drone, or rather the person controlling the drone, to be able to read the book "over his shoulder". Any individual endowed with a certain degree of curiosity will be able to use minute aerial vehicles, equipped with inexpensive but smart technology, to carry out reconnaissance flights, to look at the insides of buildings, and even to slip through an open window. Augmented reality software will allow us not only to observe and challenge reality through our glasses, but to enrich and interpret it with all the sources of information available on the internet. Perhaps somebody wearing "Google glasses" who passes you in a London street will address you by your name as you walk by with your girlfriend by your side. His glasses will have taken a snapshot of you, the picture will be compared to the digital images available on the internet, and he will recognize you thanks to the use of facial recognition technology. If some person you had never seen in your life stopped you in the street and addressed you by name, you would love it, wouldn't you?
The subject of Big Data is increasingly grabbing our attention. Large amounts of data are
- generated automatically (telecommunication connections, web access, log files),
- automatically recorded by RFID readers, cameras, microphones and similar devices,
- collected during the course of financial transactions and
- produced in the health sector, the energy sector, etc.
As a result of technical developments, enormous storage capacity, the possibility of transferring large amounts of data rapidly over large distances, as well as the ability to carry out a precise analysis of these sources, data will become a new raw material (or new capital) in the future data-driven society (Alex Pentland, Professor of Computer Science at MIT). Algorithms are used to process enormous amounts of data which can pave the way for groundbreaking discoveries, but can also represent a massive danger for our privacy. A number of examples immediately spring to mind. If the analysis of Big Data makes it possible to determine that married women, who are just about to buy some expensive piece of jewellery, are likely to be on the verge of a separation, or the analysis of the transaction data of a bank customer reveals that the person in question is about to die, it is obvious that there is enormous scope for misuse of that data. As a debate is due to take place on the issues within the framework of the revision of the law, one of the questions will be whether the law is up to the task of regulating Big Data, or rather its possible uses.
On a more general note, the question to be answered is whether the vast amounts of data, on which an ever increasing number of internet-based service offerings rely, can be kept in check by national legislation alone.