When Your Car Spies on You

Lori Head Shot 2014 v.2 small

By Lori Andrews

Cars are getting smarter.  Some can show you a video of what is behind you to help you park in a tight spot.  Others can automatically apply the brakes if you are about to run into the car in front of you.

Now cars have a new power.  They can snitch to an insurance company about your driving.   A tracking device can be installed in your car to monitor how and when and how far you drive.  Progressive and other insurers offer discounts on car insurance to drivers based on data from such devices.

Do you accelerate sharply, corner too closely, travel at night or drive great distances?   Those traits can be used against you and prevent you from getting a discount.  But many of those factors are beyond your control.  If your job requires you to work in the evening, why should you be penalized by your insurer?

Most insurers’ devices are installed in the data port of car, under the drivers’ side of the dashboard, which limits their use to cars sold after 1998.  But the Canadian insurer Desjardins uses a mobile phone app, Ajusto, that doesn’t even need to be installed in the car.  But phone apps raise additional issues.  Nothing prevents an insurer from matching data from the phone driving app with other information.  Nearly two-thirds of smartphone owners look up health information on their devices.  What if you’ve done a Google search for the side effects of an allergy medication?  The insurer might take that to mean you are using the medication while driving, despite the drug’s warnings about drowsiness.

Who else will ultimately get the driving information?   Will the police want to know who is driving faster than the speed limit?   As a phone app, Ajusto can tap into location information.  Will spouses and employers want to know where the driver has been?  Already, information from toll passes has been used as evidence in criminal cases and divorce cases.  If you get into an accident while using Progressive’s Snapshot device, Progressive will turn over their information about your driving style and history to the court.

These programs to reward safe drivers might actually lead to more accidents.  A friend who used the Progressive device heard a series of beeps from his car if he braked too quickly.  The only way to avoid the beeps was to stay four car lengths behind the car in front of him, but that meant other cars were constantly swerving in front of him.  It also greatly increased the chance of his being rear-ended.

The tracking devices for cars are touted as a way to save you money.  But the data they collect can be used against you.  Progressive announced that it will start charging higher rates to drivers who volunteer to use its Snapshot device, but whose driving does not measure up.  Courts can order that you turn over your driving information to someone who sues you.   Tracking devices have real risks. What you might save in premiums, you’ll lose in privacy.

A White House Invitation to Launch Precision Medicine

By Lori Andrews

President Obama at the launch of the Initiative

Last Friday, I was a guest at the White House for President Obama’s launch of the Precision Medicine Initiative.  The goal of the Initiative is to sequence people’s genomes and read the nuances of their genes to determine how to prevent disease or more precisely treat it. The President illustrated how this would work by introducing Bill Elder, a 27 year old with cystic fibrosis. Bill has a rare mutation in his cystic fibrosis gene and a drug was fast-tracked at the FDA to target that mutation.  “And one night in 2012, Bill tried it for the first time,” explained President Obama. “Just a few hours later he woke up, knowing something was different, and finally he realized what it was:  He had never been able to breathe out of his nose before.  Think about that.”

When Bill was born, continued the President, “27 was the median age of survival for a cystic fibrosis patient.  Today, Bill is in his third year of medical school.”  Bill expects to live to see his grandchildren.

The Precision Medicine Initiative will involve sequencing the genomes of a million Americans.  Such a project would have been unimaginable if we hadn’t won the Supreme Court case challenging gene patents.  Prior to that victory, genetic sequencing cost up to $2,000 per gene due to patent royalties.  Now it will cost less than ten cents per gene.

Bill Elder at the White House event

The people who volunteer as research subjects for the project may expect cures for their own diseases.  But, even when genetic mutations are discovered, cures are a long way off.   “Medical breakthroughs take time, and this area of precision medicine will be no different,” said President Obama. And despite the fanfare surrounding genetics, researchers often find that environmental factors play a huge role in illness. At the same time the White House was preparing for the launch of the Precision Medicine Initiative, Stanford researchers and their colleagues across the globe were publishing a study in the January 15 issue of the prestigious journal Cell challenging the value of sequencing research.  Their study, “Variation in the Human Immune System is Largely Driven by Non-Heritable Influences,” tested sets of twins’ immune system markers.  The result: Nearly 60% of the immune system differences were based on the environment rather than genes.

Capturing environmental information about the million volunteers will involve invasions of their privacy as their health and behavior is categorized and quantified from every perspective.  Their genetic data will be combined with medical record data, environmental and lifestyle data, and personal device and sensor data.  If not handled properly, this data could be used to stigmatize the research participants or discriminate against them.  Will they be properly informed of the risks in advance?  Will sufficient protections be in place for their device and sensor data, which is often not covered by medical privacy laws such as HIPAA?

At the White House last Friday, President Obama said, “We’re going to make sure that protecting patient privacy is built into our efforts from day one. It’s not going to be an afterthought.” He promised that patient rights advocates “will help us design this initiative from the ground up, making sure that we harness new technologies and opportunities in a responsible way.”

Professor Andrews with Henrietta Lacks’ descendants at the White House

President Obama underscored that commitment by inviting members of Henrietta Lacks’ family to last Friday’s event. In 1951, Henrietta Lacks was dying of cervical cancer.  A researcher at Johns Hopkins University undertook research on her cells without her knowledge or consent (or that of her family).  Her immortalized human cell lines provided the basis for generations of research in the biological sciences, as well as research by commercial companies.  When her husband learned about it years later, he said, “As far as them selling my wife’s cells without my knowledge and making a profit—I don’t like it at all.”

A former Constitutional Law professor, President Obama is aware of the importance of people’s rights.  Let’s hope that his aspiration of an Initiative that guards research subjects’ autonomy and privacy will be honored by the scientists who will actually operationalize the $215 million project.

Digital Sexual Assault: A Disturbing Trend

IMG_20141106_142756

 

 

By Colleen Canniff

“Hopefully the Class of 2018 is paying attention, because otherwise the UEA is going to have to rape harder…”

In the fall of 2014, the incoming University of Chicago freshman class and the wider University of Chicago (UC) community were targeted and threatened as an anonymous hacker group, UChicago Electronic Army (UEA), posted the name of a sexual assault survivor and activist, purportedly in retaliation of the posting of The Hyde Park list.  The Hyde Park List, posted to Tumblr, was compiled by and for UC students and contained a list of UC students who, according to the list, are “individuals we would warn our friends about, because of their troubling behavior towards romantic or sexual partners.”  The original purpose of the list was to “[keep] the community safe—since the University won’t.”  One could argue that the UEA’s actions were out of a concern of denying due process to the students named.  But their method—threatening rape, and naming and identifying a victim of sexual assault—is a prime example of a troubling trend on the internet: using threats of sexual violence to silence individuals with whom a group of people doesn’t agree with.  As threats go online, the law is racing to keep up.

The UC incident is just the tip of the digital-assault iceberg.  Other reports of online sexual assault such as the iCloud hack, theft, and online release of dozens of celebrities’ personal nude photos, YouTuber Sam Peppers’ videos of sexually harassing women on the street, and the continued threats against Anita Sarkeesian, founder of Feminist Frequency (a website where she discusses and critiques female representations in videogames), exemplify the pervasiveness of online sexual violence against women. Continue reading

The Cold Truth Behind Employer-Covered Social Egg Freezing

Nadia ISLAT

By Nadia Daneshvar

Salary. Health insurance. Long-term disability insurance. Flex benefits. 401(k)…and “baby insurance”? With the advent of egg freezing, women can have children practically whenever they want and with whomever they want, by simply having their viable eggs frozen while they’re still young. Imagine if your employer decided to cover the cost of preserving some of your eggs for you as a part of its benefits package. Some law firms are doing just that for their female employees. Testing, monitoring, and retrieval of eggs can cost anywhere from $6,500 to $12,850, and annual storage fees of retrieved eggs are typically between $400 and $600. But the costs don’t stop there. When a woman decides she is ready to use her eggs, they must be thawed, fertilized, and transferred to a woman’s uterus, which costs anywhere from $4,500 to $7,000. At Specialists in Reproductive Medicine and Surgery, a woman could pay a total of $21,558 if the eggs are stored for only one year. These procedures are rarely covered by health insurance and vary from clinic to clinic, making employer-covered egg freezing a financially enticing option for many women. After all, one-fifth of American women between ages 40 and 44 do not have children, among whom half regret their status wishing they had children. Egg freezing is thought to offer the option to younger women to avoid such future regrets.

Continue reading

Egg Donation is Made to Look Easy, but Questions and Health Risk Remain

Ryann Summers_1

By Ryann Summers

Recently, a former co-worker and his romantic partner sent me a text message that left me reeling.

It essentially read: Hey, can I have ur eggs? Thx.

Few couples would be better equipped to raise a well-loved child than these two men, and I fully supported their decision to start a family.  But I wondered how we had arrived at the point where this request has become so casual that it can be communicated in fewer than 140 characters.  At least take me out to dinner.

I don’t fault my co-worker; his question mirrors how the issue is presented in our culture.  As a woman in her early 20s, I am bombarded by advertisements seeking my eggs.

Recently when I was riding the T in Boston, I found myself staring at the face of a smiling baby, and a dollar amount.  It seems, well, easy.

Egg donation payments range anywhere from $5,000 to $10,000; some solicitations offer amounts as high as $20,000, or even $100,000, for donors with specific characteristics.  I could definitely benefit from thousands of dollars, and hey, I probably have eggs to spare, right?

Continue reading

Something’s Rotten in the State of California: Google’s Network “Sniffing” Fails Ninth Circuit’s Smell Test

Dan Massoglia_1 v.2

By Dan Massoglia

It’s a crisp afternoon on the Northwest Side of Chicago.  A white Opel Astra cruises down the block, its roof-mounted camera capturing photos dedicated to Google’s now ubiquitous Street View service.  Far more than taking pictures of streets and sidewalks, however, Google’s cars have been collecting digital information from inside homes as well, covertly sucking down data sent via unsecured wireless routers, picking up emails, passwords, and even documents and videos from the families inside.

Continue reading

PA Webcam Spying Case Resolved

Jake Meyer by Jake Meyer

Everyday for two weeks when high school student Blake Robbins left his school’s campus and went home for the day, the Lower Merion School District covertly followed him home, tracking his position, snapping photographs of him and his family, and recording his activity on his laptop computer.  The school district didn’t send a secret agent to keep tabs on Robbins, but instead had turned his school issued laptop into a remotely controlled surveillance device.  Robbins’ laptop captured over 400 images, screenshots of his activity on his laptop while he typed to friends through an internet messenger service, and photos taken through the laptop’s webcam of Robbins while he slept, pictures of him partially dressed after he got out of the shower, and photos of Robbins’ father and friends.  The laptop transmitted its IP address allowing the school to track its physical location.  The school district had installed this tracking software, TheftTrack, on all of the school issued laptops to be activated to retrieve laptops that had been reported stolen.  Robbins’ original laptop was returned to the school with a broken laptop and the school issued him a loaner laptop.  School district officials knew that he was in possession of the loaner laptop and that it had not been stolen, but activated the monitoring software anyway.  Robbins later learned that the webcam had been activated on his laptop when he was confronted at school by the assistant principal about his possible drug use – it turned out that the webcam had captured him eating Mike and Ike candy.

Blake Robbins and his parents filed a lawsuit against the Lower Marion School District.  The Robbins lawsuit was filed individually as well as on behalf of the class of all similarly situated persons – the students and families of students that had received a laptop with a web camera from the Lower Marion School District.  (The Robbins later moved to have the action certified as a class action and have the Robbins represent the class because joinder of the members of the class would be impractical because of the number of class members.)   The complaint alleged that the school district had “been spying on the activities of Plaintiffs and Class members by [the school district’s] indiscriminate use of and ability to remotely activate the webcams,” and that the “School District has the ability to and has captured images of Plaintiffs and Class members without their permission and authorization, all of which is embarrassing and humiliating.”

Continue reading

The Rules of Cyber War

Jake Meyer by Jake Meyer

There is a war going on and the U.S. is under attack.  These attacks aren’t on our soil, but they hit us at home and have the possibility of causing severe damage to our infrastructure through computers and internet connections.  These attacks threaten to “destroy databases, communications systems and power grids, rob banking systems, darken cities, knock manufacturing and health-care infrastructure off line” and cause other serious damage.  Cyber attacks have been launched against the U.S., because the U.S. has large systems that offer a large payoff if the systems are compromised — it’s probable that recent attacks on U.S defense and economic targets were launched by North Korea, China, and Iran.  Over 100 foreign intelligence agencies have attempted to break into U.S. networks.  But the U.S. isn’t the only target as the use of cyber warfare escalates around the world.  Russia has cyber attacked Estonia and Georgia.  And Stuxnet, a worm created to disrupt Iranian nuclear power plants, has been blamed on either the U.S. and Israel, or Russia.  But cyber warfare isn’t just limited to nations attacking other nations — China has launched coordinated attacks against Google and Gmail.  With all of this conflict on the cyber battlefield, is there any chance of a cyber peace treaty?

The secretary-general of the International Telecommunications Union (an agency of the United Nations), Hamadoun Touré, has called for the creation of a cyber treaty with a built-in legal and regulatory framework and a contingency plan in case of a large-scale attack.  U.S. officials are wary of Touré’s proposal since it would result in “restructuring Internet governance in ways that would boost government controls.”  But the U.S.’s reluctance on such a cyber treaty is not baseless.  There is cause for concern because regulation of the internet by the nation’s governments can result in censorship, limiting the usefulness of the internet.  Russia’s Defense minister has argued that promotion of ideas on the internet, such as democracy should qualify as “aggression” under a Russian-sponsored U.N. initiative introduced to combat cyber attacks, or as Russia prefers — “information war.”  Although a cyber peace treaty could be unlikely for the near future, there could be an agreement between nations on how a cyber war should be fought.

As nations waged bloody wars with each other through the centuries, rules of war were created by nations.  The modern rules of war are embodied in the Geneva Convention, but there is no such similar Geneva Convention for cyber warfare.  It could be time for rules of cyber warfare to be developed.  Professor Neil C. Rowe of the U.S. Naval Post Graduate School has suggested that cyber warfare should have ethics policies.  Rowe gives examples of possible policies such as an agreement to a “no first use” policy, where participating members would agree to only use cyber attacks in response to other cyber attacks, or requiring that the attacks have distinctive signatures that identify who is responsible and their intended target.

So what is the U.S. government doing to defend itself on this new battlefield?  New organizations in the U.S. Department of Defense are being created to deal with these new threats.  The U.S. formed Cyber Command to defend defense networks and to also launch offensive cyber strikes.  Existing government agencies are also cooperating more to defend the variety of systems that are vulnerable to cyber attack.  The National Security Agency, which is tasked with protecting U.S. national security systems and intercepting communications overseas, and the Department of Homeland Security, which has responsibility for protecting vital systems like power grids, financial services and water purification, have agreed to share their intelligence

Solutions have also been proposed to defend the U.S. in the event of a large scale attack.  The Senate Committee on Homeland Security and Governmental Affairs has approved a bill to allow the President “emergency authority to shut down private sector or government networks in the event of a cyber attack capable of causing massive damage or loss of life.”  This bill, S. 3480, has been described as a “kill-switch” for the internet.  There is some concern with such a system because the power to disable whole portions of the internet is an extreme power, and it’s not clear what the precise circumstances would be for the exercise of such a power.  Larry Clinton, president of the Internet Security Alliance, which represents the telecommunications industry, criticized the bill as “empower[ing] the president to essentially turn off the Internet in the case of a ‘cyber-emergency,’ which they didn't define.”

The strengths of the internet are also what make cyber attacks a serious threat to the security of citizens and countries around the world and also make these same threats difficult to regulate.  The internet “enables communication on an unprecedented scale and is woven into billions of lives around the world.  Its openness, its inclusiveness, its relative lack of regulation make it a fertile field for innovation and competition, an engine for much needed economic growth,” says Rod Beckstrom, President and Chief Executive Officer of Internet Corporation for Assigned Names and Numbers (ICANN).  This engine for economic growth that allows vastly improved communication and near instantaneous access to information benefits from its openness and lack of regulation.  Defending against the threat of cyber attacks will require policy makers to walk a fine line between regulation and openness.

Watch out Produce Aisle, Here Comes Dad!

SarahBlennerBy Sarah Blenner, JD, MPH

Diabetes and obesity are serious health problems that are affecting an increasing number of Americans of all different ages.  The Center for Disease Control and Prevention (CDC) recently estimated that, based on existing trends, the prevalence of diabetes could increase from 1 in 10 adults to 1 in 3 adults within the next forty years.  This means that the CDC expects the number of people with diabetes to either double or triple by the year 2050.  While there is no single known cause for either type 1 or type 2 diabetes, there are a variety of widely accepted risk factors associated with both forms.  For example, type 2 diabetes risk factors include, but are not limited to: age, race/ethnicity, body mass index (BMI), activity levels, and family history.  Recent studies suggest that breast size, eyebrow color, and short stature might also be associated with an increased risk for diabetes. 

A recent study conducted on rats has even suggested that if a dad-to-be eats a lot of foods that are high in fat before his child is conceived, then he is more likely to pass the risk of diabetes and obesity on to his daughter.  This study might be the only one of its kind to report that a father can pass along a risk factor associated with diabetes that is not inherently genetic.  Although the study was conducted on rats, the researchers hypothesized that the conclusions of the study might be congruent in human populations, since obesity in men affects sperm function, sperm mobility, and the amount of DNA damaged in sperm.  If in fact the findings of this study are applicable to people, there may be some serious implications for future generations, as thirty-four percent of adults are considered obese, an additional thirty-four percent of adults are considered overweight and the rates of diabetes in the adult population are drastically rising. 

Continue reading

Biohack the Planet! A New Generation of Hackers Sweep Across the Country

Keith Syverson by Keith Syverson

The recent phenomenon of “biohacking” has been quietly gaining momentum.  In February 2010, Lori Andrews blogged about her experience at UCLA’s Outlaw Genetics conference.  Just last week, the international scientific journal Nature published an article titled “Garage Biotech: Life Hackers” describing the growing trend.  The steadily decreasing cost of molecular biology equipment has lead to a movement where amateur scientists, calling themselves biohackers, purchase equipment and set up their own molecular biology labs in their garages.  Proponents of the movement liken it to the open source movement in software.  The idea is that the “democratization of science” will bring fresh new talent to improve scientific instruments and uncover new applications for biotechnology.  At the very least, the name “biohackers” sounds cool.

Biohackers and do-it-yourself biologists come in all forms.  Geneticist Hugh Rienhoff created a home laboratory to study his ailing daughter’s rare genetic condition.  Others, like Rob Carlson, simply became frustrated with the tedious process of annually filling out grant applications to secure funding at his academic lab. The real down-and-dirty biohackers, however, are simply hobbyists with little or no formal training in molecular biology.  For example the article in Nature mentions Meredith Patterson, a computer programmer based in San Francisco California who created glow-in-the-dark yogurt by engineering a yeast strain in a garage lab.  There are growing online communities such as DIYbio where biohackers come together to share protocols and instructions for making cheaper lab equipment.  Other groups, such as the Silicon Valley-based BioCurious, are seeking to furnish a shared lab space where members of the club pay dues in exchange for classes taught by local graduate students and timeshares in the lab.

Continue reading