Read more of this story at Slashdot.
On July 1, laws requiring adult websites to verify user ages took effect in Mississippi and Virginia, despite efforts by Pornhub to push back against the legislation. Those efforts include Pornhub blocking access to users in these states and rallying users to help persuade lawmakers that requiring ID to access adult content will only create more harm for users in their states.
Pornhub posted a long statement on Twitter, explaining that the company thinks US officials acting to prevent children from accessing adult content is "great." However, "the way many elected officials have chosen to implement these laws is haphazard and dangerous."
Pornhub isn't the only one protesting these laws. Last month, the Free Speech Coalition (FSC) sued Louisiana over its age-verification law, with FSC Executive Director Alison Boden alleging that these kinds of laws now passed in seven states are unconstitutional.
By Adrian Thorogood and Eva Winkler.
Our paper tackles a question that policymakers and public healthcare systems are wrestling with around the world: should for-profit companies be given access to medical data derived from patients for research?
In public healthcare systems, medical data is generated as part of the routine care of patients, and through administrative processes like billing and reimbursement. Medical data is a valuable resource for research and innovation that can advance medical science and improve healthcare. Beyond academic research, for-profit companies are increasingly interested in access to “real world” medical data to inform the discovery and development of drugs, medical technologies, and data-based health applications such as AI. Many countries are actively promoting data sharing to advance public health and wealth goals.
Despite this enthusiasm, for-profit re-use of medical data from public healthcare systems continues to be a source of controversy. Hospitals and data sharing initiatives have often been criticized for a lack of transparency and social license. Some have even been shuttered or sued. Empirical surveys consistently suggest patients and members of the public are less comfortable with companies accessing their sensitive health information than healthcare professionals or academic researchers. This tension between the interests of patients and those of the public and for-profit corporations calls for a closer look at the interests of all parties involved.
Inspired by political philosophy, our paper aims to identify and evaluate the competing claims of different stakeholders relating to for-profit re-use of medical data. This includes the patients providing data, the companies seeking to use data, the society who funds and relies on its public healthcare system, and the healthcare institutions and professionals who painstakingly generate medical data.
Patients have a right to have their medical data treated with confidentiality, and a right to actively determine who accesses this sensitive form of personal data and why. Any re-use of their data should be subject to strict privacy and security safeguards, and to high standards of consent, transparency, and accountability. Patients might expect to receive a direct share in profits generated from the contribution of data. Assuming such a scheme could be practically implemented, does this claim override those of companies, hospitals and society? We argue that this is a weak claim: while medical data certainly fall under patients’ control required by the right to informational self-determination, data are generated primarily for their healthcare and no right to share in profits can be deduced.
For-profit companies in the health sector do not have a right per se to access publicly funded medical data. However, they are entitled to freedom of research – a defensive right restricting state influence on research activities – and a right to a level playing field where access is provided (non-discriminatory access). Companies do have a legitimate right to pursue and realize profits from developing high-quality, life-saving or improving health products. Where products do not offer true value, are overpriced or are not domestically available, however, commercial practices can threaten the sustainability of health systems and patient access. This seems all the more unjust for products developed using data provided by health systems and patients. As part of corporate social responsibility, companies have ethical and reputational reasons to protect patient privacy and to deliver benefits to society, reflected by the current proliferations of guidelines around responsible AI.
Hospitals and clinics are ultimately the places where patient data is generated, through the dedicated efforts of healthcare professionals and staff. Do physicians and hospital leadership own the data and have a claim to share in eventual profits? These claims are complicated by the public funding supporting healthcare delivery, patient self-determination, and the fact that data generation is only the beginning of a complex value chain. They do, however, have a valid claim to appropriate compensation for data generation and curation, one that is all too often overlooked.
Society can benefit from for-profit re-use through things like improved drug safety, as well as more accurate and cost-effective care. How can the state ensure public funds invested in health systems and data infrastructure maximally benefit society, while also maintaining public and patient trust?
Two key tensions arise: between profit maximation versus societal benefit, and between commercial and societal interests in exploiting data versus patient self-determination and privacy. To address these tensions, we conclude by suggesting conditions for ethically sound for-profit re-use of medical data:
We conclude that there are good reasons to grant for-profit companies access to medical data if they meet certain conditions: among others they need to respect patients’ informational rights and their actions need to advance the public interest in better healthcare.
Paper title: Patient data for companies? – An ethical framework for sharing patients’ data with for-profit companies for research
Authors: Winkler EC1, Jungkunz M2, Lotz V1, Thorogood A3, Schickhardt C2
Affiliations:
Competing interests: ECW and CS have been receiving grants by the German Ministry of Education and Research (BMBF) in the frame of the German Medical Informatics Initiative (MII) and have been involved in the Working Group “Consent” of the MII
The post Patient data for companies: Patient privacy, private profits and the public good appeared first on Journal of Medical Ethics blog.
After the Federal Trade Commission launched a probe into Twitter over privacy concerns, Twitter’s negotiations with the FTC do not seem to be going very well. Last week, it was revealed that Twitter CEO Elon Musk’s request last year for a meeting with FTC Chair Lina Khan was rebuffed. Now, a senior Twitter lawyer, Christian Dowell—who was closely involved in those FTC talks—has resigned, several people familiar with the matter told The New York Times.
Dowell joined Twitter in 2020 and rose in the ranks after several of Twitter’s top lawyers exited or were fired once Musk took over the platform in the fall of 2022, Bloomberg reported. Most recently, Dowell—who has not yet confirmed his resignation—oversaw Twitter’s product legal counsel. In that role, he was “intimately involved” in the FTC negotiations, sources told the Times, including coordinating Twitter’s responses to FTC inquiries.
The FTC has overseen Twitter’s privacy practices for more than a decade after it found that the platform failed to safeguard personal information and issued a consent order in 2011. The agency launched its current probe into Twitter’s operations after Musk began mass layoffs that seemed to introduce new security concerns, AP News reported. The Times reported that the FTC's investigation intensified after security executives quit Twitter over concerns that Musk might be violating the FTC's privacy decree.
Just because a company — like, say, Tesla — promises that your privacy "is and will always be enormously important to us," doesn't mean your privacy is important to them. Nor does it mean your privacy will be protected. Where there's a camera, there's a way — to invade your privacy, that is. — Read the rest
Private investigator hired to look into possible involvement of two student activists in occupation of building
Sheffield University has been criticised for hiring a private investigator to look into the possible involvement of two student activists in a protest in one of its buildings.
The two students received letters on 9 November informing them that the university had hired Intersol Global, a firm of investigators, to look into whether they were involved in a student occupation of a building in late October protesting against Sheffield’s links to the arms industry.
Continue reading...Surprise! The FBI has been involved in warrantless surveillance! But that's not particularly surprising; we've known that for a while now (even in some pundits like to pretend as if it's absolutely unprecedented when the FBI occasionally stops monitoring Muslims, Black rights, and environmental activists and turns their attention to money laundering networks surrounding right-wing politicians). — Read the rest
Protect your facial biometric data with knit wear? As absurd as that sounds, designer Rachele Didero, of the Italian startup Cap_able, has patented textiles that do just that. The patterns trick facial-recognition cameras into thinking it's not looking at a person. — Read the rest
Read more of this story at Slashdot.
Read more of this story at Slashdot.
Read more of this story at Slashdot.
I2P is one of the many darknets floating around (running over?) the internet and I’ve been playing around with it since, like, high school. It’s peer-to-peer, censorship resistant, and overall just super cool. And by peer-to-peer I mean that you can share files over the network (using torrents) while both remaining anonymous and not being a nuisance to other users (unlike Tor).
Also unlike Tor it doesn’t have its own “browser bundle”.
I mean, it did at one point. But then it got discontinued.
Before the browser bundle I had to rely on a manually configured secondary browser, which I am now back to doing. It’s not a majorly inconvenient process, but wow was that browser bundle very convenient.
I’ve been a die hard user of Firefox (and browsers based on/related to Firefox, like Camino or pre-Chromium Flock) since the early/mid 2000s and I have no plans to ever switch over to Chrome or its ilk. Even though the browser wars are over, I will forever continue the struggle as part of the dissident Firefox-users campaign. Sure, I have to rely on Google for plenty of other things (like my phone, calendar, contacts, cloud storage, captcha protection for this site, and so on), but they’ll never get my browser! Or email! Or web searches (mostly)!
You can have my Gecko layout engine when you uninstall it from my cold, bricked, SSD.
So obviously, I’d use something Firefox-ish for my manually configured secondary browser. And the Firefox-ish browser I’m using here is SeaMonkey; the direct descendant of the original Mozilla Application Suite which Firefox, as well as Thunderbird (which I still use as a desktop mail/RSS client), were spun off of from.
In addition to a browser, SeaMonkey includes an email (and newsgroup) client, an IRC client, an HTML editor, and an email address book.
So, why SeaMonkey? And not, like… a separate Firefox profile or container tab or something.
Well, for all their similarities (both being darknet-proxy-software things and all), I2P and Tor are different. They fill different niches, I guess. While they both have hidden services and out-proxies to the clearweb, Tor’s focus is definitely on the latter, while I2P seems to focus more on the former. And I2P’s hidden services aren’t all websites (I’m not saying all of Tor’s are though); I2P also has email, and IRC, and torrents too!
And also I’m already comfortable doing things this way. Leave me alone.
The first thing I did here was actually getting the software. I did a manual download/installation rather than relying on my machine’s package manager, because I didn’t want to have to build possibly outdated versions from the AUR that may overwrite whatever changes I made after an update. Links to download both SeaMonkey and I2P are below.
Download SeaMonkey → https://www.seamonkey-project.org/releases/
Download I2P → https://geti2p.net/en/download
Like I said before, I2P hidden services aren’t all websites, but that is a large part of them, so configuring SeaMonkey’s browser was going to be necessary.
Configuring the browser is pretty straightforward. The process for SeaMonkey is more-or-less the same as the process for Firefox, the only difference being the location of where the changes needed to be made. In SeaMonkey, the Preferences are in the Edit menu, and the proxy settings will be in Proxies under the Advanced section.
And once that’s configured (and once I2P is running) the router homepage can be found here: http://127.0.0.1:7657
I will admit that it has been a bit painful when I have to run updates for SeaMonkey, as I’ve had to temporarily disable the proxy. Updates to I2P, however, are done entirely within I2P! Via torrents!
I love torrents.
Thanks to the mysterious and venerable postman, getting an I2P email address is super easy. And it works like any other email address; messages can be sent to whoever! And that ain’t just limited to other folks with I2P email addresses. It works Clearnet-to-I2P (and vice versa) as well!
I don’t really make use of the email service, because I’d really only be sending encrypted emails talking about encryption (relevant xkcd), but it’s still a useful tool for folks that need it. And by default, I2P actually has a pre-configured browser-integrated mail client that works great.
But sometimes having a dedicated(-ish) mail client is good. It’s not something I need, but still, I can do it with SeaMonkey.
If you can set up a mail client for a normal email account then you can do the same for an I2P mail account. Only POP3 works though, so that’s what I had to use; no IMAP. Also, I didn’t have to select any encryption/connection security settings because all packets being sent through I2P are encrypted anyways.
I used 127.0.0.1
as the host for both POP and SMTP over ports 7660
and 7659
respectively (as mentioned in I2P’s list of used ports). By default, these ports are tunneled to/from the mail service that postman runs, but if I wanted to use another service I can change them in the I2P tunnel settings.
I was able to configure the IRC client, Chatzilla, pretty quickly as well. It was just the matter of adding a network named irc2p
, and then adding a server under that network, with the actual “server” being 127.0.0.1
and the port being 6668
.
And again, no encryption/connection security settings were necessary here either because everything’s encrypted anyways.
I2P has some documentation on configuring other IRC clients that’s definitely worth a read.
Like the email service, the mentioned port (6668
) is also set to tunnel to/from the a service run by postman, but I can always change this if I want (same way as the email stuff).
Since I did a manual install of both SeaMonkey and I2P, I had to do some manual work to actually set up a shortcut. I installed both pieces of software in the same directory (i2p-browser
) and then wrote a bash script to, first, start the I2P router (in headless mode) and, then, start SeaMonkey. After SeaMonkey exits, I then stop the router.
#!/bin/bash
/path/to/my/i2p-browser/i2p/i2prouter start && wait
/path/to/my/i2p-browser/seamonkey/seamonkey && wait
/path/to/my/i2p-browser/i2p/i2prouter stop
I then created a .desktop
file to point at this script, and stuck it where all of those custom .desktop
files go in GNOME (~/.local/share/applications/
). That way a shortcut will be in my applications menu, and I can start the whole thing with one click.
[Desktop Entry]
Type=Application
Name=i2p Browser
Comment=
Categories=Network;WebBrowser;Security;
Exec=bash /path/to/my/i2p-browser/i2p_browser_start.sh
Icon=/path/to/my/i2p-browser/i2p/docs/console.ico
Yeah, I use GNOME. Fight me.
By default, when I2P starts, it will open the router console in the default browser. Since I didn’t want this, and wanted to use SeaMonkey, I unchecked that settings in the router config.
A web browser, mail client, and IRC client. That pretty much covers everything that’s part of SeaMonkey. And once it’s all configured, it’s on to browsing the invisible internet.
But what about torrents? I’ve mentioned torrents a few times here. How am I going to start using those? Well I could try configuring my normal torrent client, Deluge, to proxy traffic through I2P using a SAM Bridge and…
I2P actually includes, by default, a browser-accessible torrent client called I2PSnark! And, because of how I2P works, it’s totally anonymous! Since, like, everything is encrypted. And also I2P is a darknet.
I2P has plenty of other cool features that I really need to explore, like anonymous git
hosting. Maybe after I play around with (finally) setting up my own hidden service on I2P (they’re called eepsites) like I did with Tor I can finally do that.
Read more of this story at Slashdot.
Britta Eder’s list of phone contacts is full of people the German state considers to be criminals. As a defense lawyer in Hamburg, her client list includes anti-fascists, people who campaign against nuclear power, and members of the PKK, a banned militant Kurdish nationalist organization.
For her clients’ sake, she’s used to being cautious on the phone. “When I talk on the phone I always think, maybe I'm not alone,” she says. That self-consciousness even extends to phone calls with her mother.
Read more of this story at Slashdot.
Each day, 50,000 people enter Disney’s theme parks, along with their phones, purchases, locations, and photos. What happens to the data?
The post Data Free Disney appeared first on Public Books.
A major independent flight tracking platform, which has made enemies of the Saudi royal family and Elon Musk, has been sold to a subsidiary of a private equity firm. And its users are furious.
ADS-B Exchange has made headlines in recent months for, as AFP put it, irking “billionaires and baddies.” But in a Wednesday morning press release, aviation intelligence firm Jetnet announced it had acquired the scrappy open source operation for an undisclosed sum.