The Journal makes Nielsen's spying sound sinister: Its BuzzMetrics and NM Incite units opened up three personal accounts at PatientsLikeMe and then lurked in chatrooms and on bulletin boards, copying (or "scraping") everything it found and selling the data to its unnamed clients. PatientsLikeMe sent Nielsen a cease-and-desist letter. NM Incite CEO Dave Hudson sounds like a peeping tom who got caught crouching at the window sill:
"It was a bad legacy practice that we don't do anymore," says Dave Hudson, who in June took over as chief executive of the Nielsen unit that scraped PatientsLikeMe in May. "It's something that we decided is not acceptable, and we stopped."Bad Nielsen! Slap on wrist and go stand in the corner! What the article doesn't make clear is that PatientsLikeMe makes its money by persuading patients to give up the kind of private data that once rested securely in a locked filing cabinet in your doctor's office but that is increasingly making its way online. PatientsLikeMe is quite open about this: It actually says "Share your health data" on its homepage. Here's how PatientsLikeMe says it makes money:
We take the information patients share about their experience with the disease, and sell it in a de-identified, aggregated and individual format to our partners (i.e., companies that are developing or selling products to patients).Clearly, its clients are drug companies who want to know what patients say about their drugs when they're not around. Here's what type of data PatientsLikeMe scrapes from its own site for its clients:
- Condition/disease information, including diagnosis date, first symptom information, and family history
- Treatment regimens, including treatment start dates, stop dates, dosages, and side effects
- Symptoms experienced, including severity and duration
- Laboratory results (e.g. CD-4 count, Viral Load)
- Biographical information, including photo, bio, gender, age, location (city, state & country), and general notes
- Genetic information, including information on individual genes and/or entire genetic scans
PatientsLikeMe chairman Jamie Heywood told the Journal he's shocked -- shocked! -- that Nielsen would try to do exactly what he's already doing:
We're a business, and the reality is that someone came in and stole from us.That in a nutshell is the real issue here: There was no privacy violation. Rather, Nielsen found a way to extract PatientsLikeMe's data without paying PatientsLikeMe to do so.
There are lots of privacy scandals in the drug business -- such as the impending national database of flu sufferers, Amgen's medical record fishing expeditions, and prescription data mining -- but this isn't one of them.
Disclosure: The author was an employee of a different unit of Nielsen until 2007.
*Correction: PeekYou doesn't collect passwords. My bad! It collects the type of information that's commonly found on the web not private information. PeekYou also says it does not sell birthdate information, although it plainly collects that information.
- Why Do Police Want a Centralized Database of Flu Sufferers?
- Your Medical Records: Soon to be Held for Ransom by a Chip-Implant Maker
- Are Amgen Sales Reps Looking At Your Medical Records?
- Wyeth v. Levine's Unintended Consequences: Prescription Data-Mining Banned in Vermont