Privacy As Dignity
Data privacy is usually framed as a war against snoopers and hackers. But the partnership between HOPR and Sedimentum shows that most data privacy work isn’t a battlefield, it’s a collaborative effort between different fields trying to preserve the privacy and dignity of society’s most vulnerable — people like our kids, the elderly, and those suffering from physical and mental ill-health.
Today we announce our partnership with Sedimentum, ensuring metadata privacy in the MedTech industry. Read the announcement here.
HOPR And Sedimentum: Bringing Metadata Privacy (And Dignity) To MedTech
We all agree it’s sometimes necessary to compromise the privacy of certain members of society, for their safety or for ours. Children aren’t generally given the free reign adults are. The elderly or people in physical or mental ill-health often require supervision from healthcare staff.
This doesn’t fit the usual narratives around data privacy, of shadowy government agents, sinister hackers or unscrupulous corporations. This is privacy in the sense of dignity, of not having unnecessary intrusion, arguably the sense in which we all used to talk about privacy, before the Internet took over.
In the case of healthcare, the problem is clear: some people need supervision, but no-one wants to be monitored 24/7. It’s unpleasant for clients and wasteful for staff, who won’t be needed 99.9% of the time. This is a particularly pressing problem for the many developed countries faced with an aging population and limited care sector staff.
Ideally, staff will only intervene in an emergency, such as a fall or cardiac arrest. Otherwise, they can leave the client in private. But how do we know to trigger an emergency response? Sometimes clients can request help for themselves, but often this isn’t possible. The only solution is to monitor in some way. The problem, then, is to do this in a way that preserves as much privacy as possible.
Sedimentum, an award-winning Swiss med-tech company, is solving precisely this problem. Sedimentum’s sensor devices use machine learning to monitor a person’s health status and only alert staff when an anomaly is detected. Sedimentum’s devices attach to the ceiling like a smoke detector, and a suite of sensors within the device measures parameters like ambient room conditions and the occupant’s status in a fully contactless manner.
Sedimentum gathers all this data and then uses artificial intelligence to generate a model for a client’s normal behaviours. Any sensor reading which deviates too far from this baseline will trigger an alert and staff can respond appropriately. For example, the software uses anomalous data on the occupant’s location and orientation to detect falls. Machine learning and direct input from healthcare professionals can help tune the model, so as time goes on the analysis becomes even more accurate and fewer interventions should be needed. This is all achieved without needing cameras or direct visual monitoring: a crucial factor in making people feel comfortable and even in the effectiveness of certain treatments.
Under The Hood
Sedimentum’s devices are a great solution to maximize privacy and dignity, but the reality of processing complex sensor data introduces a new problem: secure and private data transmission.
Machine learning is a resource-intensive beast. There’s no way your sensors and your machine learning software can be installed in the same device. In theory the answer is simple: you have all your low-powered sensors out in the world, and you gather all their data for analysis in the cloud.
But now, as Sedimentum discovered, you’ve now got a whole new privacy problem: you have to get the data from your sensors to your cloud servers for analysis. And if the software detects a problem, you have to transmit that from the cloud back to the professionals who can then take whatever action is necessary. All of this happens over the Internet. And while you can encrypt all that data (which Sedimentum definitely does!), you’re still leaking all kinds of metadata — information about the data you’re transmitting — which in this case will often be more telling than the data itself.
The Metadata Problem
This is a really clear illustration of the metadata problem. When people think about protecting data, they usually think about complex data like private messages or credit card details. Instances where you’ve got a few transmissions of relatively complex and potentially valuable data. With sensor data, you have the opposite: sensors transmit frequently, and the data they transmit is actually pretty mundane. Imagine a wearable heart rate monitor. That might transmit once every thirty seconds, and it will probably say something like [#AnonymizedClientID / Heart Rate]. That’s useless data in isolation, and not worth trying to access, even if it wasn’t encrypted (which of course it will be!).
But now consider the metadata associated with that device. We can see that it’s transmitting a very small amount of data, extremely regularly, so it’s almost certainly a device and not a human. From the route the data travels we can see where it’s transmitting from, and where it’s transmitting to: the Sedimentum servers. So now we can deduce that there’s a device at this location linked to Sedimentum, which means a vulnerable person likely lives there. And that’s just after the most superficial of analysis!
Of course, the law recognizes the danger of this. Which is why regulation requires companies to protect their clients’ sensitive and identifying data. But regulating for a problem isn’t the same as providing a solution, so that doesn’t help Sedimentum or the thousands of other med-tech companies who just want to help healthcare professionals and their clients, or people who just want to receive and provide care with as much dignity and privacy as possible! If they don’t feel they can be compliant, healthcare providers often feel compelled to revert to a more invasive approach. They can’t risk the liability.
Metadata Privacy with HOPR
Thankfully, HOPR is designed for exactly this kind of problem. With HOPR, both the data and the metadata are protected, which means it’s impossible for anyone on the outside to glean this kind of information when Sedimentum sensors transmit back to the cloud servers and vice versa.
The decentralized HOPR mixnet relays data via a series of “hops”, mixing the data at each stage so every data packet is indistinguishable from every other one. In this way, it’s impossible to see who is sending or receiving data, what they’re sending, or even how much.
Watch our Video for a quick summary:
With HOPR, everyone is happy: Sedimentum gets to provide their innovative sensor-based solution in full compliance with privacy regulation. Staff need to intervene less, which in turn reduces costs for healthcare facilities. Most importantly of all, clients have minimal disruption to their privacy and dignity. As so often happens, the right thing to do is often the most efficient, compliant and cost-effective. It just requires a bit of ingenuity to find it.
Sedimentum provides a really clear case for why HOPR and similar technologies are so essential, but it’s hardly an isolated one. As the Internet of Things reaches maturity with companies like Sedimentum, with millions or billions of devices all communicating with each other, we can’t afford to neglect metadata privacy. And once we get mass-adoption of these decentralized private solutions, all those villains we currently give too much attention to — the hackers and the unscrupulous giant platforms — will be automatically countered at the same time. When it comes down to it, most real-world privacy issues fall into this category: everyone working together to reach a solution which preserves privacy as much as possible.
Rik Krieger
Co-Founder HOPR
