#cognitive security

There are mental health data brokers, this is the reality.

Your health data is out there. This isn’t a maybe. It’s been confirmed by researchers who have themselves dealt with data brokers. This has been known for awhile.

Data Brokers and the Sale of Americans’ Mental Health Data. The Exchange of Our Most Sensitive Data and What It Means for Personal Privacy. By: Joanne Kim, February 2023, Duke Sanford Cyber Policy Program Data broker 4 advertised highly sensitive mental health data to the author, including names and postal addresses of individuals with depression, bipolar disorder, anxiety issues, panic disorder, cancer, PTSD, OCD, and personality disorder, as well as individuals who have had strokes and data on those people’s races and ethnicities. Two data brokers, data broker 6 and data broker 9, mentioned nondisclosure agreements (NDAs) in their communications, and data broker 9 indicated that signing an NDA was a prerequisite for obtaining access to information on the data it sells.

I’ve mentioned this before but I feel like this is worth highlighting specifically because I heard someone on a podcast recently pondering whether if even healthcare information is out there. And yes, it absolutely is out there — being bought and sold — it’s out there.

Strangely it’s illegal for healthcare companies to disclose healthcare data without permission, and it’s illegal for them to sell it, it’s illegal to steal healthcare data — but it’s apparently not illegal to buy and sell already stolen healthcare data.

Your Mental Health Data Is Being Sold—and It’s Legal — Healthline — Mar 10, 2023 —Written By Cathy Cassata Edited By Cathy Cassata Fact Checked By Dana K. Cassell While it seems that the Health Insurance Portability and Accountability Act of 1996 (HIPAA) should protect people against this type of invasion, it doesn’t. “Just because ‘privacy’ is in the name, it’s wrong to think of it as a law that keeps data private,” said Gilmore. “[Data] brokers are not regulated entities under HIPAA. There is not a law that regulates data brokers. If they collect and purchase health information about people, they can do with it what they want.” HIPAA has no impact on private use of information that is voluntarily handed over in commercial transactions or other sources, he added. The U.S. Department of Health and Human Services states that HIPAA applies to health plans, healthcare clearinghouses, and healthcare providers who conduct certain healthcare transactions electronically.

I’m not even clear on if there’s a law that stops the tech companies working for the healthcare companies, from selling the data. I don’t know if the HIPAA considers a tech company to be covered under this at all. One might assume the healthcare companies that employ tech companies would hold them to some kind of NDA (Non Disclosure Agreement), but I wouldn’t even count on that. It seems like companies are more likely to have NDAs to coverup lawbreaking, thwart whistleblowers, and hide gross sexual misconduct, and not so much to protect the interests of the people the business supposedly serves. For example, the data brokers selling the data require the data buyers to sign NDAs. It sure sounds like getting the data might reveal the means by which they came by the data and they are treating that knowledge as “proprietary” perhaps. It’s very obviously likely that much of this data has been retrieved via unlawful data breaches, so I imagine data brokers might want to guard against any evidence of crime in the chain of custody getting out. I’m not sure if selling stolen data would be covered by stolen property law, but at a minimum I imagine it would likely bring upon them unwanted scrutiny.

Even if the healthcare systems and tech companies that handle their computer systems aren’t selling the data, or voluntarily handing it over to anyone, they aren’t exactly very careful with the data when it comes to cybersecurity. I have had multiple notifications of my personal information being accessed in healthcare system cyber breaches across multiple healthcare systems in 2 different countries. A lot of people I know have said they’ve received these letters too, so it sure seems common.

So I assume all my healthcare data, including mental healthcare data, is available and may be used at any time for reasons ranging from target marketing to nefarious attacks.

The U.S. is actually pretty notorious in having little in the way of data privacy law. It’s apparently assumed that Americans culturally like our data being used against us for commercial purposes, and in fact that our culture is that Americans think commercial interests are of higher importance than any right to privacy.

EU vs US: What Are the Differences Between Their Data Privacy Laws? Posted by Cristina Pop November 15, 2023 — Endpoint Protector by CoSoSys In contrast, the US has traditionally taken a more hands-off approach that favors the companies that collect and use personal data. The use of personal data for commercial purposes exceeds the importance of data privacy. Recent years have seen the mindset somewhat shifting towards better protecting individuals as data breaches continue to cause havoc, but the underlying cultural differences will take more time to dissolve and bring the US in fuller alignment with the EU’s mindset and laws.

If you’re an American that doesn’t agree with that assessment, perhaps it’s time for you to speak up. Because it doesn’t have to be this way.

“In developing regulations the EPA was directed to weigh only one concern: public health. The costs to industry were explicitly deemed irrelevant.” — Jane Mayer, Dark Money. January 2016

My postcard to Scranton Joe:

Writing Letters to Elected Representatives, a guide Letters to politicians are some of the easiest and most effective actions many neglect. CHLOE HUMBERT JAN 24, 2023

The Internet of Fakes — PR Tactics, Troll Farms, Sock Puppets, Botnets, Influencers, Operatives, & Chaos Agents. A collection of evidence of persuasion, advertising, sales, target marketing, propaganda, agent provocateurs, and cognitive warfare - the true reality of the media landscape. CHLOE HUMBERT SEP 14, 2023

Cognitive Security Market Trends, Size Estimation, Regional Insights, Future Growth by 2032

The latest report published by insightSLICE shows that the Cognitive Security Market is likely to gather a great pace in the coming years. Analysts examined drivers, restraints, risks and openings in the global industry. The Cognitive Security report shows the likely direction of the industry in the coming years as well as its estimates. A close study aims to understand the market price. By…

Cognitive Security Market Size, Cost Structures, Growth Rate and Forecast to 2031

  insightSLICE offers overarching research and analysis-based study on, “Global Cognitive Security Market 2021-2031 the research report explores the analysis of historical data along with size, share, growth, demand, and revenue of the Cognitive Security and estimates the future trend of the market on the basis of this detailed study. The study shares market performance both in terms of volume…

Cognitive Security Market Challenges, Business Overview and Forecast Research Study 2031

The most recent research report on Cognitive Security Market 2021 published by insightSLICE begins with the market description, official report, segmentation, and classification. The report offers a comprehensive analysis of the market so that perusers can be guided on future opportunities and high-profit ranges within the industry. With this study, you can expect a perfect mix of qualitative and…

Battling Disinformation With A Cognitive Security Proving Ground

(monsitj/Getty Images) “C4ISRNET” By Brian M. Pierce “The exponential expansion of the internet, which has boosted our productivity to incredible heights, also has opened avenues for wrongdoers to try to influence us and imperil our cognitive security at extraordinary scale and speed. Thus, cognitive security is about providing assurance in the form of strong tools and techniques to detect,…