Monday, August 1, 2016

Cyberwar, what is it good for?

Some wars are supposed to last forever. Lyndon B. Johnson started a war on poverty. Richard Nixon kicked off a war on drugs. Ronald Reagan initiated a war on terror. Poverty, drug use and terror are booming. It’s time to launch another good ol’ war. Let’s make it relevant, cool, hip and infinite. So how about a 21st century war on Cybertheft?  This may sound trifle by comparison to those other wars, but wars are rarely about the actual title we bestow upon them. The war on terror evolved into a war on people living under secular dictators, the war on poverty ended up being a war on poor people, and the war on drugs became a war on black people. The war on Cybertheft will be the war on all people everywhere.

The war on Cybertheft has been simmering since the banks decided to do business online. The threat of “identity theft” should have been a monumentally mobilizing battle cry. But it wasn’t. Oh sure, it spawned a bunch of fear inducing exposés and some mildly successful businesses, but all in all, it failed to generate the zombie apocalypse panic it was supposed to trigger. Luckily, our wise leaders decided to put all our medical information on the Internet. It’s one thing for a Romanian hacker to gain access to your checking account balance, and quite another if Marcel is suddenly able to peruse your history of vaginal yeast infections. It makes no sense really, but the latter seems like an unbearable and humiliating violation of who you are. Wars have been launched for much less than that.

Let me give you an example that is splashed all over the news lately. A nondescript bunch of hackers broke into Democratic Party servers, stole all sorts of documents and emails and provided them to WikiLeaks for publication. This incident proved to be an embarrassment for the global money cartel behind our democratic curtain, and at the same time a great opportunity to score some cheap points in this weird election while stoking the fires of war. Within 24 hours, and with ample assist from corporate media tools, the conversation moved from corrupt, political machinations to an alternate universe where the Kremlin is colluding with insurgents to overthrow the rightful rulers of America. Terrifying stuff.

Back to medical records. There is a major, and very public, wringing of hands in policy and technology circles on how to safeguard the privacy and security of computerized medical records. Huge health care databases seem to get hacked almost on a daily basis. Shady hackers are advertising stolen medical records for sale on the “dark” web. The term “ransomware” is entering the health care vernacular (i.e. hackers asking health related entities to pay for keeping security breaches secret). Some experts say that thieves engage in fraudulent billing (it is a bit unclear to me how a fraudster makes money when the hospital charges you for a fake surgery, unless the hospital is stealing its own data). Other experts are hypothesizing that medical data could be used for personal blackmail (with not one shred of evidence). Hackers are posting screenshots of EMRs saying that this is the data they “stole” (although gaining access to an EMR is not equivalent to having its data). Pretty scary stuff here too, no?

But here is what is not happening. You don’t see curated lists of famous people treated for cooties. You don’t see lists of women who had abortions or of politicians suffering from palmar hyperhidrosis. You don’t really see anything that could be due to theft of strictly medical information and the “samples” posted by hackers are about Social Security numbers, dates of birth, addresses, phone numbers, emails and all the stuff you can steal from a bank. Is this a big deal?  Maybe, but judging by the number and magnitude of security breaches in the last few years, there must be dozens upon dozens of copies of our financial data floating out there and frankly, people seem rather oblivious to the whole thing. We can’t have that. We need some pizzas, some fireworks, like they have in politics.

As I’m writing this, more Democratic Party servers are being hacked, prompting increasingly unhinged conspiracy theories to justify a reboot of the Cold War with Russia, and if we’re lucky a real war. You see, in this election we unfortunately have one candidate who didn’t get the memo outlining the benefits of a nuclear war with Russia. Blabbering about NATO’s lack of purpose and how nice it would be to get along with Putin is not moving us forward. Watching CNN or reading The New York Times or the neo-conservative rags, is like watching a train wreck in slow motion. The Cybertheft attacks on Democratic Party servers are worse than Watergate, maybe worse than Pearl Harbor or 9/11, it’s an attack on our Nation, and there should be stern consequences (did you notice the unusual patriotic rah-rah at this year’s Democratic convention?).

America, we’re under attack. We are being Cyber-attacked on our own soil. A foreign power is attempting regime change in our country by exposing the dirty electioneering of the party currently in power. The question is not how come we have banana republic electioneering. The question is how come Putin dares to point that out. We don’t know if Putin did any such thing, but the theoretical possibility that he might have, or may do so in the future, is reason enough to perhaps slap some more sanctions somewhere, or move a few tanks or submarines closer to the missile shield we just deployed in Romania (?) to protect it from Iran (?). So Annie, get your guns, because Cyberwar is just the prelude.

In health care the war on Cybertheft of essentially financial data is a front for facilitating massive trafficking in actual medical information. The government agencies in charge of health information technology are accelerating the good fight to “protect” security and privacy with its quintessential tools of building awareness, promulgating regulations and funding the creation and enforcement of more regulations. But the war on who gets to be the king cyber thief is getting a bit more interesting, and perhaps more important to humanity, than the Russia-bad-America-good games played on the global theater stage, because while the public is being distracted by the legends of “TheDarkOverlord” who is stealing and selling disconnected phone numbers, the data cartel is emptying the vaults of our collective human dignity.

It was Google that invented the idea of data “liberation” to put a progressive face on its efforts to amass and sell access to personal information. It was the disruptive innovation lobby in health care that ported the data liberation movement to health care in the hopes of lowering the barriers to entry in an exceedingly complex and saturated market. The government bought the idea lock, stock and barrel because governments love surveillance of citizens and because our government is in bed with, or in the pocket of, giant technology companies aspiring to liberate a piece of the $3 Trillion health care market. But something strange happened on the way to data without borders. The government decided to fund Precision Medicine and it awarded the biggest chunk of money to the most vocal advocates for the creative destruction of imprecise medicine.

It didn’t take long to figure out that an academic medical center, as flush with cash as it may be, is no match for Google or Apple when it comes to stealing personal information from millions of people. And it didn’t take long to figure out that data liberation is set up to work in one direction and one direction only – from everywhere, into Google, Apple and other mega-rich Silicon Valley companies.  So after years of pushing the free-market miracles of iPhone medicine and genomic tests, it’s time to demand that government declares personal information to be a “public good” confiscated at will and freely available to tech giants and researchers, because anything else would be, wait for it, racist. Yes, racist, like in discriminatory against non-white minorities. The only thing left to ponder is whether we will be destroyed quickly by external weaponry, or extinguished slowly from the inside out.

On January 17, 1961 President Dwight Eisenhower delivered his farewell address, warning the nation of what he called the military-industrial complex: “In the councils of government, we must guard against the acquisition of unwarranted influence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist.” Note the wonderful nuance when he says “sought or unsought”. Whatever arguments, apologies, explanations, justification you may be inclined to offer, that “unwarranted influence” is undeniably here. We chose not to heed Ike’s warning and have been paying in blood and treasure ever since. The balloon payment is right around the corner.

And Ike had one more lesser known warning: “For every old blackboard there are now hundreds of new electronic computers. The prospect of domination of the nation's scholars by Federal employment, project allocations, and the power of money is ever present – and is gravely to be regarded. Yet, in holding scientific research and discovery in respect, as we should, we must also be alert to the equal and opposite danger that public policy could itself become the captive of a scientific-technological elite.” He saw it clearly. He saw it coming more clearly than we, who are living in it, are seeing it today. From half a century away, Dwight Eisenhower saw the forest in which we wander, lost amongst the trees.


  1. Another President was even more prescient.

    "... Excessive partiality for one foreign nation and excessive dislike of another, cause those whom they actuate to see danger only on one side, and serve to veil and even second the arts of influence on the other. "

    George Washington

    1. Yes, and that ever tempting peril of foreign entanglements...

  2. We declared official cyberwar two weeks ago. I'm not sure your risks regarding medical identity theft are accurate.