Category Archives: AI

Just Uploaded–Big Data: Destroyer of Informed Consent (Final Text)

Posted on November 4, 2019 by Michael Froomkin

I’ve just uploaded the final text of Big Data: Destroyer of Informed Consent which is due to appear Real Soon Now in a special joint issue of the Yale Journal of Health Policy, Law, and Ethics and the Yale Journal of Law and Technology. This pre-publication version has everything the final version will have except the correct page numbers. Here’s the abstract:

The ‘Revised Common Rule’ took effect on January 21, 2019, marking the first change since 2005 to the federal regulation that governs human subjects research conducted with federal support or in federally supported institutions. The Common Rule had required informed consent before researchers could collect and use identifiable personal health information. While informed consent is far from perfect, it is and was the gold standard for data collection and use policies; the standard in the old Common Rule served an important function as the exemplar for data collection in other contexts.

Unfortunately, true informed consent seems incompatible with modern analytics and ‘Big Data’. Modern analytics hold out the promise of finding unexpected correlations in data; it follows that neither the researcher nor the subject may know what the data collected will be used to discover. In such cases, traditional informed consent in which the researcher fully and carefully explains study goals to subjects is inherently impossible. In response, the Revised Common Rule introduces a new, and less onerous, form of “broad consent” in which human subjects agree to as varied forms of data use and re-use as researchers’ lawyers can squeeze into a consent form. Broad consent paves the way for using identifiable personal health information in modern analytics. But these gains for users of modern analytics come with side-effects, not least a substantial lowering of the aspirational ceiling for other types of information collection, such as in commercial genomic testing.

Continuing improvements in data science also cause a related problem, in that data thought by experimenters to have been de-identified (and thus subject to more relaxed rules about use and re-use) sometimes proves to be re-identifiable after all. The Revised Common Rule fails to take due account of real re-identification risks, especially when DNA is collected. In particular, the Revised Common Rule contemplates storage and re-use of so-called de-identified biospecimens even though these contain DNA that might be re-identifiable with current or foreseeable technology.

Defenders of these aspects of the Revised Common Rule argue that ‘data saves lives.’ But even if that claim is as applicable as its proponents assert, the effects of the Revised Common Rule will not be limited to publicly funded health sciences, and its effects will be harmful elsewhere.

An earlier version, presented at the Yale symposium which the conference volume memorializes, engendered significant controversy — the polite form of howls of rage in a few cases — from medical professionals looking forward to working with Big Data. Since even the longer final version is shorter, and if only for that reason clearer, than much of what I write I wouldn’t be surprised if the final version causes some fuss too.

Posted in Administrative Law, AI, Science/Medicine, Writings | Comments Off on Just Uploaded–Big Data: Destroyer of Informed Consent (Final Text)

Peek Behind the Curtain

Posted on July 9, 2019 by Michael Froomkin

Photo by Nick Lockey

This essay in Forbes, Today’s Deep Learning Is Like Magic – In All The Wrong Ways, is making the blog rounds and for a good reason — it’s a quick distillation of some essential truths about “AI” aka “Deep Learning” that the public needs to hear.

Posted in AI | 5 Comments

Video of Panel on “Regulating Safety and Quality” of Medical AI

Posted on July 8, 2019 by Michael Froomkin

Recently (June 1, 2019), I participated in a conference on AI & Medicine called Machine M.D.  The organizers at the University of Ottawa have posted video from the event, so here’s Panel #1 on “Regulating Safety and Quality“.  I was the first speaker, early in the morning…

Posted in AI, Talks & Conferences | Comments Off on Video of Panel on “Regulating Safety and Quality” of Medical AI

New Paper–“Big Data: Destroyer of Informed Consent”

Posted on June 17, 2019 by Michael Froomkin

Just posted: A near-final draft of my latest paper, Big Data: Destroyer of Informed Consent. It will appear later this year in a special joint issue of the Yale Journal of Health Policy, Law, and Ethics and the Yale Journal of Law and Technology.

Here’s the tentative abstract (I hate writing abstracts):

The ‘Revised Common Rule’ took effect on January 21, 2019, marking the first change since 2005 to the federal regulation that governs human subjects research conducted with federal support or in federally supported institutions. The Common Rule had required informed consent before researchers could collect and use identifiable personal health information. While informed consent is far from perfect, it is and was the gold standard for data collection and use policies; the standard in the old Common Rule served an important function as the exemplar for data collection in other contexts.

Unfortunately, true informed consent seems incompatible with modern analytics and ‘Big Data’. Modern analytics hold out the promise of finding unexpected correlations in data; it follows that neither the researcher nor the subject may know what the data collected will be used to discover. In such cases, traditional informed consent in which the researcher fully and carefully explains study goals to subjects is inherently impossible. In response, the Revised Common Rule introduces a new, and less onerous, form of “broad consent” in which human subjects agree to as varied forms of data use and re-use as researchers’ lawyers can squeeze into a consent form. Broad consent paves the way for using identifiable personal health information in modern analytics. But these gains for users of modern analytics come with side-effects, not least a substantial lowering of the aspirational ceiling for other types of information collection, such as in commercial genomic testing.

Continuing improvements in data science also cause a related problem, in that data thought by experimenters to have been de-identified (and thus subject to more relaxed rules about use and re-use) sometimes proves to be re-identifiable after all. The Revised Common Rule fails to take due account of real re-identification risks, especially when DNA is collected. In particular, the Revised Common Rule contemplates storage and re-use of so-called de-identified biospecimins even though these contain DNA that might be re-identifiable with current or foreseeable technology.

Defenders of these aspects of the Revised Common Rule argue that ‘data saves lives’. But even if that claim is as applicable as its proponents assert, the effects of the Revised Common Rule will not be limited to publicly funded health sciences, and its effects will be harmful elsewhere.

This is my second foray into the deep waters where AI meets Health Law. Plus it’s well under 50 pages! (First foray here; somewhat longer.)

Posted in AI, Law: Privacy, Writings | Comments Off on New Paper–“Big Data: Destroyer of Informed Consent”

Florida Legalizes Fully Autonomous Vehicle Testing

Posted on June 17, 2019 by Michael Froomkin

Waymo Self-driving car
Source: Grendelkhan

Florida law now allows the testing of fully autonomous vehicles without a backup driver.

Since autonomous car tend to have trouble with bad weather–snow and sometimes rain–flat, sunny Florida would seem to be a natural testing grounds. Indeed, Ford is supposedly running or planning to run a test in Miami, although I haven’t heard of actual sightings yet. Then again, we have some of the craziest drivers in the US, which could be seen as a positive or negative, depending on what sort of torture test you want to give the AIs.

Posted in AI, Florida | Comments Off on Florida Legalizes Fully Autonomous Vehicle Testing

Machine M.D. in Ottawa

Posted on June 1, 2019 by Michael Froomkin

I’m in Ottawa today for the Machine M.D. conference.  My panel, on “Regulating Health and Safety” started at 8:30am, so now that it’s over I get to enjoy the rest of the very packed schedule.

(I’m missing the also wonderful annual Privacy Law Scholars conference to be here, an example of the difficulties in trying to write in, and keep up in, multiple areas even within technology law.)

My argument in my talk was that, contrary to a number of articles by others that are now in press, we don’t want a super-AI regulator, but rather need to find a way to strengthen the AI capacity of existing sectoral regulators like the FDA, NHTSA and many others.  The exception(s) to this general rule arise(s) only if the AI aspect of a regulatory question predominates over the sectoral — something I argue is rare, and probably limited to issues regarding access to data, to data quality, to job losses due to AI, and possibly to the regulation (or at least liability for) AI emergent behavior.

Unsurprisingly, some members of the audience, many of whom are health professionals, pushed back against the idea that when it comes to AI health really isn’t all that different from transport, finance, sentencing, or other predictive profiling applications. A polite discussion — we are after all in Canada — ensued.

Posted in AI, Talks & Conferences | Comments Off on Machine M.D. in Ottawa