How do I compellingly advocate for my privacy with doctors and other healthcare professionals?

TL;DR: What are the best arguments to make healthcare professionals care about privacy? Would it be insensitive to use Carissa Véliz’ Holocaust example if I know my doctor is Jewish?

Two months ago I had an appointment with a dermatologist who uses a Gmail address for her practice. She also uses WhatsApp. It was my first time seeing her, so I had to fill out some forms, and I noticed that there was no mention of their privacy policy in them.

Ever since I read Carissa Véliz’s Privacy is Power (2020), I have consistently followed her advice by asking every organization that handles my data what their privacy practices are.

And even though I live in a country where there are data privacy laws, I have found that no one is able to clearly answer that question. All they do is cite the law. You’re protected by GDPR/California Consumer Privacy Act (CCPA)/Local Data Protection Law. But they are unable to go into the details. They are unable to discuss their own privacy practices, which is unacceptable.

HEALTHCARE WORKERS DON’T CARE

I inquired of my doctor’s receptionist about their privacy policy, and that’s exactly what she did. She simply cited the law and said that I can rest assured I have doctor/patient confidentiality, even though none of the forms mention anything about it.

I explained to the receptionist that I didn’t want my medical history shared with third parties. She assured me that it wasn’t, which is when I pointed out that they use Gmail. She didn’t seem to understand, so I had to spell it out to her, and she replied that she/they (the practice) had nothing to hide from Google.

I tried to impress upon her the importance of data privacy by mentioning that Google is an advertising company that makes money from people’s data, but I failed to make her understand.

I didn’t have the best examples off the top of my head. I could have mentioned chat control or the fact that many European governments are moving away from Microsoft and other American companies because of the spying, but I didn’t.

WHAT SHOULD I SAY AT THE NEXT NEXT APPOINTMENT?

When I got home, I thought of another example I could have used illustrating how privacy protects people and saves lives, and it’s the one Carissa Veliz mentioned in both her book and TED Talk. I could have mentioned the fact that during WWII, France was able to save more Jewish lives than the Netherlands, because the latter had a policy of collecting as much data as possible from their citizens from the cradle to the grave.

I have another appointment coming up next month.

1) Would it be insensitive for me to use this example with the knowledge that both my doctor and her receptionist are Jewish?

2) If not, what are the best examples a healthcare worker would care about?

It needs to be easy to understand and compelling. If you have healthcare examples of breaches or mishandling of data, perhaps even involving Google, please let me know. I can’t go into a long tirade because most people don’t care to listen. I need to make a big impact fast.

HEALTHCARE WORKERS DON’T HAVE TO CARE

Even though it doesn’t guarantee quality of care, when I look for a doctor online, I am more compelled to choose one who has their own website, on which I can also see their face and what they’re about. The dermatologist I went to see didn’t have either. I picked her, partly because she had good reviews and had the earliest availability. She was not my first choice.

When I suggested to my dermatologist’s receptionist that they should have a website, not just for security so they can avoid Gmail, but to be easier to find, she replied that they didn’t need to because they are already swamped. And there’s the rub.

Most doctors are overflowing with patients and do not need any marketing to get more. Which means that if a privacy-conscious patient such as myself has reservations about their poor practices, they don’t have to care, because I need them more than they need me. They’d be happy to let me go somewhere else because I’m in an infinitesimal minority. The problem is most doctors are in this asymmetrical position where they have the advantage.

IS PUNISHMENT THE ONLY WAY TO MAKE THEM CARE?

It would seem that punishment is the only way to compel healthcare practitioners to do the right thing, and that’s only if data protection agencies actually care to reprimand them.

Although I could be wrong, I strongly suspect that if data protection agencies realize that many healthcare practitioners use Gmail and WhatsApp to handle patient data, they won’t be willing to severely fine them. My guess is, at best, they would offer them an opportunity to correct the matter, which could also take too long.

3) Does anyone actually know healthcare workers who use Signal for their practice?

Why aren’t there any?

I am only going to answer your title question, nothing else.

You advocate for your privacy by revoking access/permissions and walking away, you do not need confirmation or external validation from anyone else to respect your values.

I hear you, but that may not be an option depending on where you live. Even if there are many doctors in your location, if most of them use Gmail or don’t respect your privacy in other ways, you still have to get your healthcare from them.

I understand that there are ways to combat this by sending encrypted emails with Proton and using E2EE cloud services when sending files, but if they have to initiate contact with you, they can’t use encrypted email. And if you remind them to use an E2EE cloud service, they may forget. And even if they do remember, using Gmail and WhatsApp for a medical practice is irresponsible, yet many do.

I am sure that some people can be converted, but I’m not sure what the best way is.

Well if we think about mass perceptive shifts in recent history, they typically involve network effects being threatened, so it would likely take tools not reliably working due to downtime, or governments cracking down on external influences from other countries.

Any business using Gmail is just lazy and should be avoided. I don’t think you can convince them otherwise, unfortunately.

So you wouldn’t even try? Why do you think they can’t be convinced?

The whole point of the privacy community is to raise awareness about privacy issues, and hence convert others.

When I try to convince my colleagues, I try to emphasize the benefits and risks. Risks: A service with poor privacy or security can result in broken confidentiality for patient-doctor relationships. This poses a risk for expensive fines from authorities and also single patients may sue you in the future.
Benefits: Choosing the right tools makes the doctor’s practice less vulnerable from big companies changing their terms of service. Often you find better paid services in comparison to (free/paid) data-driven services. Using adequate services makes one also looking more professional to patients.

yes.

It’s better to keep quiet in such situations. You might be misunderstood and referred to a psychiatrist.

This is the unfortunate side-effect of pursuing institutional reform alone. It’s not enough to change public or cultural perception. More needs to be done, but I have no idea what.

I happen to care about privacy, so if a patient asks about my workplace’s privacy practices, I can quite easily explain to them what they are.

But if they ask me about, for example, our environmental ethics, I would be clueless even though our workplace does have environmental practices in place.

Thanks. This is useful, but I don’t think it would be enough. If they’ve never experienced any issues with using Gmail and WhatsApp, and don’t know anyone in healthcare who has either, I don’t think they would be motivated.

The reality is this. When it comes to consent, you shouldn’t have to explain yourself. If you don’t want to have sex, you don’t need to give an explanation. It should be the same with privacy. However, because of the current privacy-invasive status quo and the fact that most people do not say no, I will have to justify myself.

I will contact my local data protection authority, but I don’t think it will make much of a difference.

Thank you for your feedback. I really appreciate it.

Would it make a difference if I were Jewish?

I personally don’t think I should have to disclose my background to make people relate to me more, because I am not of the belief that just because you have something in common with someone, you will bond over it.

Also, when Carissa Véliz used this example, she didn’t know if her audience was Jewish or not. However, statistically, some of them must have been. If I knew my doctor was not Jewish, I would still want to use this example, because to me, it’s a compelling one regardless of who you are talking to. This means that if I didn’t know anything about my doctor’s background, I would use this example, with the understanding that they might be Jewish.

I’m only having reservations because I know for a fact that my doctor is Jewish.

I don’t understand why you’re saying that.

Why should I stay silent and not advocate for myself?
Why should I comply with surveillance capitalism?

I hear you, but I would imagine that healthcare workers, as well as people who work in law (lawyers, paralegals, admins at law firms, etc.), would have had some training when it comes to confidentiality, even before the internet came along and definitely after.

And these are the professions where confidentiality is super important. But even outside those professions, because the internet is so ubiquitous, privacy is something every company has had to have in mind. There were privacy laws before the internet, after all.

There’s your key mistaken assumption: that using Gmail or WhatsApp would automatically give a data protection agency cause to act.

“I don’t like Google or Facebook” is not a bullet point in privacy law. A patient can object, ask for another communication method, complain to a regulator, or go elsewhere. But that is different from showing the clinic is doing something unlawful.

I also think it’s worth being realistic about leverage here. You can control what channels you personally agree to use. You cannot force a clinic to redesign its systems just because you dislike the vendors involved.

If doctor-patient confidentiality prevents you from sharing information with third parties without your patient’s consent, aren’t you violating it by using WhatsApp and Gmail?
And this applies to any organization. Not just healthcare workers and lawyers.

Moreover, if I request to be contacted via Signal, I suspect my doctor won’t agree to download a new app just for me. They could argue that it messes up their workflow.

Yes. But we could end up in a stalemate if I refuse to use WhatsApp or accept emails from Gmail.

I am not talking about an entire clinic, but a single doctor’s practice.
From my experience, it is usually single practices that use Gmail. Where I am, most doctors in a hospital or clinic have their own practice. There is no clinic or hospital email provider. In the same hospital, you could have one doctor who uses Gmail and another who has their own private domain.

I don’t think it’s unachievable to push for a policy that demands that doctors and businesses don’t use Gmail. It’s my understanding that in the US, by law, a doctor can only use Gmail, if it’s a business google account. Only then do they have some form of protection.

Gmail is HIPAA compliant, and can be used to receive, store, or send Protected Health Information (PHI) when Google’s email service is used as part of an Enterprise Workspace Plan supported by a Business Associate Addendum to the Workspace Terms of Service.

I don’t live in the US, but even if I did, my doctor doesn’t have a Google Enterprise account.

It makes life quite difficult if you take a hard line against anyone that doesn’t meet your privacy threshold. Instead of taking an all or nothing approach, it would be more realistic if you would be somewhere in between. Compromise with your doctor’s office on Gmail and Whatsapp, but be vigilant against the direct sharing of your health data. You can also request that AI not be used for the transcription of your appointments (something I’ve noticed with my doctors).

Privacy is about small wins.

Sure, but that is the most persistent method to making any progress in your situation, when everyone else is already captured by third-party platforms due to the network effect and have no intention of leaving them.

I’m not sure that a holocaust/war analogy is really the right way to go with persuading your point of view. I know there are wars going on right now but I think that for most people wars happen elsewhere and are not expected “here”. Therefore people are not expecting to shield themselves imminently from their effects.

Big tech companies seem to be regularly fined huge sums for law violations. Citing some of these examples could be more effective as they are currently happening and the sums of money involved might make people take note.

I hear you, but it’s not just about my privacy standards, and I would argue that in this case it’s not primarily about them either. It’s about the law and the confidentiality rules of medical practice. If the law and privacy policy of a practice say they are not allowed to share data with third parties without consent, then it’s only fair that I should confront them with their contradictions.

If a restaurant has a smart dress code that is written on their website and a huge sign in front of their venue, but I see multiple tables with people dressed in casual sportswear and beachwear, then it’s only fair to call the restaurant out for this contradiction and violation of their own policy.

I hear you too on compromise. But as I previously said, I am concerned about my doctor being unwilling to meet me there or forgetting to meet me there because I am the only one of their patients that has a separate unique protocol for communication.

Here’s what compromise would look like to me:

1. WhatsApp chats will self-destruct.

This is easy for me to implement. In fact, it’s easy to implement without the other party noticing. Because I am the one doing it, I will remember to keep a record of our communication via screenshots, but my doctor will likely have no record of it because they will probably not notice I enabled disappearing messages.

I have done it many times with businesses, but I do admit that with doctors and certain businesses, I hesitate to enable it, for fear that it could upset them. First, because they wouldn’t know that I kept a record of our communication unless something went wrong and I had to use it. Secondly, even though all parties get notified when disappearing messages are enabled, they might not be paying close attention and could feel like I tricked them when I didn’t.

2. Only email me if it’s a response to an E2EE email I sent you.

This means that I will always email you first via a password-protected E2EE email from Proton Mail. And all your emails need to be an E2EE encrypted response to my emails.
This also means that my doctor will have no permanent record of email exchanges because they expire after 30 days. It also means that if my doctor needs to email me over a month after I emailed them, they cannot do it because the email won’t be E2EE.

I could easily imagine doctors being annoyed by this.

3. Send files only via password-protected E2EE cloud services like Tresorit

That means never send me files directly as attachments. Not via WhatsApp. Not via email.

I could easily imagine doctors being annoyed by this too.

1) Do you think my terms for a compromise are reasonable?
2) And do you think a doctor and their receptionist would accept them?

Yes, I have done that before with another doctor, and I am still waiting to hear back from her.
And again, maybe I am too skeptical, but I am not convinced a doctor who uses AI transcription for every patient will be willing to abstain for one patient. That doesn’t mean it’s not worth trying, though.

You’re right. The only way people are going to learn that this is an important issue is if they start hearing no. But I also understand that if I am in a tiny minority, it’s likely not going to make a difference. If I have alternatives, as in, the option of good doctors who respect my privacy, I can make peace with the idea that I’m not making waves with my refusal to comply with surveillance. But when most doctors operate this way in some form, you have to find a way to make noise.

The last time I said no and then reluctantly agreed to surveillance, my doctor refused to see me. Technically, they weren’t my doctor yet, because this was going to be our first appointment, but you get the point.

That being said, I’m not going to stop. I just have to be careful to not get a bad reputation that follows me around every time I see a new doctor.

I think your opinion is fair, but I do wonder, why did this never come up when Carissa Véliz released Privacy is Power (2020), or when she made her TED Talk, or every time she brought it up on a podcast?

I don’t think this is universal. In fact, I believe it is quite common for many doctors to have had patients who come from war-torn countries or countries with other major crises, whether it’s climate change, drug cartels, etc. I also believe many, if not most, doctors have had patients who have suffered major emotional and/or physical traumas. There are also many Western examples of privacy breaches that have caused trauma.

If you have never been arrested, you would likely be traumatized by it if it happened to you, regardless of if you were arrested wrongly or rightly. I certainly would. Same if you were robbed at gun/knife point. Millions of people all over the world have experienced trauma, and I have little doubt that most doctors have had patients who’ve gone through trauma too.

This is not a bad idea. But again, I suspect that as long as they don’t personally know someone this happened to, it’s not going to move them. And even then, it’s not a guarantee.

Almost there, the only way people are going to learn that this is an important issue is if it affects them. This logic applies to you, me, and everyone else. The only difference is what each of us does, I chose to boycott/exit because I do not need to ask anyone for permission to leave.

I think your opinion is fair, but I do wonder, why did this never come up when Carissa Véliz released Privacy is Power (2020), or when she made her TED Talk, or every time she brought it up on a podcast?

I would say that when someone reads Veliz’s book or watches her Ted talk, they are expecting to hear from an expert who specializes in matters concerning privacy. An expectation of extreme examples would be completely normal to these audiences. Your “audience” will have much more mundane matters on their mind and I would say that ‘nudging’ would be more effective than ‘shocking’ as an opener.

This is not a bad idea. But again, I suspect that as long as they don’t personally know someone this happened to, it’s not going to move them. And even then, it’s not a guarantee.

Perhaps it doesn’t have to be exactly personal as it adds to your point that sharing with Google by using gmail contradicts own privacy policy “look at what happens when Google scans everything. I don’t want data from my private interactions with medical professionals to be sold to advertisers or used to train their AI. They are repeatedly being fined for law violations”.