SI07-001-G _Session5_ARTICLE

Health data: the StopCovid tree that

hides the Health Data Hub forest
25 May 2020, 20:12 CEST

The StopCovid project for socially 'acceptable' tracking using smartphones, initially scheduled to be
launched on 2 June, has caught everyone's attention. Apple and Google were already looking forward
to the introduction of an API (application programming interface) protocol that would be common to
many countries, thus confirming their monopoly.

But the controversy that the project has caused in France, combined with the fact that Germany has
withdrawn from the project and the failure of the application in Singapore, where only 20% of users
use it, mean that StopCovid will soon be abandoned.

"It's not ready and it will surely be slowly buried. A la française", an LREM MP told AFP on 27 April.

Meanwhile, a much broader project is continuing apace: that of the Health Data Hub (HDHub).

Health Data Hub, the forest behind the tree

1
SI07-001-G _Session5_ARTICLE

As soon as the Villani report on artificial intelligence (AI) was submitted in March 2018, the President
of the Republic announced the HDHub project. In October of the same year, a prefiguration mission
defined the features of a centralised national system bringing together all public health data, a one-
stop shop from which AI could optimise artificial recognition and personalised prediction services.

But the AI ecosystem is also preparing to take another step forward by gaining access to massive data
from hospitals, research, community medicine, connected objects, etc., and to a massive healthcare
market (prestigious and of enormous potential value insofar as it accounts for more than 12% of
GDP). France, with its health insurance system, and the UK, with its National Health Service (NHS), are
the test cases here, since consistent and reliable data has been maintained there for decades:
Amazon already has access to the NHS API to power its voice assistant, and Microsoft has already
signed up to host all French healthcare data (storage, log and directory management, computing
power and encryption key retention).

The HDHub project is proceeding at full speed

In November 2018, Stéphanie Combes was appointed project manager. By the end of 2018, the
choice of Microsoft had already been made (under a "public procurement exemption"), even though
the definition of HDHub's principles would have to wait until July 2019 (in the Health Law) and its
missions would not be defined until April 2020, by ministerial decree. Despite its discussions with
Stéphanie Combes, the CNIL still has many questions.

Other voices have expressed concern at the hasty management of the project (such as the Conseil
national des barreaux, the Ordre national des médecins and a LREM MP); groups have issued well-
argued warnings, such as the professionals at InterHop and free software companies; and some
doctors have posted videos online expressing their revolt.

Health Data Hub, a textbook case of all things digital

Getting round the tree that hides the forest means discovering the full extent of the issues raised by
'digital transformation' in society, and here in healthcare.

The political issues crystallize here around the choice of Microsoft, which Stéphanie Combes justifies
very conventionally on the grounds of urgency, without publishing the deliberations: "Microsoft was
the only one capable of meeting our demands. We preferred to move quickly, so as not to fall behind
schedule and penalise France.

This is a question of national policy, already raised in The Conversation France, since it involves having
a public asset managed by a private player, with no hope of reversibility. But it is also a political
question of European digital sovereignty, since this US player is subject to the Cloud Act, a 2018 law
that allows US judges to request access to data on servers located outside the United States.

The technical issues are revealed here in a lively debate between centralisation and interoperability
of databases. Centralisation defines "defence in depth" architectures with successive barriers, for
example in the nuclear industry; in the HDHub project, this defence is outsourced to Microsoft.

Stéphanie Combes observes that "if you want to process data on this scale, you have to centralise; it's
the only solution". On the other hand, the technical vision of interoperability architectures aims to

2
SI07-001-G _Session5_ARTICLE

"avoid putting all your eggs in one basket": on the one hand, the majority of attacks do not come
from outside but from within, with a higher risk in the case of centralisation, and on the other,
anonymity does not withstand the re-identification of a person by cross-referencing data.

This decentralised architecture involves managing network exchanges between databases, which
remain heterogeneous, and between processes distributed across several servers, but integrating
these exchanges through layers of interfaces that are now standardised and open source. By way of
example, this is an option that was chosen in the eHop project for a group of hospitals. It has the
advantage of maintaining locally the skills of the engineers and care staff needed to qualify health
data.

The legal issues here concern consent and medical confidentiality. The European principles of the
RGPD provide for consent to be given as soon as information systems are designed (privacy by design)
and through a culture of internal transparency within organisations (via the data protection officer).
Patient data is of course a matter of personal privacy, but the duration, the right to withdraw consent
and above all the clear purpose for which the data will be used are intangible principles laid down by
the CNIL

Stéphanie Combes gave an outlook on this point: "The data is only supposed to be stored during the
state of health emergency. At the end of this period, they will have to be destroyed, UNLESS another
text provides for their retention when the Health Data Hub is finally set up".

In practice, not to mention the future problems of individual doctor liability, patients could be
subjected to a breach of medical confidentiality, a legal principle but also an ethical rule that
underpins trust based on the Hippocratic oath. A breach of this trust would of course present risks in
terms of public health.

Economic issues are crystallising around the challenges of digital transformation. Neo-liberalists see
digital technology above all as a force for creative destruction: deregulation and the disengagement
of governments encourage disruptive innovation and growth by start-ups. Beyond the purely
scientific interest, the rapid development of AI thanks to GAFAMI, the six American giants that
dominate the digital market, can therefore be considered to be in the "general interest", a goal
introduced in 2019 in the Health Law.

On the other hand, advocates of an alternative economic policy see digital technology above all as an
opportunity to manage the digital commons, following the analyses of Elinor Ostrom: non-rival
immaterial resources whose rules of access and use are managed by a wide variety of self-organised
communities (for example, from the Internet, via Wikipedia, to Open data, free software or the huge
scientific databases such as the Protein Data Bank). Those who share this vision denounce the idea of
a separation between, on the one hand, the qualification of medical data, which is achieved through a
long process of collection and sorting financed by the public sector and subject to treaties on the free
movement of data, and on the other hand, the exploitation of this data, with the commodification of
health by the private sector protected by patent treaties.

Health data monitoring as seen by past and present thinkers

The social issue of health monitoring of our behaviour cannot be analysed without the concepts
forged by sociologists. Michel Foucault described the gradual transition to a disciplinary society using
the concepts of 'biopolitics' (which deals with the ways in which power is exercised over bodies) and
'governmentality' (which combines government and rationality, in technologies for governing

3
SI07-001-G _Session5_ARTICLE

individuals and the self, to ensure self-discipline: confinement, schools, hospitals, statistics and now
the panopticons of the drone and the wristband).

Gilles Deleuze has described a new transition to a society of control through the electronic collar, with
the concepts of 'digital language' for access to reality. Whereas Kafka coined the notion of "unlimited
procrastination": it is no longer a question of disciplining and ordering, but of controlling by managing
all disorder.

Today, sociologists such as A. Rouvroy and D. Quessada are pointing to a forthcoming transition to a
society of traces, with the concepts of algorithmic governmentality. Quessada are pointing to a
forthcoming transition to a society of traces, with the concepts of algorithmic governmentality (which
goes beyond control of the probable; it is a question of control of the potential itself, to 'adjust' our
behaviour) and of under-surveillance, which is no longer over-surveillance, but under-surveillance by
a discreet, immaterial and omnipresent grid of all the types of traces we leave, such as our signals,
our productions, our imprints, our passages and our links...