Robot or not? Robotic surgery and risk, part one

A security geek goes to see a surgeon about having an operation. The surgeon says, "We may use the robot."

The geek thinks: "Robot! Cool. What OS does it use? Is it on the network? Has anyone hacked this type of robot yet?"

I am that geek and I will get to those questions in a moment, but here's a question you need to be thinking about: Is it okay for a machine to slice into people and perform surgery, such as removing organs they no longer need? I'm thinking about this for several reasons, including my upcoming adrenalectomy and my job as a security researcher at ESET. But why do you need to think about this? Because robotic surgery is no longer science fiction: nearly half a million surgical procedures were performed robotically in North America in 2012.

So, there's a good chance that, if you need any one of a number of types of surgery in America today, your healthcare provider will want to use a robot. Are you okay with that? Clearly, most people will want to ask themselves:  Does the surgeon's use of a robot increase or decrease the risks to me, the patient? In this post and others that I am planning to write, I hope to shed light on this question.

Note that I am not a doctor, nor am I a medical researcher, but I have some experience with risks related to digital technology. I work for a company that works to improve the safety of digital technology. A surgical robot is digital technology. Here's a simplified diagram of a robotic surgery setup:

robot-surgery-setup


The surgeon guides the robot tools from a 3D imaging console using hand and foot controls communicating over wires to the device. Note that the surgeon's console can be some distance from the patient (in telesurgery it could be miles away).

Slicing and dicing with da Vinci


If your healthcare provider does want to deploy a robot as part of your surgery there are a couple of data points we know already. First, the procedure is likely to take a bit longer. Second, the procedure will cost more. Third, the robot they will use is most likely to be the da Vinci Robotic Surgical System. The da Vinci is made by Intuitive Surgical, a company that went public 13 years ago at $9 a share [ISRG]. This was the same year the FDA approved the system for general laparoscopic surgery. Intuitive has since traded as high as $585.67, which might lead you to think that things are going well in robo-surgery land.

Unfortunately, and I mean this sincerely as a fan of technology and a believer in the potential of robotics to improve our world, some things have not gone well. For example, according to one law firm:
there are now more than 4,500 complaints about the da Vinci surgical robot in the FDA’s MAUDE (“Manufacturer and User Facility Device Experience”) Database—50 or so of them involving the death of the patient—and 30 lawsuits against the manufacturer, Intuitive Surgical, Inc.

You don't have to take a lawyer's word for this because MAUDE is on the Internet. and you can look up reports yourself (I count 500 reports involving Intuitive surgical so far this year). Bear in mind that reporting medical device problems to MAUDE is not mandatory, so there is no way to tell the actual number of problems with the da Vinci system.

Then came a bunch of studies examining the cost and efficacy of these million dollar marvels (yes, a da Vinci robot can cost over $1.5 million). Together with the lawsuits and media scrutiny, these have depressed share prices for ISRG, which is now trading around $430 with some analysts predicting values of $300 within the year.

Somewhat ironically, given my initial security geek reaction to the idea of a robot slicing into my flesh--fear of hacking--none of the problems with this particular technology cited so far have anything to do with malware, coding errors, comms failures, or hacking. The greatest risk factor right now, in my opinion? The impact of market forces on safety.

Sales pressure and medical devices


Intuitive is under tremendous pressure from shareholders to sell more robots and get more robotic surgeries performed. This leads to marketing tactics that oversell benefits and downplay risks. For example, Johns Hopkins research shows hospital websites making excessive use of industry-provided content to sell robotic surgery and overstate claims of robotic success. A CNBC investigation quoted Suraj Kalia, a Northland Capital analyst, in a recent report on the company:
Our extensive field checks highlighted a story where aggressive marketing drives the message and true clinical utility seems secondary in nature.

There is a lot of pressure on Intuitive to market the heck out of their product because a lot of doctors are now expressing doubts about the value of robotic surgery. Consider the blistering Statement on Robotic Surgery by James T. Breeden, MD, president of ACOG, the American College of Obstetricians and Gynecologists (with 56,000 members, ACOG is the nation’s leading group of physicians providing health care for women). Here's the short version: "there is no good data proving that robotic hysterectomy is even as good as—let alone better—than existing, and far less costly, minimally invasive alternatives."

Here are some of the figures that ACOG quotes:
At a price of more than $1.7 million per robot, $125,000 in annual maintenance costs, and up to $2,000 per surgery for the cost of single-use instruments, robotic surgery is the most expensive approach. A recent Journal of the American Medical Association study found that the percentage of hysterectomies performed robotically has jumped from less than 0.5% to nearly 10% over the past three years. A study of over 264,000 hysterectomy patients in 441 hospitals also found that robotics added an average of $2,000 per procedure without any demonstrable benefit...an estimated $960 million to $1.9 billion will be added to the health care system if robotic surgery is used for all hysterectomies each year.

Between the medical questions and the growing number of lawsuits, Intuitive is under pressure, the kind of pressure that should, I believe, influence the way you interpret what people say about robotic surgery. Is the hospital pushing it on you? Is the hospital pushing it on the surgeon? Is the hospital skimping on robotic training, given the manufacturer's claim that surgeons are ready after two or three operations? Is the motive to achieve the best healthcare for you or is the motive a need to pay back the huge investment in hardware and supplies and maintenance contracts? Are doctors and hospital administrators being plied with luxury vacations and other perks to encourage them to use the robot more often in a wider range of procedures, including yours?

Those questions are currently more pressing than the need to analyze the da Vinci system's coding and connectivity. So far, I have found no indications that the system has been hacked and it does not appear to be connected to any networks. But that may change as the pressure to perform remote robotic surgery grows, powered by the perception that this can expand healthcare delivery at lower costs than training more surgeons. Already we see FDA approval for passive telemedicine robots. The term telesurgery has been coined and tests of procedures performed over the Internet are under way.

What's next for robotic risks?


In my next post I will break down the technical risk factors in more detail. These include analog issues, like build quality (here is a self-reported problem with da Vinci hardware that can cause burns), and also logical issues, like the security of device programming.

I leave you now with a link to the AJOG report "The commercialization of robotic surgery: unsubstantiated marketing of gynecologic surgery by hospitals," and a link to a report that really rips into Intuitive. The author quotes a lot of sources that appear to check out. After reading it you are likely to question whether or not robotic surgery is right for you. As of now, I am going to ask my surgeon to take a more hands on approach.

Cobb's got Conn's? Probably, but I go through Adrenal Vein Sampling (AVS) to be sure

[Updated 6/11/13: It's official, I do have Conn syndrome. The nephrologist just called to say my AVS test results were, direct quote: "Stunning!"]

This post is about my potential diagnosis of Conn syndrome and how that could lead to a healthier, more energetic life. If you have high blood pressure, dodgy heartbeat, nasty leg cramps, muscle weakness and chronic fatigue, pay attention: Conn's might be what's ailing you, and it can be cured. (This is of particular interest to anyone who has been told they have "essential hypertension", which means the doctors have essentially no idea why your BP is high.)

That fact that Stephen Cobb may have Conn syndrome is not a typo, Conn's is a medical condition first described by University of Michigan endocrinologist Jerome W. Conn in 1955. I did not have Conn's back then, but I'm pretty sure I have it now, and have had it since at least 2004. A recent CT scan revealed a growth on my left adrenal gland (we start life with two, one on each kidney). This type of growth, usually benign, is called an adenoma. Tests indicate that mine is producing the hormone aldosterone, too much of which not a good thing, as I will explain in moment.

Basically, Conn syndrome is an aldosterone-producing adenoma, and my hat is off to Dr. Conn for discovering this condition without the aid of things like CT scans. I got my doctor to order a CT scan looking for one of these adenomas because I had this quartet of symptoms:
  • High blood pressure, poorly controlled despite multiple BP meds
  • Low potassium, despite years of taking big potassium horse pills every day
  • Atrial fibrillation (as a result of the low potassium or hypokalemia)
  • Fatigue (more than just feeling tired)
If you plug these into Google you will likely see "aldosteronism" in the top results (I did this with "high blood pressure low potassium hormone" and "high blood pressure low potassium fatigue" but without the quotation marks).

Dig into these search results and you learn that aldosteronism, also called hyperaldosteronism, exists when too much aldosterone is produced by the adrenal glands, which can lead to lowered levels of potassium in the blood, also known as hypokalemia. An adrenal adenoma is one of a number of things that can cause primary aldosteronism. I have one on my left adrenal.

So what's the good news? If you confirm that just one of your two adrenal glands is responsible for the aldosteronism it can be surgically removed, giving your body a chance to return to normal, which appears to happen in over 50 percent of cases.
Cure of hypertension occurs in 50%–80% of patients after adrenalectomy for an aldosterone-producing adenoma, and most of the remaining cases show improvement (13,21,22). (Radiographics)
That can mean no more blood pressure pills, no more potassium pills, an end to excruciating leg cramps, a return to a regular heartbeat, more energy, even loss of excess weight, partly through being more active but also, possibly, through reduction of cortisol production (but that topic is too complex for this humble blog post).

The role of AVS

After confirming that my body was producing too much aldosterone through blood and urine tests, my primary care doctor referred me to a nephrologist who ordered Adrenal Vein Sampling (AVS) to confirm that the adenoma was the cause of this and not a general adrenal malfunction involving both glands. (You don't want an adrenal glad removed if that is not going to stop the excess aldosterone production.)

The AVS procedure is tricky, requiring interventional radiology (not invasive radiology, a term I used in error when talking to several people about this). A tube is inserted into a major vein (femoral vein in my case) and threaded to the adrenals where a series of blood samples are taken. The doctor doing this is guided by a live X-ray view of your veins using a contrast. Not only are the veins thin, but the support staff have to get things just right with the labeling of samples and so on. In other words, you want an experienced team doing this if at all possible, otherwise you don't get a result and have to go through it again.

Speaking of "going through it", you will need to set aside a day off work for AVS, followed by a day of taking it easy. That's because a. you will be given a strong anesthetic and b. you don't want the vein to pop open due to sudden movements. I went in early for mine (5:30AM) and expected to be back at work in the afternoon. Nope. Could not drive and was clearly still feeling the effects of the wonderful "twilight zone" drugs they use to sedate you (you don't go all the way under, just into a very nice place, and not at all like Twilight Zone the TV series).

I read one blogger's account of AVS before I went for mine and it was very helpful, although not exactly reassuring. Partly this was due to my (now cured) ignorance of the word "catheter" which I used to think meant only those tubes they stick into the most sensitive organs, but no, it just means any tube, in this case the one that went into my femoral vein in this procedure. To be honest, I never felt a thing.

I also read about getting shaved, but that was only a small patch of groin north of the family jewels. The prep work was mainly the shave, some blood draws, an IV for the contrast, and paperwork. The actual procedure only took about an hour and then I was required to rest horizontally for two hours to let the vein heal up. The good news is that you can eat right away (blessings on the nurse who brought me a turkey sandwich). You will likely feel hungry because you have to fast, starting at midnight the night before (no food or liquids, although you may be able to take your BP meds--ask your doctor--I didn't take mine and so BP read very high on admission, but not too high to prevent it going ahead).

How common is primary aldosteronism? I think anyone with essential hypertension should get the basic urine and blood tests for this condition to rule it out. Although my cardiologist confessed to knowing very little about it, and both my primary care physician and the nephrologist said they have not seen it very often, there is this:
There is an increasing requirement for adrenal vein sampling, which is driven by the appreciation that primary aldosteronism is far more common than previously recognized (13). Many centers throughout the world are reporting a prevalence of between 5% and 10% in unselected hypertensive patients (48).
So, check it out...and stay tuned. If I am a candidate for adrenalectomy I will describe the operation and my results for the benefit of anyone else who is going down this road.

 

Sorry I've been out of touch (my adrenal adenoma is to blame)

Just a quick post to let folks know that I came through my recent medical procedure unscathed (apart from a small hole below the belt line that is healing nicely). For the sake of other folks out there who may need to undergo adrenal venous sampling I am writing up the procedure, the reason for it, and the possible long term prognosis, which is very good.

I also wanted to extend a broad apology to those friends and family with whom my communications in recent years have been less than stellar. I have been beating myself up for some time over this, but recent medical adventures have led me to see things differently:

  • I have been feeling seriously fatigued for several years now, leaving me with little energy at the end of the workday/week to reach out and communicate.

  • I assumed that this lack of energy was due to the demands of a stressful life (dealing with Chey's disabilities, the aftermath of the 2008 financial disaster, the demands of a new job--on which I've been working many evenings and weekends, the stresses of moving 3,000 miles to a new city, and so on).

  • I also thought to myself: "this must be what getting old is like"

  • In fact, it appears that I have been suffering the effects of something called primary aldosteronism due to an adrenal adenoma, of which there will be more blogging later.


The good news is that primary aldosteronism--talk about a disease that needs a catchier name--can be treated and, in some cases, cured. That could mean I get back to 100%! Staying in touch will no longer be such a challenge.

I got the diagnosis in April, however it has taken me a fair amount of time to put the implications into perspective. At first I was hung up on the fact that this should have been diagnosed years ago. Right now I am focusing on the positive, the fact that it was finally diagnosed, and I have good access to some good doctors who can treat it.

Yesterday I took a big step toward treatment by undergoing AVS, which will determine if one of my two adrenal glands is responsible for pumping out excessive amounts of the hormone called aldosterone. Thanks to a CT scan I already know that there is a lump, called an adenoma, on one of those glands. That lump could be the culprit. Oddly enough, that condition, an aldosterone  producing lump on an adrenal gland, is called Conn syndrome.

I plan to write up more of what I have learned about primary aldosteronism. Readers and Googlers may benefit from this because, from what I can tell, this is an under-diagnosed condition. For now, please accept my apologies for sub-par performance in the friend and correspondent department. I hope to be able to do better.

I leave you with a list of primary aldosteronism symptoms that I have been experiencing, some for many years:

  • High blood pressure not well controlled despite multiple medications

  • Chronic low potassium or hypokalemia

  • Abnormal heart rhythm and atrial fibrillation (my heart sounds like my dog's)

  • Sodium retention, increasing blood pressure, causing swollen ankles, legs

  • Muscle cramps and muscle weakness

  • Decreased cardiac output associated with elevated renin levels


If I am lucky, my AVS results will indicate than an adrenalectomy can eliminate these symptoms. Stay tuned!

 

Cobb's blog is back, after dealing with WordPress and Linux server hacks

If you have missed this blog lately, that's because it was offline for several weeks while I rebuilt it after a nasty case of criminal hacking forced it off the 'net. What's that you say? You're shocked that a server belonging to security expert Stephen Cobb got hacked. Well, I'm not. Not surprised that is...because I don't spend all of my time being a security expert.

In the very earliest days of the Internet I made a conscious decision to live at least part of my online life like an "ordinary" person, that is, someone who is not well-versed in the risks of being online or the strategies for mitigating those risks. And sure enough, living like that can lead to problems.

You don't need to attend a cybercrime conference in Argentina to know that there are a lot of bad guys out there, armed with an extensive array of easy-to-use attack tools with which to perpetrate whatever online mayhem makes them the most money. But I did attend such a conference, a very fine conference put on last week by the APWG (Anti-Phishing Working Group) and sponsored, I am proud to say, by my current employer, ESET (the Latin American office of ESET, but ESET all the some).

One of the many valuable things I learned at the conference (full title: Computer eCrime operations Summit VII) was that my own impression of a rising tide of nastiness preying on Linux webservers was in line with the data that is being collected by groups like APWG. Indeed, from my hotel room in Argentina I published a timely blog post by my Canadian colleague, Pierre-Marc Bureau, on new Apache backdoor malware (the image of a back door at the top of the post was actually taken from a photo I snapped from the window in my hotel room).

From malware like that, to the mass compromise of webservers that is behind the ongoing Brobot attacks on American banks, the focus of malicious attention on Linux boxes, many of them running WordPress, many of them rented from hosting providers, is now clear. In fact, reporting of the latest APWG survey, released at the CeCOS event, leads with this finding:
A new phishing survey by the Anti-Phishing Working Group (APWG) reveals that phishers are breaking into hosting providers with unprecedented success, using these facilities to launch mass phishing attacks.

Now, as for this blog right here, it does not get a lot of traffic. Let's face it, I don't keep the content very fresh. But that didn't stop some criminal scumbag somewhere from breaking into the computer that serves up this content. No files were erased and no personal data was stolen (because there is no private data on that box). But a collection of malicious .php scripts were installed in the directory of an unused WordPress theme on an even more neglected domain. These scripts enabled the criminal hacker who put them there to use the box to launch DDoS attacks on other systems.

Ironically, up to that point the attack was not noticed by the system administrator (me) nor the hosting provider who owns the server and rents it to me. But when the DDoS capability was activated, the hosting provided was alerted, possibly by the victim of the DDoS attack, and I was informed that the server had been taken offline. That's where the fun--no sorry, the opposite of fun--began for me, but I will write that up another time. For now, here are some lessons learned:

  • If you have a rented webserver somewhere--like a virtual private server, hosting slice, or web hosting account--that you have not touched or upgraded in a while, you might want check on it now.

  • If you are a hosting provider, ask yourself if you could be doing more to help your customers avoid getting hacked like this. I know my provider could have done a lost more than they did.

  • Do you know the current backup status of your rented webserver? Are daily backups being made? Do they include the entire servers? Does that mean the databases powering your WordPress blog[s] are backed up?

  • If you use WordPress on your own/rented server, have you set the WordPress Database Backup plugin to email a database bakcup to you on a regular basis? (This saved my bacon when my machine had to be wiped out to remove malware and any potential backdoors.)

  • Avoid storing any personal information--such as customer data--on your rented server.  More than 45 states now have data breach notification laws which might apply to you if your server is hacked and it did have confidential personal data on it.


Speaking of private data and privacy, I have just revived my "Privacy Think" blog, partly to coincide with Privacy Awareness Week. In my latest post I highlighted the availability of my privacy book, the first few chapters of which are still a decent primer on privacy for business, despite being about ten years old (and are still free to download).

So Long 2012: Year of multiple infosec anniversaries

30 years ago this month, December 1982, I sat down at my first personal computer, a KayPro II, and started learning word processing, spreadsheets, databases, and something called an operating system (in this case CP/M). I got my first book contract 5 years later, in other words, 25 years ago this year. Within 5 years I had written a dozen books on word processing, spreadsheets, and database management. In 1992, my first book on computer security came out, so 2012 is the 20th anniversary of that event.

Mine was not the first book on computer security, but I think it was the first book to address personal computer security in a comprehensive manner, from physical security to power supply, anti-theft to antivirus, risk assessment to contingency planning. Previous computer security books had been written for previous generations of computers, mainframes and minis. I looked at things from a desktop and portable computer perspective and provided a blueprint of what the "layered defense" of a personal computer system might look like.

[caption id="" align="alignright" width="380" caption="Company photo of KayPro II (from the delightful "Obsolete Technology Website" at www.oldcomputers.net)"][/caption]

BTW, my first computer, that KayPro II, was a "portable" computer. (Yes, it weighed 26 pounds, but the keyboard could be fastened across the 9 inch screen and the unit could be carried using a built in handle.) The KayPro II enjoyed an anniversary this year as well: it was introduced in 1982. Fun fact: There was no KayPro 1. The name KayPro II was used to one-up its main rival, the Osborne 1.

Another fun fact is that the KayPro was built in San Diego, which is where I live these days. The original manufacturer was a company called Non-Linear Systems, founded by Alan Kay, who also founded the Rotary club of Del Mar in San Diego County. And to return to the theme of anniversaries, the company that brought me to San Diego, ESET, had two anniversaries of its own this year. The founders of ESET created their first antivirus technology 25 years ago and the company was founded 20 years ago.

To round out this roundup of 2012 anniversaries, the twentieth DEF CON was held this past summer. The now legendary hacker conference/convention first happened in 1993 and was called, logically enough: DEF CON I. My first DEF CON was DEF CON III in 1995. I was invited to speak and had a great time doing so. It was a pleasure to return in 2012 and see so many friends, despite the huge crowds.

Finally, 2012 marks 10 years since I published my book on privacy: Privacy for Business, a modest attempt to provide businesses with a primer on digital privacy issues. While some of the information in the later chapters is a bit dated, the principles covered in the early chapters still apply and you are free to download a PDF of the book. Again, I was not the first person to write a book on privacy in the digital age, but I think it is fair to say that I was one of the first people in computer security to signal the huge impact that privacy concerns would have on the evolution of security. I certainly enjoyed the time I spent in the early days of HIPAA and GLB and such, educating privacy people about security and security people about privacy.

I have also enjoyed the symmetry and happy coincidence of so many anniversaries this year but it is now time to say goodbye to 2012, a year of milestones remembered, and look forward to what the next 10, 20, 25 and 30 year markers may bring.

Boxing Day: The play time holiday (that comes with a touch of giving)

Despite the fact that I am now an agnostic citizen of the United States of America, my upbringing in a church-going protestant family in England means that for me, the day after Christmas Day will always be Boxing Day. And Boxing Day is my favorite day of the year.

Many people in America are unfamiliar with Boxing Day, just as a lot of people in England, land of my birth, are unfamiliar with Thanksgiving Day. Sure, there is some knowledge of the basic facts enumerated in Wikipedia (see Boxing Day and Thanksgiving Day), but there is not the familiarity which comes from living those days, year after year.

Good King Wencelas stamps from UK, 1973Over the years, when Americans asked me about Boxing Day, they got my version, which I tended to universalize as "this is how Boxing Day is in England." I now realize I was giving them "what I liked about the Boxing Days that I enjoyed in England in the 1950s through the early 1970s."

So, this Boxing Day, I wanted to give a sense of how it was for me as a kid, without pretending to know if this is what it was like for other kids, or what it is like in England today. I will start with the meaning of the term, as I understood it: Boxing Day comes from the tradition of rich people boxing up the Christmas leftovers and taking them to the poor people on the day after Christmas.

That's not exactly what is represented in the series of British stamps you see here, but the story they illustrate, that of "Good King Wenceslas," does relate to Boxing Day, which is also the feast day of Saint Stephen. That is the day on which the Saint Wenceslas miracle occurred (involving the high born Wenceslas and his page taking alms to the poor in the snow, a story to which I relate for the strange reason noted here).

To understand my love of Boxing Bay you need to know what my Christmas Day was like. It began with going downstairs on Christmas morning to find gifts under the Christmas tree (after the age of eight it began with me trying to stop my younger brother getting up before dawn to go downstairs). After unwrapping our gifts and waking our parents--not always in that order--there would be an abbreviated period of playing with new toys, cut short by the need to tidy up the house for Christmas dinner and get ourselves ready for church.

After the Christmas morning service, at which we saw an assortment of friends and family and exchanged news of our gifts, we would embark on a series of house visits to relatives. This always included at least one great aunt and my dad's parents. (My mum's mum lived with us and usually stayed at home on Christmas morning to ease the Christmas dinner through the final stages of preparation.) After these visits, which involved a lot of good manners and sitting properly, we eventually got home to the Christmas dinner. After that, it was time to watch the Christmas programming on television. (These were often shows created for that particular Christmas, going out live, in other words, watch it now or never see it, ever, no repeats.) And that's about where Christmas Day ended (in our house kids went to bed many hours before grownups). You had been blessed with new toys. You had done your duty to family. You had been entertained. But there hadn't been a whole lot of time to play.

Then came Boxing Day! A holiday for everyone, no shops open, no need for dad to go to work. Just time to play, inside with our toys, but also outside. If there was no snow, this might be a friendly rugby game or football game. If there was snow then it was time for tobogganing. There were Christmas leftovers to eat and, for most families, an opportunity to relax and enjoy the spirit of the season. At least, that's how I remember it. And that's how I have tried to keep Boxing Day, despite the fact that it is not a 'standard' holiday for many Americans.

I don't go to the stores on Boxing Day. I don't work, if I can avoid it. I just spend it relaxing, maybe communicating with friends. There is no set agenda for Boxing day. You make it up as you go along, it's a Do-It-Yourself holiday (and not a bad day to try one of the DIY projects you've been looking forward to). This year I had a lingering cold and sore throat on Boxing Day and so I spent most of the day reading fiction and writing non-fiction, including this blog post. I didn't take any alms to the poor but I did re-invest some of my micro-loan funds at Kiva. I'm not looking to start a Boxing Day movement or fight the rampant commercialism of Boxing Day. I'm just saying Boxing Day is my favorite day of the year, and now you have some idea why.

[Postscript: The sled pictured at the top of the post is a "Flexible Flyer" like the one my family had in the big snows of 1962-63 in England (image courtesy of The Children's Museum of Indianapolis). To the best of my knowledge, these were not sold in England at that time. We got ours from an elderly lady that we sometimes visited on Christmas Day. She and her husband had lived in Canada and brought one of these back with them. Although it was well used when she gave it to us, my dad lavished some TLC on it in his garage and it proved to be a great ride for many years.]

Facial recognition technology and the Right of Publicity: Could this hot tech trend violate state laws?

If someone uses a photograph of your face for commercial purposes they could be breaking the law. In an odd way, this statement connects two areas of my life, information security and movie making. Photographs of faces are used in some security systems and lots of movies. When you make a movie it is standard procedure to ask permission to use a person's picture. You record that permission with an "Image Release" that is signed by the person, or their guardian if they are under 18. Here is part of a standard release like the one we used for our movie:
"I grant permission to The Movie and its producers, to take and use visual/audio images of me for their production. The images may be used in any manner or media such as publication, promotions, broadcasts, advertisements, posters and theater or home video distribution. I wave any right to inspect or approve the finished images...I release The Movie and its producers and agents...from any claims, damages, or liability which I may ever have in connection with the taking of and use of the images or printed material used with the images."

The reason for such broad language is the breadth of a legal right with which many Americans are not familiar: The Right of Publicity or RoP. Now might be a good time for venture capitalists and Silicon Valley engineers to familiarize themselves with RoP. Why? Consider what my good friend and colleague Cameron Camp recently wrote about over on the ESET Threat Blog: the use of facial recognition for commercial purposes. Cameron provided some interesting commentary on a startup venture that had the following idea, something that might sound like a cool marketing ploy but which might also be, as I will argue, illegal:
Networked cameras in shops scan the faces of customers and try to match them with faces of Facebook users who have signed up for special deals.

At first blush this sounds like an automated version of my brother's butcher. The analogy goes like this: My brother works from home so he tends to be the one cooking dinner and, because he and his wife like to live in small villages in Europe, he buys the meat for those meals fresh, almost every day of the week, not in a weekly trek to a big supermarket. So my brother gets to know his local butcher and the local butcher rewards local customers with special deals, made on the spur of the moment, based on a form of facial recognition that I like to call: "Hi Mike, how's it going?"

The problem with the computerized version is that having your picture taken by a digital camera is a lot different from your local butcher memorizing your face in his brain. Transferring that digital image over the public Internet to a vast server farm that might be thousands of miles away, possibly in a different country, introduces concerns way beyond any misgivings you might have about the butcher remembering your face. Consider what has to happen to reward people who have opted in to this facial-deal scheme:

  1. Take a picture of every customer.

  2. Isolate the face within each image and send to a server which can scan it against a database of known faces belonging to people who have opted in.

  3. Return a result when there is a match.


In other words, you are photographing people in such a way that their identity is clear, then using those photographs for commercial purposes (specifically deciding who gets a particular deal but in general promoting your business so it is more appealing than your competition). Now consider this piece of law, on the books since 1903, namely Article 5, Section 50 of New York State Consolidated Laws:
Sec. 50. Right of privacy. A person, firm or corporation that uses for advertising purposes, or for the purposes of trade, the name, portrait or picture of any living person without having first obtained the written consent of such person, or if a minor of his or her parent or guardian, is guilty of a misdemeanor.

I know this statute is labeled "Right of privacy" but lawyers assure us it is the basis of the Right of Publicity. The key words are: Uses the picture of any living person for the purposes of trade.

So, if you design a facial recognition deal scheme based on photographing everyone, regardless of permission, in order to pick out specific individuals who have given permission, you would seem to be violating this law and the Right of Publicity, which is enshrined in many state statutes, as described on the Right of Publicity website, rightofpublicity.com:
As of this writing, nineteen states recognize the Right of Publicity via statute (California, Florida, Indiana, Illinois, Kentucky, Massachusetts, New York, Nebraska, Nevada, Ohio, Oklahoma, Pennsylvania, Rhode Island, Tennessee, Texas, Utah, Virginia, Washington and Wisconsin). The majority view is that the right exists by common law in every state that has not defined its position through legislation. The American Law Institute’s Third Restatement of Unfair Competition (1995) §46 also recognizes the Right of Publicity as a distinct and viable legal theory.

I don't want this blog post to come across as an attack on a particular startup or technology, but I do note that one of the states in the above list is Tennessee, which is where the startup described by Cameron is located. One might argue that the Right of Publicity is more widely known in Tennessee than some other states because Tennessee law extends the right to deceased persons, Elvis Presley being the most frequently cited example. Unfortunately, this emphasis on celebrity cases leads some people to assume that only celebrities have a Right of Publicity but this is not the case. Numerous states have made this quite clear: You don't have to be famous for use of your face, without permission, for commercial purposes, to be against the law.

Facial recognition technology is currently hotter than hot in VC and startup circles, partly driven by Facebook's massive accumulation of facial data (it reportedly scans 300 million photos a day for faces). The hottness of facial recognition seems to have increased of late despite the fears expressed by privacy advocates. Yet I don't hear many people loudly proclaiming that commercial facial recognition, through its requirement that non-opt-in faces be checked for opted-in faces, violates the Right of Publicity. (There are some instances of people raising aspects of this point: Tim Bukher, Derek Bambauer, and hopefully it was considered at the FTC forum on the topic.)

Of course, I need to put the standard disclaimer out there: I am not a lawyer. On the other hand I have spent 25 years thinking hard about the spaces where privacy, security, and technology intersect. I have also started several successful companies and produced an award-winning movie. While it is entirely possible that I am missing something that invalidates my argument, I have a strong hunch that some forms of facial recognition violate the Right of Publicity.

(Unless someone points out a big hole in my argument I will try to write more about this topic when I get time, perhaps looking at how facial recognition in a commercial security system is affected by RoP, but my immediate task is to review the terms and conditions over on Facebook to make sure they include, as I suspect they do, permission to use my face for commercial purposes--I'm sure the lawyers at Facebook took heed of RoP, right?)

Paying Forward: Giving a little back while we do the paperwork

Why so quiet here on Cobbsblog? To be honest I took the month of July to recover from our medical nightmare in June. But now I'm back and working on paying back a little if I can. My decision to document my wife's atrocious treatment had mixed results but many of them were favorable. We got a lot of good advice and good wishes from friends (THANKS friends!).

We persuaded our healthcare provider to provide us with a better doctor and the treatment since then has been excellent. However, the task of documenting what went wrong in order to help prevent it happening to someone else has proved daunting. Chey has been working on that, on days when she feels able, which are more frequent than they used to be but still far from 7/7. And of course, I have a full time job, which has been more than full time the last few months as I worked nights and weekends to complete a short video for one of ESET's causes: Securing Our eCity. (If you check that link you will see a player for the video, or you can watch it on YouTube in HD...go full-screen and crank up the volume...it is an ad for an upcoming information conference, styled as a movie trailer.)

But what to do about healthcare? I decided to put some time in to hemochromatosis awareness, mainly by perking up the Facebook Hemochromatosis page. This needed work anyway, due to Facebook's latest round of design changes, and the page is worthy of attention. Frankly, this page is a living testament to people coping with one of our country's least recognized medical conditions. Lost amid the deafening roar of political rhetoric about healthcare costs, the simple truth is that our country could save a ton of money if it improved early detection and proper treatment of this major cause of diabetes, heart disease, liver disease, and joint replacements. Heck, the treatment of hereditary hemochromatosis can actually pay for itself! Harvesting the blood taken from HH phlebotomies would boost the nation's blood supply considerably, saving millions of dollars.

I'm also trying to cook something special up for next month when I will reprise my post on hemo-pause and explain how America's baby-boomers can save themselves a lot of pain and suffering. In the meantime, here are some of the past articles on hemochromatosis and links to two of my favorite hemochromatosis sites:

And on the seventh day: Relief, rest, and ruminations on responsibility

If my wife's pain relief nightmare began on Wednesday of last week, then the seventh day of that nightmare was yesterday. I am thankful to report that the day went well and the nightmare may now be over, although it wasn't actually a nightmare, it was a reality, one we had to live through, and doing that burned a lot of energy. So I decided to rest my blog on the seventh day and just use Twitter and Facebook to let people know the good news: Chey now has a doctor who cares!

ThChey's off-road racere new doctor seems to be just what a doctor should be: she is compassionate, a good listener, a good communicator, thorough, knowledgeable, and able to acknowledge, as we all must do, the limits of our current knowledge, as well as a willingness to further expand our knowledge. Of course, the relief that comes with this news is tempered by the indignity and distress experienced in getting to this point.

But the bright side is still bright: Chey now has an improved regimen of pain medication and NO pain contract. (I decided to celebrate with a photo of Chey smiling, from the front page of the local newspaper in Alice Springs, Australia, where she was preparing to take part in the Finke Race 2000).

Something great about Chey's new doctor? She is not a fan of pain contracts. In fact, if you find yourself looking for a doctor, perhaps after moving to a new city like we did, a good tip is to ask any prospective doctor: What do you think of pain contracts? If the doctor agrees with Dr. Kevin Pho that pain contracts threaten the doctor-patient relationship, then you probably have a winner (but no, Dr. Pho is not our new doc).

Finally connecting with a good doctor yesterday was such a reversal of medical fortunes that both Chey and I are suffering from a sort of psychological whiplash. We will take a few days to recover, but then it will be time to move on to post-crisis analysis and lessons learned. Perhaps the biggest question to answer is: Why did things go so horribly wrong? Who was responsible? If we can answer that we may be able to save other people from a similar fate.

Talking of responsibility, I do feel obliged to keep spreading the word about some of the nasty things this incident brought to light, like pain contracts. Expect a blog post on the topic later this month delving into questions like:

  • Are they legal?

  • What should they include to protect you, the patient?

  • How to add a clause that protects you?


Let me close with another big THANK YOU to everyone who expressed support for Chey and outrage over her mistreatment. We will try to do what we can to inform others and prevent this from happening to anyone else.

Why day 6 is really day 3355 in Chey Cobb's chronic pain management nightmare

Day 6 and we are keeping hope alive (despite day one, day two, day three, day four, and day five). In a moment I will explain why day 6 this is more like day 3355, but first an update. As the saying goes: My wife is resting uncomfortably. She has an appointment with a new doctor on Wednesday and, eternal optimists that we are, we are looking forward to that.

Chey reading on the aft deck of Home Shore, an 80-foot fishing trawler making the Inside PassageYou pretty much have to be an optimist to live through years of chronic pain as my wife has done. Sometimes hope is all you have to go on; hope of relief, hope of achieving management of your pain at levels that make life livable.

Chey's 50th birthday was 3,355 days ago and she was in pain that day. I remember because I baked a Baked Alaska and she only had a very small slice even though I did a pretty decent job of it (the Baked Alaska was to go with her present: passage for two on an 80-foot fishing trawler sailing from Sitka in Alaska to Seattle).

On that trip, in September of 2003, Chey had yet another really painful migraine. When we got back home she had a bad reaction to a seizure medication they sometimes prescribe for migraine. It is hard to remember any pain-free times since then.

Sadly, there is growing evidence that chronic pain is not only painful, but also life-threatening. We read on Web MD that Severe Chronic Pain Lowers Life Expectancy. The article states:
Previous research has demonstrated a clearly negative influence of chronic pain on health. Now, a new study portrays a profound link between severe chronic pain and death; inflicting nearly a 70% greater mortality risk than even cardiovascular disease.

The study indicates that even after you adjust for sociodemographic factors and the effects of long-term illness, "patients with severe chronic pain had a 49% greater risk of death compared with all-cause mortality and a 68% greater risk of death compared with all cardiovascular-disease-related deaths."

I appreciate that the author of the article agreed with me that "The most critical information to take away from this research is that withholding appropriate pain medication is a virtual death sentence." In other words, this means that doctors who "don't believe in" using narcotic pain medication "are sentencing some of their patients to an early death."

Now, put this in the context of my wife's recent experience, being cut off from pain medication for seeking more medication. The author writes:
"families and friends of severe chronic pain patients must never try to dissuade the patient from using all appropriate treatments and medications to reduce pain. Convincing such a patient to avoid narcotics, if and when they are appropriate, is equivalent to pushing them into an early grave. Instead, physicians and families must encourage the chronic pain patient to employ each and every possible treatment, including comprehensive pain management programs and powerful pain medications. It is no longer a matter of making someone more comfortable. It's a matter of life and death."

The referenced article is: Torrance N, Elliott AM, Lee AJ, Smith BH. Severe chronic pain is associated with increased 10 year mortality. A cohort record linkage study. Eur J Pain. 2010(Apr);14(4):380-386. As the author of the WebMD item notes, this new research is comprehensive, vetted and validated. There is a link to the abstract here: http://updates.pain-topics.org/2010/04/severe-chronic-pain-is-killer-study.html

If you would like a copy of the full article, leave a note in the Comment field and I will see what I can do.