Comment by quantified
4 years ago
What is not explained in the article is how the telehealth's services came in contact with Google's image-scanning to begin with.
Is this not a huge breach of HIPAA?
Telehealth is sort of done for if randos at bug tech can find there way into your sexual health records.
Telehealth had nothing to do with it other than causing the picture to be taken. The picture was taken with a Google-linked phone, the AI flagged it as CSAM. The transfer to the pediatrician was probably secure and not seen by Sauron's Eye.
> how the telehealth's services came in contact with Google's image-scanning
It didn't. If it had, it wouldn't have been the fathers' accounts being hit.
>Mark’s wife grabbed her husband’s phone and texted a few high-quality close-ups of their son’s groin area to her iPhone so she could upload them to the health care provider’s messaging system.
It sounds like it was probably the texting (maybe via the Google Messages app?) that got the images flagged, rather than the telehealth system.
> When Mark’s and Cassio’s photos were automatically uploaded from their phones to Google’s servers, this technology flagged them. Jon Callas of the E.F.F. called the scanning intrusive, saying a family photo album on someone’s personal device should be a “private sphere.” (A Google spokeswoman said the company scans only when an “affirmative action” is taken by a user; that includes when the user’s phone backs up photos to the company’s cloud.)
I assume it was triggered when the photos were backed up to Google Photos based on the above quote.