can the whole world read our email correspondence?

[Peter Gøtzsche]

Dear all,

please tell me if the whole world can read our emails? I just got very
uncomfortable while googling to see the latest deveopments and found
this:

How the UK drug regulator looks at access to data, and EMA meeting ...
groups.google.com/group/.../browse.../698f3bbd04e09747?...Share
1 post - 1 hour ago
From: Peter Gøtzsche <p...@cochrane.dk>. Date: Sat, 24 Nov 2012
16:14:51 +0100. Local: Sat, Nov 24 2012 10:14 am. Subject: How the UK
drug regulator ...

Which suggest to me that our path list is not private.

bw

Peter

[Peter Gøtzsche]

Dear all,

I am angry and appalled and want to know how it can be that the whole
world can read our internal email discussions in our Google group. I
Googled from my wife's computer and found my email to the path group
from a few hours ago and could also download the attachment.

It is not that I regret what I wrote. I take care not to write about
people what I would not be prepared to tell them face to face. But it
is nonetheless very shocking to me that there is absolutely no safety
in a Goodle group like ours.

Did you know about this? Did the person who started this email list
forget to click some safety option or what? Transparency does not mean
that the whole world is constantly informed about everything. This
experience is Orwellian to me, perhaps I should re-read 1984.

bw

Peter

[Trisha Greenhalgh]

No Peter, I didn't know. As someone who has researched data breaches in
relation to electronic records, I can say that most breaches that lead to
HARM are due to human malice (e.g. a doctor abusing access privileges to
look up a ceberity's details). Inadvertent technical or human errors such
as forgetting to toggle a security button (which I guess is what this is)
are alarming but the chance of harm is statistically small. This is
because someone really needs to be LOOKING for an item of sensitive
information in order to find it.

Can we not delete the correspondence? Who set up the group?


Prof Trisha Greenhalgh
Global Health, Policy and Innovation Unit
Centre for Primary Care and Public Health
Blizard Institute
Barts and The London School of Medicine and Dentistry
Yvonne Carter Building
58 Turner Street
London E1 2AB
t : 020 7882 7325 (PA) or 7326 (dir line)
f : 020 7882 2552
e: p.gree...@qmul.ac.uk
Twitter @trishgreenhalgh

[Ben Goldacre]

Hi Peter

as far as I know the list was set up to be public. 

I think Richard Lehman who set the list up (cc'ed) can change the settings to make it private retrospectively.

I raised the need for a closed list when PATH was set up and Richard set up a closed-PATH list for private discussions. 

B

dr ben goldacre
b...@goldacre.net
http://www.badscience.net/

If you're bored:

I'm @bengoldacre on Twitter. 

My first book is Bad Science

My second book is Bad Pharma

My main blog is here. 

My throwaway blog is here. 

I did this TED talk, and this TED talk.

[Trisha Greenhalgh]

In any case I just tried it and can't get in without a password!
Maybe your wife's computer has your cookie on it?

[Wookey Sarah (OXFORDSHIRE PCT)]

I have just logged in without needing a password.

********************************************************************************************************************

This message may contain confidential information. If you are not the intended recipient please inform the
sender that you have received the message in error before deleting it.
Please do not disclose, copy or distribute information in this e-mail or take any action in reliance on its contents:
to do so is strictly prohibited and may be unlawful.

Thank you for your co-operation.

NHSmail is the secure email and directory service available for all NHS staff in England and Scotland
NHSmail is approved for exchanging patient data and other sensitive information with NHSmail and GSi recipients
NHSmail provides an email address for your career in the NHS and can be accessed anywhere

********************************************************************************************************************

[Marilyn Mann]

In order to search or join the group, you must be logged in to Google, which takes a password. If you are already logged in to Google, no additional password is needed.

Marilyn


Sent from my Verizon Wireless Phone

-----Original message-----

>From: Peter Gøtzsche . Date: Sat, 24 Nov 2012

[Richard Lehman]

Yes, I set up the group a year ago without any password protection, so the whole world can indeed see any correspondence to PATH.
Personally I don't have a problem with that and I think I made it clear at the outset - I will go back and check. But I am sorry if members who joined subsequently thought otherwise and have said things which they would not wish shared outside the group.
At present anyone with an interest can join - even if their interest is not friendly.

Richard

[James Heilman]

I think openness is key. If we are asking Pharma to be open we must be willing to be open ourselves. In the world of Facebook / Wikileaks it is good practice to never do or say anything that you are not happy to stand by if it became public or hit the front page of the NYTs. IMO this is a good philosophy in life generally. I see this as the opposite of 1984. It is almost impossible to delete some document from your past even if you want to, there is no memory whole. This is a return to a smaller world. When people lived in small groups they where keep honest and decent through everyone with whom they interact knowing their personal life. When they moved into large anonymous societies people where more willing to do unethical things as they where able to keep it from their friends. With the Internet this is no longer the case and people need to adjust to this reality.

James Heilman

MD, CCFP(EM), Wikipedian

--
James Heilman
MD, CCFP-EM, Wikipedian

The Wikipedia Open Textbook of Medicine

www.opentextbookofmedicine.com

[Ash Paul]

Dear colleagues,

Google groups has set up a newer and much more sophisticated googlegroups system from Feb 2012.

If you all want, I can set up a new closed googlegroups (and abandon this googlegroup), whose membership will need to be vetted by the moderator of the group before being allowed entry into the group. Making this group a closed group now (with passwords) is like shutting the barn door after the horse has bolted. Those guys who might have wanted to join this group for ulterior motives, would have done so a long while back and are members of this group already.

I run/moderate a very successful NHS evidenced-based yahoogroup which is absolutely closed except to its members. We have kept out big pharma, big medical device industries and regulators from our group membership by careful pre-screening. We do this by asking potential members to request to join with their work email address in the first instance. This NHS Group has over the past 10 years saved the NHS millions, which I'm sure we would not have been able to do if it had been an open group.

Regards,

Ash

[Peter Doshi]

For clarity, I thought it might be useful to note that there are two
separate issues related to the privacy settings.

1. Is membership required to post to the list? Answer: yes at present.
(If you want proof of this, try to post to the group from a friend or
spouse's email account who is not on the list -- the email will be
rejected it.)

2. Is membership required to read the list? Answer: no at present. It
is publicly available to anyone in the world (even without a Google
account) at https://groups.google.com/group/pathtodatadisclosure/ (If
you want proof of this, browse through an anonymization service so that
your personal Google account login info (if you have a Google account)
won't be transferred, e.g.
http://anonymouse.org/cgi-bin/anon-www.cgi/https://groups.google.com/group/pathtodatadisclosure/
-- All 312 messages can be read.)

I do not imagine one can (easily) delete correspondence. Google's
business structure is predicated upon amassing vast amounts of data.

Regards,
Peter