Re: Protocols for Insurance to Maintain Privacy
-----BEGIN PGP SIGNED MESSAGE----- [ To: cypherpunks ## Date: 11/03/97 ## Subject: Re: Protocols for Insurance to Maintain Privacy ]
Date: Mon, 3 Nov 1997 10:26:03 -0700 To: "John Kelsey" <kelsey@plnet.net>, "cypherpunks" <cypherpunks@Algebra.COM> From: Tim May <tcmay@got.net> Subject: Re: Protocols for Insurance to Maintain Privacy
Such insurance is now common. A boat owner doesn't buy insurance for iceberg collisions if he is never in arctic waters, a small plane pilot doesn't buy cargo insurance if he doesn't ferry cargo, and so on.
Yes, I understand this. Nobody with a grain of sense insures himself for things he knows will never happen.
the point of having insurance, which is to protect yourself from low probability high cost things happening. That is,
I have a different view of what insurance is than John does.
What insurance is, and how it is priced, is too long a topic to get into here. Suffice it to say that the insurance company makes its profits by charging more for coverage than it pays out. And the customer, of course, tends to lose the differential.
An insurance broker and a bookie are in the same business. A bookie takes a bet from me, at 1000 to 1 odds, for some unlikely to occur event--which he thinks has a probability of less than 1/1000. An insurance broker does the same thing. The only important difference is my purpose in placing the bet. When I take out medical insurance, I am placing a bet that I will get sick enough to spend more than my deductable on doctors. The insurance broker estimates (based on whatever information is available) the probability that this will happen, and makes me a bet at odds that are in his favor, if his estimate is true. If I get sick, I get some money (or my doctors do). If I stay well, I lose the bet. This is just paying someone to take some risk off my hands.
Each side tries to get as much information as possible. If Joe Client knows he never pilots a cargo plane, he doesn't opt for cargo insurance. If Joe Client knows he never engages in unprotected sex with diseasy prostitutes, etc., he skips HIV insurance. The fact that some "low probability events," like meteor strikes, are uncovered is part of the price of keeping Joe's premiums tolerable.
before I've taken the test for genetic disease X, my best estimate of the probability that I will test positive is very low. Once I have taken it, I know the result. If I sign up for a-la-carte insurance for this disease, the insurance company effectively knows I must have tested positive for a predisposition to it, and so either won't give me insurance, or will give me insurance only at an extremely high rate (corresponding to a 1/10 chance of getting the disease, rather than a 1/1,000,000 chance).
This is the idea. It causes those with the predilections to the disease to pay the high coverage costs.
Right. I don't think I expressed my point too clearly, because you seem to have responded to something different than what I was saying. Suppose there is some genetic disease that kills its victims on their 31st birthday, unless they get a $1,000,000 treatment first. Before I have taken the test for this disease, I have to accept a certain risk--if I find out I have the disease, I have to raise a million dollars in the next few months. After I have taken the test and gotten back the results, there's no more risk involved (assuming the test is perfect)--I either have the disease or I don't. After the test, insurance isn't useful (unless I defraud my insurer). Before the test, though, insurance might be useful--I could essentially place a bet with someone that I had the disease--I pay $1, and get a million dollars back if my test comes back positive--just enough to pay for my treatment.
The alternative is not pretty: banning private testing (how?) and forcing insurance companies to cover all applicants for all conditions at a fixed rate.
I know. Let me make it clear that I am not at all interested in banning private testing, coercing insurance companies or anyone else into agreements they don't want to make, etc. I am saying it would be nice if I could buy insurance against the results of the tests before I took them. The problem is, I can't see a really workable way to do this, because there's no way to keep people from taking the test beforehand.
--Tim May
--John Kelsey, Counterpane Systems, kelsey@counterpane.com PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNGDdikHx57Ag8goBAQE6/AP/Yub9LA0b1rvivDeiHW9tHtV7b/n4jmUA aP50hPFTCn7EEMsoKdC2pUv0eq5F+s8AmKyaE+SmxTgBbalrvm+T+lPib4bbEXjH iI9nHbnfzTSxiVbkVHp0p0/0urIgokTcrFBWbfIEnmOnGvI7OHI+KcPjqr3JBQeo A53+dL0NBRQ= =kx2R -----END PGP SIGNATURE----- --John Kelsey, Counterpane Systems, kelsey@counterpane.com PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36
At 5:03 PM -0700 11/5/97, Adam Back wrote:
John Kelsey <kelsey@plnet.net> writes:
Suppose there is some genetic disease that kills its victims on their 31st birthday, unless they get a $1,000,000 treatment first. Before I have taken the test for this disease, I have to accept a certain risk--if I find out I have the disease, I have to raise a million dollars in the next few months. After I have taken the test and gotten back the results, there's no more risk involved (assuming the test is perfect)--I either have the disease or I don't.
I want to say one more thing about the example John Kelsey cites here. That million dollar disease example is not too compelling to me. For starters, there are literally hundreds of millions of persons on the planet who are expected to die from various diseases or nutritional deficiencies for lack of, not a million dollar treatment, not a $100,000 treatment, not even a $1000 treatment... No, there are billions who will die early (in childhood, early youth, etc.) for want of treatments or supplements costing a few hundred dollars. Not that I support forcibly extorting money from those who have it to give to these wretches. Which means I can honestly tell the "million dollar disease" guy: "I hope you saved up a million dollars."
Before the test, though, insurance might be useful--I could essentially place a bet with someone that I had the disease--I pay $1, and get a million dollars back if my test comes back positive--just enough to pay for my treatment.
The insurance company would have no financial incentive to take on such risks -- I reckon they'd sooner let the wanna-be customer die. Nasty, but it's reality.
And underwriters do this all the time. That is, they fine-tune their estimates of risks and adjust premiums accordingly. If Joe Patient makes a bet on this million dollar disease, but won't let me see any test reports, or won't let me test him independently, I as an undewriter am going to make the assumption he knows something I don't know. And his premium is going to go way, way up. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
No, you die on your 30th birthday, when you ride the carrousel. The insurance plan would only work if there was a significantly less than one-in-a-million chance of having the disease. Otherwise, the cost will be more than one dollar. The rates would be lower if you buy your policy well in advance, since the disease never strikes before you are 30 - there's money to be made on holding your premium, and you jsut might die of something else before requiring treatment. As Tim pointed out, however, if you can be tested prior to obtaining the insurance, without admitting to it, you would not obtain the insurance unless the test showed that you had the disease. The price of the policy would therefore be $1,000,000 or so, with minor adjustments. -r.w. On Thu, 6 Nov 1997, Tim May wrote:
At 5:03 PM -0700 11/5/97, Adam Back wrote:
John Kelsey <kelsey@plnet.net> writes:
Suppose there is some genetic disease that kills its victims on their 31st birthday, unless they get a $1,000,000 treatment first. Before I have taken the test for this disease, I have to accept a certain risk--if I find out I have the disease, I have to raise a million dollars in the next few months. After I have taken the test and gotten back the results, there's no more risk involved (assuming the test is perfect)--I either have the disease or I don't.
I want to say one more thing about the example John Kelsey cites here.
That million dollar disease example is not too compelling to me. For starters, there are literally hundreds of millions of persons on the planet who are expected to die from various diseases or nutritional deficiencies for lack of, not a million dollar treatment, not a $100,000 treatment, not even a $1000 treatment...
No, there are billions who will die early (in childhood, early youth, etc.) for want of treatments or supplements costing a few hundred dollars.
Not that I support forcibly extorting money from those who have it to give to these wretches.
Which means I can honestly tell the "million dollar disease" guy: "I hope you saved up a million dollars."
Before the test, though, insurance might be useful--I could essentially place a bet with someone that I had the disease--I pay $1, and get a million dollars back if my test comes back positive--just enough to pay for my treatment.
The insurance company would have no financial incentive to take on such risks -- I reckon they'd sooner let the wanna-be customer die. Nasty, but it's reality.
And underwriters do this all the time. That is, they fine-tune their estimates of risks and adjust premiums accordingly.
If Joe Patient makes a bet on this million dollar disease, but won't let me see any test reports, or won't let me test him independently, I as an undewriter am going to make the assumption he knows something I don't know. And his premium is going to go way, way up.
--Tim May
The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
At 11:58 AM -0700 11/5/97, John Kelsey wrote:
I know. Let me make it clear that I am not at all interested in banning private testing, coercing insurance companies or anyone else into agreements they don't want to make, etc. I am saying it would be nice if I could buy insurance against the results of the tests before I took them. The problem is, I can't see a really workable way to do this, because there's no way to keep people from taking the test beforehand.
That's my point. Since there can be no way to determine if someone has had themselves tested, such "wouldn't it be nice" scenarios are meaningless. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
John Kelsey <kelsey@plnet.net> writes:
Suppose there is some genetic disease that kills its victims on their 31st birthday, unless they get a $1,000,000 treatment first. Before I have taken the test for this disease, I have to accept a certain risk--if I find out I have the disease, I have to raise a million dollars in the next few months. After I have taken the test and gotten back the results, there's no more risk involved (assuming the test is perfect)--I either have the disease or I don't.
The insurer can't determine whether you've taken the test. The insurer may insist on the test anyway or offer you unfavourable odds, basically assuming you have privately tested and found positive otherwise you wouldn't be refusing to have the test. (A variation of the `he must have something to hide' theme). Unless you can afford the premium for withholding this test, you're stuck.
Before the test, though, insurance might be useful--I could essentially place a bet with someone that I had the disease--I pay $1, and get a million dollars back if my test comes back positive--just enough to pay for my treatment.
The insurance company would have no financial incentive to take on such risks -- I reckon they'd sooner let the wanna-be customer die. Nasty, but it's reality.
The alternative is not pretty: banning private testing (how?) and forcing insurance companies to cover all applicants for all conditions at a fixed rate.
I know. Let me make it clear that I am not at all interested in banning private testing, coercing insurance companies or anyone else into agreements they don't want to make, etc. I am saying it would be nice if I could buy insurance against the results of the tests before I took them. The problem is, I can't see a really workable way to do this, because there's no way to keep people from taking the test beforehand.
I reckon your only option would be charity. If these $1,000,000 treatment 1:1,000,000 odds genetically testable diseases are rare (1:1mil is rare), perhaps a charity would be able to cover the costs. The increased choice in insurance would ensure cheaper medical care for all. A deregulated medical profession with third party rating services rather than top down government services should reduce prices dramatically also. Same for medical drugs, third party ratings. Buy your ratings service. And being a hard line anarcho capitalist, I draw the conclusion that if you can't afford to keep yourself alive, that is your problem. (Heartless ain't it:-) Aside from comments about evolution in action (perhaps I personally don't want to fund propogating these genetic defects, and that is my choice), my suggestion is that such cases would have to be met by charity. A charity could also refuse to help people who hadn't donated, if it chose. I bet it would work too, and a lot more efficiently than the government regulated setup now. Heck I might even donate to it, with the savings I'd make from the breakup of the medical cartel. (UK is as socialist as it comes with medicine, and your taxes reflect this.) Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Many insurance companies with Mutual in their name (Liberty Mutual is large in the Northeastern US) get that from being founded as mutual insurance companies, where you pay to be part of the mutual insurance group, and when you get sick, injured, etc, the group pays money towords your treatment. I think it broke down with increases in mobility. They were implicitly based on reputation capital, and were not highly fraud resistant. Adam's suggestion of a charity which only pays for the treatment of those who donate thus recreates an old system. Adam Adam Back wrote: | And being a hard line anarcho capitalist, I draw the conclusion that | if you can't afford to keep yourself alive, that is your problem. | (Heartless ain't it:-) Aside from comments about evolution in action | (perhaps I personally don't want to fund propogating these genetic | defects, and that is my choice), my suggestion is that such cases | would have to be met by charity. | | A charity could also refuse to help people who hadn't donated, if | it chose. -- "It is seldom that liberty of any kind is lost all at once." -Hume
Adam Shostack <adam@homeport.org> writes:
Many insurance companies with Mutual in their name (Liberty Mutual is large in the Northeastern US) get that from being founded as mutual insurance companies, where you pay to be part of the mutual insurance group, and when you get sick, injured, etc, the group pays money towords your treatment. I think it broke down with increases in mobility. They were implicitly based on reputation capital, and were not highly fraud resistant.
Adam's suggestion of a charity which only pays for the treatment of those who donate thus recreates an old system.
Saying that it would be a charity is just a statement of reality. There exist no methods to insure when there is a near certainty of a payout being required, as I think we all agree (Tim, Adam, Jon). To call it anything other than charity is misleading, so I am really just arguing for honesty in advertising. (Something socialists are not big on :-) An insurance company would probably find customers and hope to make a profit by offering a mutual fund, or charitable donation service. There would be an agreement as to who could claim, and what types of illness were covered, maximum payouts etc. Then the business would use the funds (minus it's profit margin) to pay for those treatments affordable within the current funds. This means that as funds may be limited that some people will go untreated, if their treatments are too expensive and funds are short. Efficient usage of funds is expected -- if it costs $1m to fix up some old guy to live for a couple more years as opposed to giving cheaper treatments to several younger people, well the old guy gets to die. This might seem heartless to socialist types, but this kind of decision gets made all the time by medics, who don't have unlimited funds even in socialist countries. In the UK some practices are funds holding, which means that they get to manage their own money, they get to decide which drugs to use, and who to give them to, and they get to use profits (or more correctly surplus government grants) in certain ways (equipment, etc). (Or they did, Labour were threatening to confiscate these surpluses). I talk to medics a bit, as I am into medical messaging security, and some of the people are bilingual medics and medical informatics people. Examples are drugs which are 3% more effective but cost 5x the price. These kinds of optimisation of available resources problems are all over the place in medicine, and doctors balance these within budgets. Another example is that doctors are able to tell smokers with lung cancer who refuse to stop smoking that they will not treat them. Or switch off life support machines if it looks pretty hopeless, and is costing a fortune to keep a half-alive person ticking over. The failure with mutual funds is that people will attempt to start donating once they realise they have some big medical bills coming (if only donators get payouts). To combat this the company might perhaps have a policy of not paying out within 5 years of the first donation. Then you'll have the counter attack of people re-selling proof of donation receipts. And then the company can counter that with a hash of DNA code mixed in to the donation receipt such that only with the patients consent can the receipt be used to link to him. The key point is the choice. Many companies, many choices, freedom to donate or not, or to stipulate terms of donation (eg., not to fund lung cancer treatment for smokers). It seems to me that people are on average more generous and charitable than socialists would have us believe also. For example a charity to support people who had no insurance, or hit the maximum payout on their insurance might get donations. Perhaps even enough donations that it would cover most cases. Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
participants (5)
-
Adam Back -
Adam Shostack -
John Kelsey -
Rabid Wombat -
Tim May