Use for spam?
I can't believe no one's pointed this out yet, but think of the possibilities for spam. Let's face it, Google's servers aren't exactly uncrackable (is any computer, unless it's hard powered off?), so there *will* be data theft at some point.
Now let's think about it logically. People's medical records on Google's servers. Medical records including erectile dysfunction and breast augmentation, probably with email addresses, too, but tied into Gmail so you can get their email address once you're in anyway. This is a spammer's goldmine. Imagine capturing that data for actual targeted spamming instead of random spamming.
And, quite frankly, I imagine it won't just be spammers in the end. I fully expect that Google itself will punt ED and breast enlargement advertisements to people based on their medical records. Oh, sure, they'll say it's not them, it's their advertisers, and they had no idea. And the naive and Google-trusting people will believe it.
As for Pete "I couldn't be more in favour of it", I'm sure you feel that way now. How will you feel once Google shares your medical records to send you advertisements? What about when they share your medical records with "research" organizations who find that you include the "violence" gene and you're locked up to preemptively protect society? Or when that "research" organization links one of your genes to cancer and your insurance won't cover it if you develop cancer because it's a "pre-existing condition"?
Google won't do it, because they "do no evil"? Keep telling yourself that.
Go ahead and call me paranoid. But as they say, just because you're paranoid doesn't mean it's not true. I can't believe some people are actually stupid enough to even consider placing important personal information in the hands of the largest advertising broker on the planet, especially when this broker is under no obligation to protect your information. They could get everyone to sign up for this and upload their medical records, then share those records with the world. What's the worse that'll happen? Since there's no law against it, they may get a stern "please don't do that again".
I'm not naive enough to think my personal data is somehow private or protected, or that organizations can't get it through various means. But that doesn't mean I'm willing to hand it over myself.