Psst -- Wanna see some DNA?

  • by: Peter Pitts |
  • 02/16/2017
Via Forbes

The Privacy Delusions Of Genetic Testing
BY: Peter Pitts

Mr. Pitts, a former FDA associate commissioner, is president of the Center for Medicine in the Public Interest.


Genetic testing promises a revolution in healthcare. With just a few swabs of saliva, diagnostics can provide an unprecedented look into a person’s family history and potential health risks. Within a decade, global sales of genetic tests are expected to hit $10 billion. Direct-to-consumer companies such as 23andMe and Genos have proven particularly popular, with tens of thousands of people purchasing at-home testing kits every year.

But the industry’s rapid growth rests on a dangerous delusion: that genetic data is kept private. Most people assume this sensitive information simply sits in a secure database, protected from hacks and misuse.

Far from it. Genetic-testing companies cannot guarantee privacy. And many are actively selling user data to outside parties.

The problem starts with the Health Insurance Portability and Accountability Act (HIPAA), a 1996 federal law that allows medical companies to share and sell patient data if it has been “anonymized,” or scrubbed of any obvious identifying characteristics.

In 2013, 23andMe CEO Anne Wojcicki speaks at an announcement for the Breakthrough Prize in Life Sciences on UCSF’s Mission Bay. In 2015 the Google-backed genetic testing company pledged to reintroduce some health-screening tools that regulators had forced off the market, due to concerns about accuracy and interpretation.

The Portability Act was passed when genetic testing was just a distant dream on the horizon of personalized medicine. But today, that loophole has proven to be a cash cow. For instance, 23andMe has sold access to its database to at least 13 outside pharmaceutical firms. One buyer, Genentech, ponied up a cool $10 million for the genetic profiles of people suffering from Parkinson’s. AncestryDNA, another popular personal genetics company, recently announced a lucrative data-sharing partnership with the biotech company Calico.

Customers are wrong to think their information is safely locked away. It’s not; it’s getting sold far and wide. Many testing firms that generally don’t sell patient information, such as Ambry and Invitae, give it away to public databases. Such transfers, as privacy consultant Bob Gellman puts it, leave a “big gap in protections.” Hacks are inevitable. Easily accessible, public genetic depositories are obvious targets.

If genetic data does fall into the hands of nefarious actors, it’s relatively easy for them to de-anonymize it. New lab techniques can unearth genetic markers tied to specific, physical traits, such as eye or hair color. Sleuths can then cross-reference those traits against publicly available demographic data to identify the donors.

Using this process, one MIT scientist was able to identify the people behind five supposedly anonymous genetic samples randomly selected from a public research database. It took him less than a day. Likewise, a Harvard Medical School professor dug up the identities of over 80% of the samples housed in his school’s genetic database. Privacy protections can be broken. Indeed, no less than Linda Avey, a cofounder of 23andMe, has explicitly admitted that “it’s a fallacy to think that genomic data can be fully anonymized.”

Once genetic data has been linked to a specific person, the potential for abuse is vast and frightening. Imagine a political campaign exposing a rival’s elevated risk of Alzheimer’s. Or an employer refusing to hire someone because autism runs in her family. Imagine a world where people can have their biology held against them. Such abuses represent a profound violation of privacy. That’s the risk inherent in current genetic-testing practices.

For their part, direct-to-consumer testing companies have been less than forthright about these dangers, usually burying privacy disclaimers deep in their contracts and refusing to disclose how long they keep customer data or how it can be used.

23andMe customers have to wade through pages of fine print before finding out that their information may be “shared with research partners, including commercial partners.” AncestryDNA’s contract claims a “perpetual, royalty-free, worldwide, transferable license to use your DNA.” New research published in the journal Nature found that genetic-testing companies frequently fail to meet even basic international transparency standards.

Genetic testing has tremendous benefits. We are provided a closer look at our own biology. Medical researchers develop a deeper understanding of the origins of disease and can create powerful new treatments. But today, far too many donors are operating under a false sense of security, handling profoundly intimate data without appropriate protections.
CMPI

Center for Medicine in the Public Interest is a nonprofit, non-partisan organization promoting innovative solutions that advance medical progress, reduce health disparities, extend life and make health care more affordable, preventive and patient-centered. CMPI also provides the public, policymakers and the media a reliable source of independent scientific analysis on issues ranging from personalized medicine, food and drug safety, health care reform and comparative effectiveness.

Blog Roll

Alliance for Patient Access Alternative Health Practice
AHRP
Better Health
BigGovHealth
Biotech Blog
BrandweekNRX
CA Medicine man
Cafe Pharma
Campaign for Modern Medicines
Carlat Psychiatry Blog
Clinical Psychology and Psychiatry: A Closer Look
Conservative's Forum
Club For Growth
CNEhealth.org
Diabetes Mine
Disruptive Women
Doctors For Patient Care
Dr. Gov
Drug Channels
DTC Perspectives
eDrugSearch
Envisioning 2.0
EyeOnFDA
FDA Law Blog
Fierce Pharma
fightingdiseases.org
Fresh Air Fund
Furious Seasons
Gooznews
Gel Health News
Hands Off My Health
Health Business Blog
Health Care BS
Health Care for All
Healthy Skepticism
Hooked: Ethics, Medicine, and Pharma
Hugh Hewitt
IgniteBlog
In the Pipeline
In Vivo
Instapundit
Internet Drug News
Jaz'd Healthcare
Jaz'd Pharmaceutical Industry
Jim Edwards' NRx
Kaus Files
KevinMD
Laffer Health Care Report
Little Green Footballs
Med Buzz
Media Research Center
Medrants
More than Medicine
National Review
Neuroethics & Law
Newsbusters
Nurses For Reform
Nurses For Reform Blog
Opinion Journal
Orange Book
PAL
Peter Rost
Pharm Aid
Pharma Blog Review
Pharma Blogsphere
Pharma Marketing Blog
Pharmablogger
Pharmacology Corner
Pharmagossip
Pharmamotion
Pharmalot
Pharmaceutical Business Review
Piper Report
Polipundit
Powerline
Prescription for a Cure
Public Plan Facts
Quackwatch
Real Clear Politics
Remedyhealthcare
Shark Report
Shearlings Got Plowed
StateHouseCall.org
Taking Back America
Terra Sigillata
The Cycle
The Catalyst
The Lonely Conservative
TortsProf
Town Hall
Washington Monthly
World of DTC Marketing
WSJ Health Blog