Genetic privacy is an important subject in genomics, as the industry of genetic information grows, we have to wonder if genetic information is safe at the hands of companies, biobanks, and third parties. Anita Allen explains that privacy is divided in four categories: informational privacy, physical privacy, decisional privacy, and proprietary privacy. The category that genomic data falls under is informational privacy due to the nature of genomic data.1 Genetic privacy is an important topic as genetic information is sensitive and can disclose a lot about a person. Genomic data sharing raises issues about potential data breaches, unauthorized sharing, and discrimination. Companies that manage genetic information frequently use data protection tactics and enforce user rights. Furthermore, companies are regulated by groups that exist to hold these corporations accountable for their ethical use of genomic data. Understanding these components is important in recognizing the risks and benefits associated with genetic privacy. As advancements in genetic testing increase, the complexities of genetic privacy function as a protective measure and a possible barrier. There are ethical implications and legal frameworks surrounding genetic privacy, the balance between protecting individual autonomy and addressing the risks of data misuse should be emphasized.
To begin with, the science behind genetic testing and the tools used to gather genomic data. Genomic data science employs statistics and computational approaches to evaluate individuals’ genetic information. The National Human Genome Research Institute recognizes that managing genetic information entails significant ethical responsibilities, as each genomic dataset raises important concerns related to privacy and identity. They stated that the field of genomic research is rapidly growing as they can sequence more DNA, outpacing the ability to analyze it. 2 Genomic data is obtained from living organisms by genetic testing. According to the National Cancer Institute, genetic testing can be performed utilizing a variety of sources, such as body fluids, tissue samples, skin cells, or cells obtained from within the cheek. Only a small sample is need that is then analyzed by a laboratory.3 The types of genetic testing mentioned by the National Human Genome Research Institute (NHGRI) are diagnostic testing, predictive and pre-symptomatic testing, carrier testing, prenatal testing, newborn screening, pharmacogenomic testing, research genetic testing. These are used for specific purposes but ultimately their goal is to determine diseases through genomic data.4
Genetic testing is a technique that is being used for individualized therapy. It allows the discovery of mutations and disease predispositions based on an individual’s genetic information, paving the path for more personalized treatment methods. Genetic testing can have many benefits towards patients’ health as drawbacks. According to the NHGRI, genetic testing can be a relief as it eliminates doubt regarding their health. It also allows doctors to make more accurate diagnoses and determine ways to reduce the risk of developing a disease. They noted that there are a number of drawbacks, such as emotional and financial difficulties, but that there is little chance that genetic testing will have an adverse effect on one’s physical health.4
In recent times, it has become popular to share genomic data through companies in order to explore general ancestry backgrounds. For example, 23andMe or AncestryDNA you can send a saliva sample and have them analyze it in a lab, getting percentages of the user’s ancestry. Furthermore, the user has the option to get matched with a relative who also opted in their “DNA Relatives” feature, allowing the user to reach out and connect with them.6
The risks to genetic privacy and the ways that others may be able to access our genetic data raises concerns within the field of genomic data. Some of the risks that come with genetic sharing are unauthorized sharing, data breaches, and discrimination. According to eLife, consumers share their genetic data with companies to compare it against other genomes in their databases, allowing for the identification of similar genetic segments. Carmi explains that if both segments are highly similar, it suggests there may be a relationship between the individual and a genome in the database.7Carmi claims that one user’s ability to collect genomic data from another user without that user’s agreement is a major problem with exchanging genetic information. The author gives an example where a corporation may reveal the regions where a user’s genetic information coincides with that of another user. Thus, data regarding the second user is made available to the original user.7The major problem identified by this paper is that users could upload genomes that are in public databases and obtain information of a specific person. A study performed at UC Davis by researchers Michael Edge and Graham Coop, using 900 public genomes used to reveal a person’s genetic information, showing that it revealed 60% of the genetic information of a person in Europe.7In this case, the user receives very little information regarding their genetic match. However, this information might be misused by someone looking to obtain genetic information for personal gain, by using databases they might obtain a sizable amount of genetic information about another individual. Carmi states that companies should eliminate this risk by stop sharing the matching DNA segments of their clients.7Costumers of genetic testing may also be at risk of data breaches by thinking their anonymous genetic information is safe at the hand of companies, however they can be linked back to their personal profiles.
Similarly, Hayden talks about a study done by computational biologist Yaniv Erlich in which they were able to compare publicly available data to match individual identities. Erlich used a computer program to trace anonymous genomic data back to its original owner. Using particular biomarkers from the anonymized data, he linked it to a name by comparing it to publicly accessible genealogical databases.11Erlich used a project in which the donor’s identity eventually became public. Using a public genealogy database and Y chromosome analysis, he was able to correlate the genetic data with certain surnames and, as a result, establish a connection between the place and age reported in the study. In the end, this procedure brought him back to the known donor.11 Erlich shows how he could potentially do the same for other studies where genetic information is said to be anonymous but could be revealed through internet searches. An individual may be exposed to a variety of risks if their name is made public during a study, like health or employment discrimination, stigmatization, emotional distress, loss of privacy, etc. These kinds of investigations are essential because they show that genetic privacy claims are not totally trustworthy. They stress that businesses should exercise caution while claiming to be able to safeguard the genetic information of their customers.
It is important to note that genomic data science is a relatively new field, with the Human Genome Project being completed in 2003 after 13 years of work. In the present era, genetic information can be obtained in a couple days or hours. Therefore, at home genetic kits have become popular obtaining results in a few weeks. Companies promise to keep their consumers information private allowing them to choose what information can become public to other users. For example, 23andMe gives customers the choice to consent to the use of their data, including genetic information, for research. According to the corporation, this genetic data is pooled with similar data from other users and anonymized. Furthermore, individuals have the option to withdraw their agreement at any moment; nonetheless, 23andMe cautions that there exists a slight possibility of unapproved access to genetic data.13
Hara gives a description on how to improve the security of genetic data by using a dual coding scheme for personal information and sample, anonymizing the data. Following a year of anonymization of the participants’ genetic data, Hara came to the conclusion that the double coding process adequately guaranteed anonymity.14Hara makes a final statement in their paper “…it is no exaggeration to say that the security of privacy depends not just on the anonymizing procedure but also on the ethics of researchers and how carefully they handle specimens and genetic data.”.14
There are regulatory corporations that ensure ethical privacy is uphold in these companies, The National Human Genome Research Institute claims that patient privacy is protected by federal laws such as Health Insurance Portability and Accountability Act (HIPPA). (NHGRI, 2024).16“Several federal agencies regulate genetic tests: the Food and Drug Administration (FDA), the Centers for Medicare and Medicaid Services (CMS), and the Federal Trade Commission (FTC).”16 These agencies work towards protecting the genetic information and quality of genetic test. Three main standards—analytical validity, clinical validity, and clinical utility—are used to regulate genetic tests.16 The agency that works towards prevention of the misuse of genetic information is The Federal Trade Commission (FTC). “The FTC’s primary mission is to enforce Section 5 of the FTC Act, which prohibits unfair or deceptive trade practices.”19 This entity ensures that businesses that provide genetic testing don’t mislead their clients about how their genetic data is being used. Sharing your genetic data can lead to advancement in research and there are organizations in place ensuring your genetic privacy. Research using genomic data improves our knowledge of particular populations and their genetic makeup. In line with Hara, we ought to work toward guaranteeing the security of genetic data while simultaneously utilizing it responsibly and adhering to ethical principles.
Finally, there are numerous ethical and legal implications surrounding genetic privacy. Nations across the globe are passing new laws to protect the privacy rights of customers. Joly talks about the Genetic Information Nondiscrimination Act of 2008 (GINA), a US law intended to protect people against discrimination in insurance and work situations due to genetic information.20 This paper states that there are particular cases of genetic discrimination. However, larger-scale analysis makes it more difficult to pinpoint discriminatory practices. The majority of the evidence relates to a small number of well-known genetic diseases, and statistical analysis is made more difficult by the diversity of the data. Furthermore, the low number of documented occurrences of genetic discrimination raises the possibility that they are outliers rather than representative of a larger pattern.20 In other nations like the UK, they also have legislation in place to protect citizens genetic information. The “Concordat and Moratorium on Genetics and Insurance,” created in the UK by the Association of British Insurers, forbids insurers from asking applicants about their genetic information.20 There is insufficient evidence to support the notion that insurers are exploiting genetic information against their clients, suggesting that concerns about genetic privacy in this area not pressing. Nevertheless, laws have been passed in response to new issues and concerns as the area of genomic data sharing continues to grow.
For example, such is the case of a man in Iceland where they had presumed consent in the nation’s Health Sector Database was challenged by the Supreme Court of Iceland with regards to a deceased man’s medical records.23 The study looks at genetic sharing and genetic privacy within the last ten years. Knoppers observes that the significance of genetic privacy has grown, especially in the aftermath of scandals like the Cambridge Analytica incident and the Snowden revelations that have sparked debates over private rights. The author argues that whereas some see worries about genetic privacy as being comparable to other moral or legal matters, others stress the importance of people keeping control over their genetic information. Furthermore, Knoppers draws attention to how the emergence of big data makes it possible for people’s information to be classified in ways they may not be aware of, which raises questions about the individualistic focus of privacy law.23
In conclusion, as the field of genomics grows and develops, genetic privacy become a more pressing issue. As discussed, genetic privacy is concerned with informational privacy, which relates to genomic data. While there are companies that are committed to protect this data and entities that are holding them accountable, risks still remain including unauthorized sharing, data breaches and discrimination. Genetic testing presents ethical and legal issues that need to be carefully considered as it becomes more widely available and integrated into personal health initiatives. The future of genetic privacy will ultimately depend on how technology advances, moral obligations, and how legislation upholds with the passing of time. In an effort to protect genomic data, there as to exist a collaborative environment between companies, protecting entities, consumers, and policymakers to create a safe space for genomic data. Building trust and assuring the ethical treatment of genomic data will rely on cultivating a culture of transparency, consent, and responsibility as we navigate this new field of genomic data.
- Ellen Wright Clayton et al., “The Law of Genetic Privacy: Applications, Implications, and Limitations.” Journal of Law and the Biosciences, Volume 6, Issue 1, October 2019, Pages 1–36. https://doi.org/10.1093/jlb/lsz007. ↵
- National Human Genome Research Institute. “Genomic Data Science Fact Sheet.” April 5, 2022. https://www.genome.gov/about-genomics/fact-sheets/Genomic-Data-Science. ↵
- National Cancer Institute. “Privacy in Genomics.” 2024. Genome.gov. Accessed October 6, 2024. https://www.genome.gov/about-genomics/policy-issues/Privacy. ↵
- National Human Genome Research Institute “Genetic Testing FAQ.” 2019. February 2019. https://www.genome.gov/FAQ/Genetic-Testing. ↵
- National Human Genome Research Institute “Genetic Testing FAQ.” 2019. February 2019. https://www.genome.gov/FAQ/Genetic-Testing. ↵
- 23andMe “DNA Relatives: The Genetic Relative Basics” Accessed October 24th, 2024. https://customercare.23andme.com/hc/en-us/articles/115004659068-DNA-Relatives-The-Genetic-Relative-Basics ↵
- Carmi S. “The challenges of maintaining genetic privacy”. Elife. 2020 Jan 7;9:e54467. doi: 10.7554/eLife.54467. PMID: 31908269; PMCID: PMC6946563. ↵
- Carmi S. “The challenges of maintaining genetic privacy”. Elife. 2020 Jan 7;9:e54467. doi: 10.7554/eLife.54467. PMID: 31908269; PMCID: PMC6946563. ↵
- Carmi S. “The challenges of maintaining genetic privacy”. Elife. 2020 Jan 7;9:e54467. doi: 10.7554/eLife.54467. PMID: 31908269; PMCID: PMC6946563. ↵
- Carmi S. “The challenges of maintaining genetic privacy”. Elife. 2020 Jan 7;9:e54467. doi: 10.7554/eLife.54467. PMID: 31908269; PMCID: PMC6946563. ↵
- Hayden EC. Privacy protections: The genome hacker. Nature. May 2013 9;497(7448):172-4. doi: 10.1038/497172a. PMID: 23657330. ↵
- Hayden EC. Privacy protections: The genome hacker. Nature. May 2013 9;497(7448):172-4. doi: 10.1038/497172a. PMID: 23657330. ↵
- 23andMe. “DNA Genetic Testing & Analysis.” Accessed October 6th, 2024. https://www.23andme.com/about/consent/ ↵
- Hara, Kazuo, et al. “Establishment of a Method of Anonymization of DNA Samples in Genetic Research.” Nature News, May 15, 2003. https://www.nature.com/articles/jhg200357#citeas. ↵
- Hara, Kazuo, et al. “Establishment of a Method of Anonymization of DNA Samples in Genetic Research.” Nature News, May 15, 2003. https://www.nature.com/articles/jhg200357#citeas. ↵
- National Human Genome Research Institute “Regulation of Genetic Tests” February 19, 2024. https://www.genome.gov/about-genomics/policy-issues/Regulation-of-Genetic-Tests ↵
- National Human Genome Research Institute “Regulation of Genetic Tests” February 19, 2024. https://www.genome.gov/about-genomics/policy-issues/Regulation-of-Genetic-Tests ↵
- National Human Genome Research Institute “Regulation of Genetic Tests” February 19, 2024. https://www.genome.gov/about-genomics/policy-issues/Regulation-of-Genetic-Tests ↵
- National Human Genome Research Institute “Regulation of Genetic Tests” February 19, 2024. https://www.genome.gov/about-genomics/policy-issues/Regulation-of-Genetic-Tests ↵
- Joly Y, Ngueng Feze I, Simard J. “Genetic Discrimination and Life Insurance: A Systematic Review of the Evidence.” BMC Medicine, January 31, 2013; 11:25. doi: 10.1186/1741-7015-11-25. PMID: 23369270; PMCID: PMC3606414. ↵
- Joly Y, Ngueng Feze I, Simard J. “Genetic Discrimination and Life Insurance: A Systematic Review of the Evidence.” BMC Medicine, January 31, 2013; 11:25. doi: 10.1186/1741-7015-11-25. PMID: 23369270; PMCID: PMC3606414. ↵
- Joly Y, Ngueng Feze I, Simard J. “Genetic Discrimination and Life Insurance: A Systematic Review of the Evidence.” BMC Medicine, January 31, 2013; 11:25. doi: 10.1186/1741-7015-11-25. PMID: 23369270; PMCID: PMC3606414. ↵
- Knoppers BM, Beauvais MJS. “Three Decades of Genetic Privacy: A Metaphoric Journey.” Human Molecular Genetics, October 1, 2021; 30(R2). doi: 10.1093/hmg/ddab164. PMID: 34155499; PMCID: PMC8490012. ↵
- Knoppers BM, Beauvais MJS. “Three Decades of Genetic Privacy: A Metaphoric Journey.” Human Molecular Genetics, October 1, 2021; 30(R2). doi: 10.1093/hmg/ddab164. PMID: 34155499; PMCID: PMC8490012. ↵