how can genetics help to predict diseases

DNA Testing Companies Launch A New Privacy Coalition

Three DNA testing companies -23andMe, Ancestry, and Helix- have come together to form the Coalition for Genetic Data Protection (CGDP). The alliance’s purpose is to set best practices regarding the handling of DNA information ostensibly.

It’s also meant to coordinate lobbying efforts in Washington at a time when Congress’ scrutiny of the industry is intensifying. The coalition is run by Mehlman Castagnetti Rosen & Thomas, a prominent Washington DC lobbying firm.

Its objective is to guide lawmakers in Washington on privacy regulations meant for an industry that’s currently enjoying substantial growth.


The coalition’s take on data privacy

Interesting Facts About DNA

DNA testing companies claim their services give users a better understanding of their genealogy, health, and general wellness. Most of them use the ancestry angle when advertising because it appeals to users’ emotions.

A vast portion of DTC kit buyers submits their samples because they’re curious about their genealogy. 23andMe has an additional service that gives you a health report based on your genetic profile.

According to CGDP’s website, it was formed around three major principles:

  • Best practices for all members

The coalition insists it ethically handles users’ genetic data, following best practices outlined in a July 2018 whitepaper. It also asks for the future members of the alliance will be expected to adhere to these stipulations.

These practices include completed transparency on genetic data collection and use, data sharing with third parties, and an overview of the basics, benefits, and risks associated with genetic testing.

The whitepaper pledges to provide further access to consumers regarding their genetic data, as well as invest in strong data security. It also urges members to have restrictions on marketing that’s based on genetic data.

  • Effective advocacy

It seeks a uniform federal policy on matters touching on genetic data privacy. Steve Haro, a principal at Mehlman Castagnetti Rosen & Thomas and executive director of CGDP, expects these regulations to be no different from those imposed on tech companies like Google and Facebook.

  • Enhanced transparency

CGDP pledges to cooperate with the government and other stakeholders in drafting privacy and security requirements regarding genetic data protection.

Although these principles look good at face value, skeptics say more needs to be done to regulate DNA testing companies.


Common privacy concerns

23andMe, FTDNA and AncestryDNA, the three best DNA tests, all allow you to delete your DNA data

Critics argue that self-regulation is not a viable concept. They give examples of tech giants such as Facebook and Google, who regularly come under fire for their privacy practices.

Another issue concerns data breaches, which affect even the most advanced tech giants. What would happen if hackers publicly released millions of users’ DNA profiles? As opposed to other online accounts, your genetic data uniquely identifies you.

If placed in the wrong hands, this information could put consumers in a difficult position. In 2017, Israel-based ancestry company MyHeritage discovered a breach when up to 92 million user account details were found on a private server.

The data contained user emails and passwords. Although no actual genetic data was leaked, the incident reinforced widely held misgivings about data privacy.

For a long time, a debate has raged over whether DNA testing companies should share user data with other parties. These include pharmaceuticals, researchers, insurance companies, and law enforcers.

23andMe’s partnership with GlaxoSmithKline is an excellent example of a private company profiting from its users’ data.

The matter came to a head when the Golden State Killer was captured. Investigators used free online DNA database GEDMatch to identify the suspect. Even though his profile hadn’t been uploaded to the site, his relatives’ DNA was still good enough to pinpoint him.


Congress and genetic laws

The Genetic Information Nondiscrimination Act (GINA) of 2008 bars discrimination based on one’s genetic profile. That means insurance companies can’t deny you coverage because you’re predisposed to suffer from certain illnesses.

It also forbids employers from making hiring and firing decisions based on the same. More than 26 million customers have already sent their DNA to companies such as Ancestry, FamilyTree DNA, and 23AndMe. This puts them at risk of discrimination should third parties gain access to their profiles.

Some observers also claim DNA testing is a form of medical service. As such, companies should comply with the Health Insurance Portability and Accountability Act (HIPAA).

Others have called for a law similar to Europe’s GDPR (General Data Protection Regulation) to regulate how user data is collected, processed, and utilized. Some states have also passed their genetic privacy laws. These include Alabama, California, Florida, and Georgia.


Conclusion

DNA privacy

By launching CGDP, DNA testing companies seem to have pre-empted tougher regulations for the booming industry. Though they’re seeking similar treatment to other data collecting companies, the reality is that DNA databases are remarkably unique.

Only time will tell whether all the stakeholders will come to a reasonable understanding. In the meantime, consumers must put their faith in the industry’s self-regulation attempts.


 

About the Author Charles M.

Leave a Comment: