The Securities of Genetics Databases
By Afnan Haque
With the rise of DNA testing and advanced genetic engineering, more genetic information is being made available to private companies, public agencies, and individuals. This presents not only a great asset in the fields of research and medical care, but a security risk as well. What happens when the genetic information of millions of people gets hacked? What would be the consequences of such a security breach? What are the risks involved when more and more of our society becomes dependent on genetics?
Genetic testing companies such as Ancestry, 23andMe, and Veritas Genetics are providing consumers cheap and convenient options for learning about their genomes. However, the privacy risks of providing your genetic information to these companies are not well enough understood by most people. At the moment, there are not enough regulations or laws meant to oversee exactly what testing companies are allowed to do with your genetic data. Additionally, DNA databases, just like any other database, are not entirely immune from hacking, as shown by the breach by MyHeritage last year.
There is also the question of genetic data being distributed to law enforcement agencies. In such cases, suspects would be able to be narrowed down or even identified based on genetic information. This is a method that is actually currently done in criminal forensics and for solving cases. However, it is important to note that when your genetic data is being distributed to the police, FBI, or CIA, it also provides information about your family and distant relatives. Although testing companies would be expected to have the consumers’ best interests in mind when dealing with law enforcement inquiries. In the end, it may not even matter as the genetic information provided by your own family members can be cross-referenced and traced back to you. This was the situation in the case of the Golden State Killer, as the criminal was identified largely in part due to the fact that 24 of his relatives had participated in genetic testing by the genealogy company, GEDMatch.
It is not so far fetched to say that in the near future, people would be using their genome as a form of identity authentication just as we use passwords, credit cards, fingerprints, and social security numbers. However, the key difference is that our genome is something that stays with us forever, and is for the most part, irreversible. While the benefits may outweigh the drawbacks depending on who you ask, it is important for us a society to set clear limits on who, what, and how our genetic information can and should be used. Otherwise, a data breach, can spell serious disaster if DNA databases fall into the wrong hands.