As I opened Facebook a few weeks ago, I got a notification that I was one of the 87 million users whose personal data was accessed by Cambridge Analytica, a political data firm hired by Donald Trump’s 2016 election campaign. Apparently, a Facebook friend had used an app that obtained my information as well.
At the time, I was looking into genetic testing companies and a friend asked me what would happen if a similar scandal happened with DNA information. It would not be good. And on some level, it’s happening already.
To figure out the identity of the Golden State Killer, detectives took DNA from a crime scene and uploaded it to the genealogy website, GEDmatch. There, they found similar DNA that narrowed their search down to a specific family which ultimately helped them apprehend the killer.
With the advent of genetic tests that companies like 23andMe and AncestryDNA use, more people are screening their DNA to find out their family trees, carrier status and genetic traits and wellness. While 23andMe said that they have never given out genetic data and AncestryDNA said it hasn’t in the past three years, they could be required to if given a court order.
More pressing than that, humans generally suck at coming up with passwords. So no matter how well these companies protect information, anyone who could crack your password could get your information. And if you share your information on different websites, the data becomes more accessible.
Like the Cambridge Analytica scandal, this information doesn’t just affect the person who was hacked or inappropriately accessed. We share about 50 percent of our DNA with each parent and our siblings and children. That means that if I, God forbid, am a carrier for something, there’s a 50 percent chance my brother is too. So once my information is out there, his genetic privacy is at risk as well.
Also, while health insurance companies cannot deny coverage for those with genetic mutations according to the Genetic Information Nondiscrimination Act (GINA), life insurance companies, disability insurance and long-term care can.
What frightens me the most about this is that, as an Orthodox Ashkenazi Jew, it is standard practice to take a genetic test before getting married. There are a host of genetic diseases carried by members of the community, and so it is common to check that a couple is a genetic match (i.e. that we aren’t both carriers for a disease) before getting married.
Once my genetic code is out there, how can I be sure it will be safe? These kinds of tests will revolutionize healthcare. But there is far too little regulation out there. Genetic information is the most private and important information about a person. There must be strict laws and protections implemented to guard the privacy of all who take advantage of it.
A bit obsessed with this, I watched videos and read articles about safety and privacy. With any service, make sure you actually read the terms of service. This is your genetic information, not an iTunes account. Most of the mainstream genetic screening companies have ways to delete your data and request that your spit samples be discarded. They still have to keep the data for 10 years for regulatory purposes. And please have a strong password guarding your information.
It’s scary to realize that we will likely live to see a DNA company hacked. It’s up to us and companies and the government to protect your information.