News

Genetic testing is leaking your privacy?

Genetic testing is leaking your privacy? Is the law sufficient to protect genetic privacy?

In the arrest of the notorious serial murder suspect “Golden State Killer” (also known as Golden State of California), the open source website GEDmatch contributed a lot.

This website has a genetic database containing about 17 million data voluntarily provided by individuals. The database is free and open to everyone. People can upload their own genetic information, use databases for comparison, find biological relatives, or make detailed family pedigrees.

ABC reported that the “Golden State Killer” killed 12 people in California from 1974 to 1986, raped at least 50 women, and burgled more than a hundred times. He left DNA evidence in many places, but he was always “no such person” in the police database.

In 2017, on the GEDmatch website, the police first used the DNA left by the suspect to match his “probable” great-grandparents in more than 1 million samples, and then narrowed it down to only 9 possible suspects. Then, through a “possible suspect”, traced back to a close relative. After genetic testing, it was found that he was the third representative of the suspect.

In April 2018, the number of possible suspects was reduced to six. Due to DNA data suggesting an important feature “blue eyes”, the police targeted a major suspected target: Joseph James DeAngelo (Joseph James DeAngelo).

After the police quickly arrested DiAngelo, they took DNA samples again. After testing, it was found to be consistent with the samples left at the crime scene in the past.

Genetic testing is leaking your privacy?
On April 24, 2018, Joseph James DeAngelo (center), who had been at large for 45 years, was arrested. /ABC

The GEDmatch website gained fame as a result. Its co-founder, Curtis Rogers, said that suspects usually don’t put their DNA in GEDMatch. The police may first find hundreds or even thousands of “distant houses” that share certain DNA with the suspect. relative”. Scientists calculate that GEDmatch only needs to collect data from 3 million people to help American researchers find the source of almost all anonymous DNA.

In July 2020, the GEDmatch website stated that its server was “complex attack” by unknown persons for 3 hours, during which the information of millions of users of the website was leaked.

After the incident, some commented that “this is a very dangerous privacy leak.” “Human genetic information has rules to follow. Studies have shown that as long as the genetic information of 2% of the world’s population is obtained, the remaining 98% can be derived. .” BuzzFeed News commented.

“The new algorithm can restore the skin and pupil color, even the tone, tone, and volume of the subject’s skin and pupils by analyzing the individual’s genome information.” In 2017, Craig Venter, a member of the American Academy of Sciences, wrote in ” The Proceedings of the National Academy of Sciences of the United States stated that the research was initiated to prove that the individual’s genome information recorded everything about the individual. Based on this, when genetic data and pathological data are superimposed, it is very easy to match a specific individual. “We need to think about a question: Does the law protect gene privacy adequately?”

Explosive markets vs unsolved privacy issues

Regarding genetic testing, the most widely spread and “industry signature” case is the Hollywood star Angelina Jolie. In 2013, she announced that she had undergone bilateral mastectomy and breast reconstruction surgery. The reason is that she has a family history of breast cancer, and both her mother and grandmother died of cancer. At the same time, genetic testing revealed that it carries BRCA1/BRCA2 mutations. Based on this calculation, she has an 87% chance of getting breast cancer and a 50% chance of getting ovarian cancer.

When the news was first reported by the “New York Times”, it was only five years after the launch of consumer-grade genetic testing (DTC) products by American genetic testing companies such as 23andMe and FamilyTreeDNA. According to Fortune, in 2017, the European and American DTC markets “entered a period of rapid growth,” and the number of test groups sold that year was higher than the total sales in the past.

Compared with the United States, the Chinese DTC market started in 2015. However, because of the large population, large scale and volume, the industry is developing rapidly and competition is fierce. According to the “Analysis of the Development Status of China’s Consumer Genetic Testing Industry in 2020”, as of 2019, the number of DTC users in some countries is close to 2.207 million, and the penetration rate in first-tier and new first-tier cities is about 1.1%.

However, when related companies burned a lot of money and raced to encircle the land, some people also smelled a hint of danger.

In 2019, Bloomberg senior reporter K. Oanh Ha used saliva to test genes in China and the United States each. After receiving the analysis report, K. Oanh Ha raised questions about the accuracy of the data. She also asked a question: “How safe is my data? Who else knows this result besides me?”

The testing agency she chose in the United States, 23andMe, responded: “Unless there is a legal and valid request, such as a search warrant or a written court order, customer data will not be shared with law enforcement agencies.”

But Art Kaplan, a professor of bioethics at New York University in the United States, told K. Oanh Ha that most countries, including the United States, have weak privacy protections for genetic information. “No one can pat his chest and say, he/she can protect you.”

This may be related to data protection methods. DTC’s privacy protection for users is roughly the same. Encrypt data, separate genetic data and user information. The user can choose to destroy the data.

But this does not prevent leakage. In June 2018, the 92.3 million user data of Israeli genetic testing company Myheritage was found to be stored on a private server outside the company. The company insists that there is no sign of being hacked. The reason for the data leakage is still unknown.

Genetic discrimination and theft

The “DNA Nation: How Genetic Testing and Gene Networks Change Your Life” published in 2020 mentioned a Harvard University survey: 92% of Americans are unwilling to disclose genetic data. “A lot of genes are related to IQ, body shape, etc. Once leaked, the information of future generations may be disclosed. This may lead to genetic discrimination.”

The “Journal of Law, Medicine and Ethics” published an article in 2000 that 34% of the 2167 insurance applicants surveyed with a certain genetic defect encountered problems when applying for insurance. Among them, 48.17% were refused insurance coverage, 41.16% were charged high premiums, 41.12% were required to undergo unnecessary medical examinations, and 28.15% encountered other problems. Among insurance applicants who have not undergone genetic testing, the relevant proportions have dropped significantly.

“For those with bad genes, insurance companies will increase premiums substantially, making them unable to pay, or simply refuse to cover them in order to reduce the probability of future compensation. This is discrimination based on genetic information.” The article concluded.

This discrimination may also be reflected in the recruitment process. In 2001, the United States Fair Employment Opportunity Commission took the Northern Santa Fe Railway Company to court and demanded that the company stop testing its employees for genetic defects. This is the first legal dispute in the United States related to genetic privacy and genetic discrimination in the workplace.

Fearing that genetic information would be misused by commercial companies and cause discrimination, Belgium first introduced non-gene discriminatory pricing regulations in 1990. In November 2010, the US “Genetic Information Nondiscrimination Act” (Genetic Information Nondiscrimination Act) came into effect. The law stipulates that medical insurance companies shall not use genetic information to set insurance rates or refuse to apply for insurance. In addition, out of fear that some people with poor health, who are prone to injury or who are more likely to suffer from certain diseases will suffer “gene discrimination” and not be hired, many states in the United States have passed bills prohibiting the use of genetic testing to make decisions when hiring people.

“The occurrence and development of diseases are the result of a combination of multiple susceptible mutations and environmental factors. Take health risk detection as an example. Some companies directly use foreign databases, or the sample size of their own databases is small, which will reduce the interpretation of sequencing results. Pertinence. The judgment of the disease should still be based on the diagnosis of the clinician.” Chang Shan said.

“Associated with discrimination is gene theft.” Nicolle K. Strand, senior policy and research analyst at the US President’s Committee on Bioethics Issues, pointed out that celebrities, politicians and other members of the public The characters are obviously high-risk targets of “gene theft”, and the disclosure of their genetic information may damage their public position and reputation. He also said that the risk of “gene theft” is not limited to big people, but ordinary people are the same.

Part of the reason is that large-scale genetic data has great commercial value.

Helix, a DTC company founded in 2015, has a “wine preference test” based on TAS2R38 genetic research. “The TAS2R38 gene is a kind of’bitter receptor’, and carriers are particularly sensitive to bitterness. After the gene is detected, the user’s taste characteristics can be inferred, and sweet wines matching its DNA can be recommended.” The company’s product announcement said.

Global advertising agency Havas (Havas) analyzed that the point of DTC’s delivery of goods to impress consumers is “completely personalized” and “simplified purchasing decision.” In 2019, the company was commissioned by the Australian government to conduct a survey and found that nearly 49% of the respondents were “interested” in accepting “marketing information” based on the results of DNA testing, believing that recommendations were more accurate. Among them, 19% of respondents want to receive health insurance products that best match their DNA.

“But if someone knows your genetic information, understands which drugs you are sensitive to and addictive, and recommends such products to you? Who should be responsible for the social problems caused by this?” “DNA Nation: Genetic Testing and Genetics” How the Internet Changed Your Life” wrote.

Chang Shan said, don’t expose your genetic weakness. “Because of the existence of special genes, we may be more susceptible to certain diseases. This is our innate weakness. If the genome is used by people, it may also affect our personal safety.”

Absent supervision

Every time a tour is held, the superstar Madonna will bring a large work team, including makeup artists, personal chefs, acupuncturists, and a DNA cleanup team.

“They disinfect the locker room every day. Anything carrying Madonna’s DNA such as hair, dander, nails, etc. will be removed.” During the “MDNA Global Tour” in 2011, Madonna’s publicity manager Alvaro Ramos (Alvaro Ramos) told the media.

Madonna’s strict defenses failed to prevent DNA leakage. In 2019, her former friend and art consultant put more than 20 personal items of her for online auction, including a used comb and a worn underwear. Madonna petitioned the court and said: “From my hair, my DNA can be extracted. It is very cruel to sell it to the public. I feel offended.”

In addition to Madonna, there are a large number of “auctions” carrying genetic information of celebrities on the Internet. Such as the teeth of John Lennon and Jack Nicholson, the chewing gum that Britney Spears ate, the Star Trek actor William Shett (William Shatner) kidney stones.

In 2020, an anonymous organization named “Earnest Project” stated that it had secretly collected items discarded by participants of the World Economic Forum in Davos, Switzerland in 2018, including used napkins, paper coffee cups, glass jars, and cigarette butts. , Which may contain participants’ DNA. Former US President Trump, French President Macron, German Chancellor Merkel and famous artist Elton John attended the meeting. The organization originally planned to hold an auction in New York, USA on February 20, but the auction was postponed due to “unresolved legal issues.”

Mason Marks, assistant professor of law at Gonzaga University in the United States and researcher of the Information Society Program at Yale University Law School, said that the United States only has laws in a few states such as Alaska, Florida, New Jersey, and New York, which expressly stipulate stealing others. DNA is a crime.
According to “Bloomberg News”, a tester once applied to a company such as 23andMe in the United States, asking the latter to follow the contract and delete all information about his genes and users. But it was replied that there were no tools needed to delete data and samples.

“Deletion of data violates the company’s profit model.” An insider told the “medical community” that genetic testing companies’ profit models are roughly divided into two types: First, consumers pay. Due to the fact that the growth of the user base is difficult to meet the rapid development needs of enterprises, most enterprises mainly rely on the second way to make profits, that is, after obtaining a large amount of data, selling to third parties, including relevant government departments, pharmaceutical companies, insurance companies, etc. After the US company 23andMe reached 1 million users, it began to sell data to laboratories and pharmaceutical companies to analyze the relationship between specific genes and diseases. The company also cooperates with many pharmaceutical companies to develop diseases or new drugs based on massive amounts of data.

Genebao CEO Li Zhizeng replied to a netizen regarding the supervision of DTC products on his certified Zhihu account in December 2018, saying: “Mainly because the market size is not large enough, it has not attracted the attention of the supervision (level) at all. Supervisory level There are many social issues to be dealt with. The logic must be to let the market develop first, and then manage it when the scale reaches a certain level.”

“Bloomberg” Senior Correspondent K·Oanh Ha investigation found that many US companies, including 23andMe, stated in their privacy policies that they would never disseminate consumer personal genetic information without obtaining explicit written consent. However, “Fortune” took the ancestral analysis as an example and found that the privacy policies of some companies “hidden” a piece of content, that is, consumers “agree to share genetic information after removing identity features with ‘third parties’ who have not mentioned names.” “Although this shared information excludes personal identification such as name and address, it may leave your age, height, weight, and perhaps your place of birth and possible diseases. You may be able to find out through this information .”

“In this era of privacy degradation, human DNA may be the last frontier.” “Fortune” said.