Anonymous DNA? No, It's Not

Posted by Pete Shanks on April 19th, 2012

man removing mask

A recently published article in Nature Genetics essentially says that keeping aggregated DNA data anonymous is impossible. The full article is subscription-only, but Science Insider has an accessible report:

Eric Schadt and colleagues ... have developed a technique for generating a personal SNP profile, or a DNA "bar code," for an individual based on their gene expression results. This means that, in principle, if someone had a DNA sample from a participant in a study stored in GEO [Gene Expression Omnibus database], they could devise a SNP barcode, match it to a GEO sample, and look at that participant's biological data.

This is not the first paper to raise questions about the anonymity of DNA data. In 2008, David Craig et al published one in PLoS Genetics that demonstrated "the ability to accurately and robustly determine whether individuals are in a complex genomic DNA mixture." As a result, the National Institutes of Health in the US and the Wellcome Trust in the UK limited public access to some genetic data.

Academic discussion has continued, for instance with papers in the International Journal of Epidemiology late last year [abstract] and, in February 2012, in the Journal of Medical Ethics [abstract]:

How anonymous is 'anonymous'? Some suggestions towards a coherent universal coding system for genetic samples

This issue is becoming critical, as "crowdsourcing" becomes a means of performing research, and particularly when this research is performed by private businesses. For instance, Genentech and 23andMe have formed a partnership to investigate breast-cancer patients who may have benefited from the use of Avastin, after the FDA withdrew its approval of using the drug for breast cancer last year because of concerns about safety and efficacy. The 23andMe/Genentech online study has been criticized by some, including Karuna Jaggar, the executive director of Breast Cancer Action in San Francisco, partly because of concerns that private companies will have the patients' DNA data. To which the response is:

Genentech officials said the samples are de-identified and protected under the same scientific guidelines and federal laws as other studies.

Meanwhile, there is a growing debate over privacy in the broader online world. In the UK, the government plans to increase monitoring of the Internet, in particular email and social media. Indeed, the inventor of the web spoke out strongly against this, on Tuesday:

Sir Tim Berners-Lee, who serves as an adviser to the government on how to make public data more accessible, says the extension of the state's surveillance powers would be a "destruction of human rights" and would make a huge amount of highly intimate information vulnerable to theft or release by corrupt officials. In an interview with the Guardian, Berners-Lee said: "The amount of control you have over somebody if you can monitor internet activity is amazing.

He was strongly supported by Sergey Brin, co-founder of Google, who sees the threat coming partly from "walled gardens" such as Facebook and Apple, and particularly from "governments increasingly trying to control access and communication by their citizens." In response to criticism, he reiterated that "government filtering of political dissent" is the biggest threat to Internet freedom.

Brin's wife runs 23andMe. He is concerned about the government and about competitors, but presumably thinks that companies in which he has a hand will, as Google famously claims, not be evil.

Meanwhile, researchers keep trying to mine DNA for personality traits, as well as identity. "Can You Predict a Monkey's Social Status by Looking at Its Genes?" asks an article in last week's Scientific American. We at Biopolitical Times (and many researchers, including some who frequently disagree with us) regularly disparage efforts to discover the "gene for" some obnoxious or desirable trait. But people keep looking, and they may yet find something or, worse, politicians may implement some kind of discrimination based on a false finding.

It's quite possible that the public really does not care about the privacy issues involved in DNA databases. Dan Vorhaus, an attorney who is expert in these matters, seems to have accepted that privacy is a relic of a bygone age, since "the idea that we can promise a complete separation from data and identity is now largely discredited." He concludes that people who take part in studies should be warned, and "free to assume that risk if they wish."

Vorhaus may know the risks; most people don't. And until very recently there was said to be no risk at all. This is a topic that demands debate, and strong regulations which should cover private as well as public institutions. Isn't it time to update the Genetic Information Nondiscrimination Act?

Previously on Biopolitical Times:

Posted in Biotech & Pharma, DNA Forensics, Personal genomics, Pete Shanks's Blog Posts, Sequencing & Genomics, The United Kingdom, US Federal


Comments are now closed for this item.



home | overview | blog | publications | about us | donate | newsletter | press room | privacy policy

CGS • 1120 University Ave, Suite 100, Berkeley, CA 94702 USA • • (p) 1.510.625.0819 • (F) 1.510.665.8760