As the Presidential Commission for the Study of Bioethical Issues continued its review of genomics and privacy, the group heard from experts on genomic database security, one from the private sector and one from the federal government.
Ken Chahine, Ph.D., is the Senior Vice President of Ancestry.com and General Manager of AncestryDNA, two related companies that take great pains to maintain data confidentiality and security. The data collection processes of the two companies are designed with privacy first in mind, even down to the collection kit that strives to preserve the anonymity of their customers.
Laura Lyman Rodriguez, Ph.D., is the director of Policy, Communication and Education at the National Human Genome Research Institute at the National Institutes of Health (NIH). She oversees how the NIH collects study participant data, implements privacy safeguards and data security measures, and then transparently shares this data with researchers—in that the inquiries themselves are not hidden from the public—while protecting data and privacy.
But Chahine pointed out that DNA is anything but secure. “Why would someone hack our servers to access my data when you could follow me to a coffee shop and grab a sample from my used coffee cup?”
Chair Dr. Gutman immediately zeroed in on the coffee cup. “Here’s the important point that it makes,” she responded. “The questions of personal privacy and genome sequencing do not boil down to ownership. I cannot own what I leave behind.”
Vice Chair James Wagner, Ph.D., inquired about the degree that data use and data access can be separated.
“In my world,” responded Rodriguez, “They are very much tied together. If the access is not provided in appropriate ways, it constrains the kinds of questions that can be asked.”
Access is important, Chahine stated. “There’s research that’s important that researchers are not tackling. The more access that we can give, the more we would be moving forward.”
A critical point on privacy would appear to be the limits on removing identifying characteristics from genomic data so that researchers could use the data without touching on privacy concerns. When asked by an audience member on the permanency of making personal data anonymous, Rodriguez did not consider ‘de-identification’ as absolute.
“We should operate under the assumption,” Chahine added, “that if ‘re-identification’ is not possible now it will be in the future.”