The rise of genome projects in both the public and private sphere raises issues surrounding who has access to these ever-growing data sets. In recent years, genetic data from the public has been collected in both commercial and private settings. National genome projects for medical research are taking place in various countries. Commercial companies such as those selling direct-to-consumer genetic tests are also amassing millions of people’s data, which is sometimes accessible to police and immigration services, even without explicit permission from those who have donated their data. A recent New York Times article, summarised here, shows how such databases are becoming increasingly useful to law enforcement, who are able to access the information for criminal investigations or immigrant deportation efforts.
National genomics projects are also now commonplace, with some conducted in partnership with industry actors, such as pharmaceutical companies. Large-scale projects are often reported as focusing on translating genetic information into improved clinical outcomes. However, these projects are also in large part, research based, with uncertainty around how they will lead to clinical improvement for the vast majority of common diseases afflicting populations. This raises questions about how genetic data may be monetised by the private sector, who may profit from new tests, drugs or medical products.
Sometimes it is difficult to find out from companies and projects how data is stored, shared and protected. Terms and conditions for commercial companies can be complicated and convoluted, making it difficult to know what rights people have signed away when donating their DNA.
In order to find out if data from both national genomics projects and commercial companies is protected from state authorities such as police and immigration services, and third party actors such as insurance or pharmaceutical companies, inquiries were sent to both commercial and research entities. Below is a list of projects and companies that were written to, including the letter that was sent. Also listed are all the limited number of replies received. The process of attempting to obtain such information highlights the lack of clarity of data privacy with the rise of genomics projects. It also warrants highlighting that if anyone wants their information removed, that it may be worth considering writing to the company or project in question to request the deletion of personal genetic data.
Commercial
Unless a reply is linked below, no replies were received for the following companies:
uncontactable by email
Additional companies that did not have email contacts on their website, or appropriate email contacts for the inquiry, were contacted via their messaging service or press contact emails, to request email contacts. These companies include 23andMe, DNAlysis, 54 Gene, Holistic Health, and DeCODEme.
National
Replied with link to website
Delivery failed
no reply
no reply
no reply
no reply
no reply
no reply
no reply
no reply
no reply
no reply
Replied with unusable zip file, but did not reply to second request for further clarification
Read reply here and here (two parts)
no reply
uncontactable by email
no reply
no reply
uncontactable by email
no reply
Personal Genome Project Canada, and Ireland’s Genuity program were messaged on the website to request email contacts but no contacts were given to send request for information.