By submitting your genetic material to a company, you're tacitly agreeing to share your identity and rights to your most private information.
From "fear of missing out" on social media to belligerent political differences, modern existence is increasingly alienating. As a result, more people are interested in "finding their tribe" by digging up their family origins. But genetics-testing companies like Ancestry and 23andMe take more than your DNA, they take your privacy to that information, as well. With the Golden State Killer finally arrested thanks to data mined from those genetic databases, law enforcement has proven their ability to access the company's records.
In the same vein, the government can gain access to personal information given to these sites for purposes they deem justified. For example, in 2019, Canadian immigration officials obtained DNA results from sites like Familytreedna.com and Ancestry.com in order to identify immigrants' nationality and trace their relatives. Subodh Bharati, a lawyer representing one targeted individual, told Vice, "I think it is a matter of public interest that border service agencies like the CBSA are able to obtain access to DNA results...There are clear privacy concerns. How is the CBSA able to access this information and what measures are being put in place to ensure this information remains confidential?"
While each site in question denies working with government agencies, if authorities argue that national security is at risk, then the websites "can't really say no," as immigration lawyer Jared Will explains. He condemns the exchange as "extorted consent." Bharati warns potential customers, "Individuals using these sites to look at their family tree should be aware that their confidential information is being made available to the government and that border agents may contact them to help facilitate the deportation of migrants."
Furthermore, accessing your data doesn't always take government measures. For instance, according to 23andMe's policy, "We do not share customer data with any public databases. We will not provide any person's data (genetic or non-genetic) to an insurance company or employer. We will not provide information to law enforcement or regulatory authorities unless required by law to comply with a valid court order, subpoena, or search warrant for genetic or Personal Information." Yet, there's an additional permission users are asked to agree to, reading, "By agreeing to the Research Consent Document, Individual Data Sharing Consent Document, or participating in a 23andMe Research Community, you can give consent for the use of your data for scientific research purposes."
In July 2018, 23andMe announced it was partnering with the world's ninth-largest pharmaceutical company, GlaxoSmithKline (GSK). The agreement grants GSK exclusive access to the genetic information of over 5 million users, and 23andMe received $300 million. GSK released a statement explaining their interest in genetic databases, saying, "The goal of the collaboration is to gather insights and discover novel drug targets driving disease progression and develop therapies."
While it's a universal good to create more effective and closely targeted medicine, the transactional exchange of people's most private information, their DNA, unsettles many. Peter Pitts, president of the Center of Medicine in the Public Interest, told NBC, "Are they going to offer rebates to people who opt in, so their customers aren't paying for the privilege of 23andMe working with a for-profit company in a for-profit research project?" In essence, people are paying the site to make money off their information, with no recompense.
Additionally, despite what's written in the company's policy, "the problem with a lot of these privacy policies and Terms of Service is that no one really reads them," says Tiffany C. Li, a privacy expert and resident fellow at Yale Law School's Information Society Project. While users can opt to close their 23andMe accounts or retract their permission once it's given, the company emphasizes, "Any research involving your data that has already been performed or published prior to our receipt of your request will not be reversed, undone, or withdrawn."
Lastly, there's the possibility of information leaks. In June 2016, the DNA testing service MyHeritage announced that its database of 92 million accounts had been hacked. The depth of the breach only revealed encrypted emails and passwords, but the company was targeted because the premium on genetic data is far more valuable than credit card or bank information. Hackers could hold DNA data for ransom, according to Giovanni Vigna, co-founder of the cybersecurity company Lastline. He says, "This data could be sold on the down-low or monetized to insurance companies. You can imagine the consequences: One day, I might apply for a long-term loan and get rejected because deep in the corporate system, there is data that I am very likely to get Alzheimer's and die before I would repay the loan."
Ultimately, by submitting your genetic material to a company, you tacitly agree to share your identity and rights to your most private information. As Natalie Ram, a law professor in bioethics, says, "If there is data that exists, there is a way for it to be exploited.
Is biohacking as scary as it's been made out to be?
Keoni Gandall, an 18-year-old research fellow at Stanford, has eschewed video games and team sports in favor of using advanced lab equipment to perform DIY gene editing. Using the widely available CRISPR/Cas9, Gandall wants to clone DNA and eventually make full genomes at home. The availability of this technology represents a new democratization of science, a science that can be performed anywhere by anyone relatively cheaply. That said, there's always a price associated with this type of freedom.
As barriers to entry to the scientific community are torn down, the world is exposed to the ideas and experiments of people outside of genetic science's traditional university setting. That said, more ideas don't necessarily mean better ideas. Biotech firm Ascendance Biomedical seemed committed to proving this point when their CEO Aaron Traywick injected himself with a DIY herpes medication in front of a crowd in Austin this February. This is the same company that urged Tristan Roberts to inject himself with an untested gene therapy to treat his HIV. Neither of these experiments worked, but they do paint an interesting picture of what we can expect in the future. Ease of access combined with relatively lax FDA standards about testing experimental medicines on oneself will eventually give rise to more companies like Ascendance Biomedical. Sure, this may present a sort of minor competition with Big Pharma with regard to curing certain diseases, but the danger of injecting oneself with a mystery cocktail created by someone with a few thousand dollars worth of gene-editing technology cannot be overstated.
Traywick injecting himself with his DIY herpes medication.
Still, incompetent gene editors like Traywick are a bigger danger to themselves than others. The real concern with the dissemination of this technology is the potential for it to be used in the manufacturing of homemade biochemical weapons. Recently, researchers at the University of Alberta were able to recreate Horsepox, an extinct relative of the smallpox virus. It only cost them $100,000, and it took about six months. While this price point will keep hobbyists like Gandall from reproducing extinct diseases, the lack of government oversight regarding the University's experiment is frightening. Genetic science is improving at a rate faster than legislation regulating DNA experimentation can be churned out. In the wrong hands, the dangers associated with viral editing are incalculable.
Back in 2016, researchers at MIT invented a programming language that allows them to design and edit DNA. Supposedly, anyone fluent in this language is able to generate and edit a DNA sequence from their computer. Before this language was invented, advanced gene editing required years of experience. According to scientists at MIT, now anyone with some programming skills can create, edit, and model DNA. According to MIT professor Christopher Voigt, "it is literally a programming language for bacteria." The medical applications are seemingly endless, but there are concerns regarding accessibility. If every person with a computer has the ability to design new genetic material, biological attacks won't just increase in number, their origins will also become more and more difficult to trace.
Analysis of DNA's nucleotides
While the growing anxiety surrounding biohacking is certainly warranted, there are plenty of professional geneticists out there who don't seem to be worried, and most of them don't believe that DNA sequencing is anything like a computer language. Synthetic biologist Sarah Richardson believes that this line of thinking has given bioengineers unrealistic expectations saying, "any analogy that ignores or downplays the fundamental rule of biology — that a cell makes imperfect copies of itself — is going to lead down a frustrating and unproductive path." According to her, we haven't even learned what some of our genes actually do, and that those worrying about the rise of biohacking are being tricked into fear. Scientists are quick to admonish the risky and often outright stupid Garageband biohackers out there, because as of right now, there's still a ton that our top geneticists don't know. We only finished mapping the human genome 15 years ago. Hell, it's only been 65 years since we discovered DNA. We're just not at the point where people with little-to-no real lab experience can accurately sequence and edit DNA from their basement. Still, the time is coming when this type of DIY genetic editing will be possible and accessible, which is why many in the bioethics community are arguing that t we need to start having the conversation now–while biohacking is in its infancy–so we can draw up preemptive legislation. One can only imagine the damage Aaron Traywick's could do if this technology were more advanced.