A View from Nidhi Subbaraman
DNA Data, Security, and You
One day you’ll be handed an electronic copy of your sequenced genome on a flash drive, maybe a phone app. You’ll need to know how to keep it safe.
We’re hurtling towards a future in which our DNA data will be cheaply generated and routinely summoned. Preparing for that, a UC Irvine team has created an app that can store a digital copy of a fully sequenced genome on a smartphone.
This Android app, GeneDroid, can spit out the results of a paternity test in under a second, Fierce Mobile Health Care reported recently. (You can download a version of that app, called Father Finder, from the Google Play store.) Say you were on a first date, Gene Tsudik, one of the app’s architects has explained, “You and the other person could hold up your phones, exchange tiny amounts of encrypted information and be able to determine how much common ancestry you have.”
GeneDroid could also be used in regular clinical settings: to develop a genetically targeted treatment routine, or screen for how likely you are to develop a disease. But GeneDroid’s creators have found a way to encrypt the sensitive data so genomic factoids can be securely accessed on-the-fly. When it’s used for a certain kind of test, only a small amount of relevant data is pulled up, decrypted and used for comparison, New Scientist explains. The app itself doesn’t reveal any information—only the results of the test.
In this version of the future where we’re swapping genome histories over coffee, it’s likely that questions about privacy and security as applied to genetic data will leak into the discussion. People who aren’t experts in genetics or security will be curious about how their personal data stored and kept secure: Who has access to their personal genome? What can they do to keep it safe? Could you choose to share personal genetic data with just your doctor but not others? (Of course, researchers have been tackling the subject for years.)
Many of us continue to ask similar questions of services like Facebook, which also deals in a kind of personal data. Though Facebook is easy to use, wading through its privacy and security policies is harder. (Though, Facebook is trying to make such information more accessible, through a redesign of its Help Center, by designating a page for policy updates, and rolling out a new feature called “Ask Our CPO.”)
When we get to the point where we can store and swap genetic data in as much time as it takes to snap and share a photo on Instagram, we’ll need security backup from tools like the GeneDroid. Alongside that, we’ll also need clear explanations of how those safety measures operate and the limits to which they’ll protect our data. We carry around credit cards and use them everywhere, even though they’re physical links to sensitive and private financial information—but most of us know not to share our security code.
Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.Subscribe today