Mining Your Genetic Data for Profit: The Dark Side of Biobanking

One woman’s personal story raises deep questions about the stark limits of current controls in a nascent industry at the very edge of the frontier of humans and technology.

Most people are now familiar with big data and how it’s used to target advertising or suggest love matches based on the data we drop as we move through life in the digital age. In exchange for tech freebies, data space in the cloud, or that new dating app, we do a quick cost-benefit analysis, we click “agree” on user licenses, and dive in. We share our preferences, our locations, our wish lists, tastes, and moods.

But would you do the same with your blood?

In a recent Investigative Fund story for Pacific Standard, I shared the story of a town where more than 10,000 people have contributed their blood, urine, and medical records in exchange for $10 gift cards to Walmart. Their hope is to help their town’s economy and the health of future generations.

The words of one participant haunted me: she said she would never want her samples used to make a profit by a private company in a way that could possibly create pricey drugs or unaffordable treatments. And it turns out that’s exactly what could happen: a portion of every contribution is marked for a commercial enterprise to create genetic tests for the market.

“The whole history of research ethics is something horrible happens and everyone scurries around to stop it from happening again, and some of these things could have been anticipated and prevented.”

In fact, I traced the line of that woman’s blood, given in a small church in the South and entrusted to university researchers, to a warehouse on the edge of town where her vials are deep-frozen in perpetuity alongside thousands of others, a portion of them flagged for a company to make for-profit products. If her samples are stripped of a limited set of information and transferred no law acknowledges the identifying link between her and her body’s most personal code—the DNA contained in her samples—and no national legal or regulatory framework is set up to protect the anonymity she is promised, much less the spirit of altruism she has vested in her gift.

Her blood, like that of hundreds of thousands of others who consent to biobanks on open-ended terms, could enter the world of de-identified samples—genetic materials not subject to any consent or health information privacy laws—but that might not be so de-identifiable after all.

Her story raises deep questions about the stark limits of current controls in a nascent industry at the very edge of the frontier of humans and technology: biobanking. Drawing on contributions from tens to hundreds of thousands of people, biobanks aggregate raw biological materials—blood, urine, and tissue, often alongside other medical, environmental, and health data about the donors. These banks are powering a quest to mine genetic and medical data for links between genes and disease.

One key U.S. law that should guide this research and protect participants, the Common Rule, was modeled on tenets developed after World War II. It requires participants to give “informed consent,” and to agree with full knowledge of the exact nature, duration, and purpose of research. It applies to all federally funded research involving humans, and to a much larger swath of activities that span everything from drug testing to behavioral research, as well as to biobanking.

How it all plays out in practice is a different matter.

To start with, laws designed to protect participants and genetic data privacy don’t apply to blood and other biological samples that have been de-linked from 18 pieces of personal health information deemed “protected” under federal law, including names, race, zip codes, addresses, facial images, phone numbers, or fingerprints. This is called “de-identification.” Once this process is complete, there are no laws to monitor or regulate these samples. They can be transferred outside of the research body to which they were donated; in the worst-case scenarios, those samples and data could be used for research purposes that might offend participants or, in the wrong hands, be used to discriminate against them or their families.

The biobanking industry shares its samples widely, and operates on the premise that de-identified samples don’t represent a risk to participants. They also say it is not feasible to contact donors each time samples are researched or shared. Having unlimited access to use and trade samples is key to how the business works, in part because samples grow more and more valuable to researchers over time. As new people join the biobank and the amount of data on each individual contributor grows, the information in biobank gains computational power.

But this highly dynamic situation is also what makes biobanking so fraught with questions. One of the biggest asks whether it is possible to give truly “informed” consent to a future with a lot of unknowns.

There is also evidence that even officially “de-identified” biological samples and data, using other publicly available information diffused across the electronic sphere, can be used to identify individuals—their names, their families, and addresses. Last year, for example, the New York Times featured a story on researchers who were able to zero in on specific people using DNA and one or two other pieces of information, or DNA alone, drawn at random from databases.

“Nowadays with DNA and the technology we have to analyze DNA and the databases out there with DNA that is connected to people’s names, the idea that something can be completely de-identified or not re-identified is very dubious,” says Dr. Stephanie Solomon, assistant professor of Health Care Ethics at the Albert Gnaegi Center for Health Care Ethics of Saint Louis University. “It is like once people say the magic word ‘de-identified,’ everything can relax—the donors can relax, the researchers can relax, the regulations can relax, and that scares me.”

Federal rule-makers are acutely aware of the problems in the biobanking model. A 2011 document from the Department of Health and Human Services (HHS) emphasizes that no current laws for protecting participants or their information were “written with an eye toward the advances that have come in genetic and information technologies that make complete de-identification of biospecimens impossible and re-identification of sensitive health data easier.” And a group of prominent computer scientists and data scholars sent a letter to HHS calling current privacy protections for human biological data “outdated” and “too narrow to address even today’s range of data privacy problems.”

But the process of updating those protections is at a standstill. A spokesperson for HHS said that although “relevant agencies within HHS are currently very much engaged in working out the details of moving forward with that proposal,” there is no timeline.

In the meantime, participants in biobanks must weigh the risks and benefits of an unknown future, not only for themselves but for anyone who shares their genes.

Meanwhile, the technology to use samples in myriad unforeseen ways is developing rapidly. “The whole history of research ethics is something horrible happens and everyone scurries around to stop it from happening again, and some of these things could have been anticipated and prevented,” Solomon says. She says she believes in the advances that can come out of biobanking are important, but false promises to participants could hinder biobanking. “If we say that the future is that all of this stuff is going to be identifiable, how do we best respect and protect people and also do the research we want to do? That is a much more appropriate way to go into the future.”

RELATED STORY

Sequenced in the U.S.A.: A Desperate Town Hands Over Its DNA

This post originally appeared on The Investigative Fund, a project of The Nation Institute, as “Mining Genetic Data for Profit” and is republished here with permission.

Related Posts