Two years ago, I moderated a panel at SXSW called “Is Your Biological Data Safe?” Looking at the panelists—a woman who runs a DIY bio lab, 23andMe’s privacy officer, and an FBI agent—it was not hard to determine at the time that the answer was, and is, “no.”
DNA sequencing is cheap and accessible; companies with large databases of genetic material have to think about how (and if) they’ll protect it; and yes, the FBI is interested. Much of the panel focused on two news items:
- Artist Heather Dewey-Hagborg used DNA “found” on wads of gum, cigarette butts, or a strand of hair, sequenced it, and created masks intended to look like the person who left the DNA behind.
- A company called “PooPrints” had begun offering a service in which it sequenced the DNA from dog shit that had been left in the common areas at condos in order to identify the dog (and the owner) who left it there.
These were relatively harmless but dystopian examples of possible DNA use (this was the point of Dewey-Hagborg’s art project), but it wasn’t hard to imagine something potentially more insidious.
Now, we have that example. Alleged serial killer Joseph James DeAngelo was caught because one of his relatives submitted their DNA to an open-source genetic database for researchers called GEDMatch, which law enforcement used to match to DNA left at one of the crime scenes.
I would start by suggesting that you notsubmit your DNA to centralized genetic databases
It is, of course, a good thing that DeAngelo, the alleged “Golden State Killer,” was caught. But it should frighten you that police used an open-source genetic database to do it. As we’ve seen with so many other privacy overreaches, law enforcement uses questionable tactics on serial killers, child pornographers, and terrorists and later uses them on petty criminals.
The general consensus at our panel was that we are leaving our DNA everywhere, all the time, and so it’s difficult to keep your DNA “private” (this was a year-and-a-half before Black Mirror’s “USS Callister” told a story about a creepy man harvesting DNA from his coworkers’ coffee cups, napkins, and lollipops.) You can’t change your DNA like you can change a password and we’re inherently broadcasting it all the time, so what, exactly, can we do?
I would start by suggesting that you not submit your DNA to centralized genetic databases. Open-source databases are accessible by anyone, and private ones are subject to subpoena or, possibly, hacking.