Yeah, look- I got my tests back when $99 covered everything. I got my grandparents on each side to spit in tubes for me. I was able to fill in may missing gaps in my genealogy as well as use snp-pedia to look at my own "source code". Its fun.
Guess what, my maternal granddad had Parkinson's disease. I hope to god the do something with our data. I knew that $99 was not enough to pay for the processing, storage and hosting of my data. This is the long game for 23 and me. They are a genetic research company.
I knew this was something they were going to do and I am happy they are doing it. I hope we can come up with some profitable drugs that will cure some of these more complicated disorders. Just think of what we could do if we could easily treat Alzheimer's or other age related disorders. I am not even talking about cancer or diseases like pendred syndrome that could be possible result in couples hacking nature and removing genetic illness from their kids.
Sounds like you would give consent if asked, and I applaud you for that. Myself I gladly donate blood for free to help others. I don’t however feel that either of those willful good deeds should be viewed as arguments supporting that people should have their blood extracted or data sold without consent.
This is false. 23andMe shares data with invested parent organisations regardless of consent, and is not required to disclose the fact because they're legally not 3rd parties.
Is there something specifically missing from that? it seems like you're suggesting they are doing somethign which is not covered here, or they're trying to be "sneaky", but I don't think that's the case. They have always made it fairly clear what the long game is, and "collect genetic information and share it with legitimate researchers to enable drug discovery" was a major part of it.
I see a lot of folks suggesting 23&Me is being sneaky, or underhanded, or going out of its way to cloak these sorts of exchanges. I do not agree with those interpretations.
Note: I am generally sympathetic to the idea of widely sharing genomic information and believe that good consent forms are transparent. This form is closer to what I'd like to see from a wider range of less ethical organizations.
This looks pretty good to me. First, it appears to be opt-in:
> Giving consent by checking the appropriate box below means that you agree to let 23andMe researchers use your Genetic & Self-Reported Information for 23andMe Research, as described above.
And they have a reasonable policy if you decide you want to opt out:
> At any time, you may choose to change your consent status to either take part in 23andMe Research or to withdraw all or some of your Genetic & Self-Reported Information from 23andMe Research. Your consent status is located in the 23andMe "Settings" page. ...
Choosing not to give consent or withdrawing from 23andMe Research will not affect your access to your Genetic Information or to the Personal Genome Service.
There's a pretty significant difference between "when you use their service you can opt-in to have your data added to the dataset" and "buried in the EULA is a clause saying they own your genes."
It appears some people in this thread use a rather creative version of "opt in" [1]. There is nothing "opt" about what has been described here, nor about Microsoft telemetry (it was opt-out last time I checked).
6. Do I have any alternatives? Can I withdraw from this study?
Your alternative is not to participate in the 23andMe Research study. If you choose not to give consent for 23andMe Research, your Genetic & Self-Reported Information may still be used for other purposes, as described in our Privacy Statement. If you do give consent to participate in this study, you may choose not to take 23andMe Research surveys or use other 23andMe Research features.
At any time, you may choose to change your consent status to either take part in 23andMe Research or to withdraw all or some of your Genetic & Self-Reported Information from 23andMe Research. Your consent status is located in the 23andMe "Settings" page (if you experience problems changing your consent status, write to the Human Protections Administrator at [email protected]). If you withdraw all or some of your Genetic & Self-Reported Information, 23andMe will prevent that information from being used in new 23andMe Research initiated after 30 days from receipt of your request (it may take up to 30 days to withdraw your information after you withdraw your consent). Any research on your data that has been performed or published prior to this date will not be reversed, undone, or withdrawn.
Choosing not to give consent or withdrawing from 23andMe Research will not affect your access to your Genetic Information or to the Personal Genome Service.
You may also discontinue participation by closing your Personal Genome Service account, as described in the Terms of Service. Requests for account closure can be made directly within your Account Settings.
> Your alternative is not to participate in the 23andMe Research study. If you choose not to give consent for 23andMe Research, your Genetic & Self-Reported Information may still be used for other purposes, as described in our Privacy Statement
Seems to imply that if you do not give your consent for whatever "23andMe Research" is, then they will still use the data for other purposes. So in other words if you do not opt in they will still use they data. That's not a normal definition of "opt in".
However, I don't know what is in the privacy statement. What are they able to do with the data if you don't opt-in?
I don't use Windows 10, but I from what I understand Microsoft had to make it GDPR compliant. I'm not sure they succeeded entirely with that (last time I checked, the German government did not find it GDPR compliant. Regardless, at the very least it was an improvement [which isn't an excuse]).
Not really. It's more like they have an army of lawyers paid so they can claim GDPR compliance, and delay/suppress or negotiate deals for years (if not decades) anything that comes up to say their not.
That being said, apparently there are already ongoing legal cases around GDPR complaints for MS. No idea how those will end up.
I think a clearer phrasing of that is "Consent is not freely given unless it's explicit". I'm fine with giving consent as long as I'm clear on what that is. General consent for using a service, to me, doesn't include using my data and/or information outside of what's needed to provide that service.
In this case it totally is. Your free to not use 23andMe if you don't consent. I do think, however, it shouldn't be buried in the EULA but communicated clearly.
> Your free to not use 23andMe if you don't consent
That is not how consent works.
If I am selling you an apple, but thereby you give me consent to use its genetics for research, and without that we do not do business, then there is nothing optional about it; no opt-in, no opt-out.
Opt-in is when the flag is disabled by default, and you can enable it if you want to, and use the product regardless of your choice.
Opt-out is when the flag is enabled by default, and you can disable it if you want to, and use the product regardless of your choice.
You're not buying apples, though. You're buying "apples+X". That's a different from "apples". If your seller is upfront about that then I and people who want just an apple can go somewhere else for fruit. Most, though, aren't upfront about it.
That is up to our governments to decide if such is allowed or not. For example, it isn't allowed to sell a gun or drugs with an apple (at least not here in The Netherlands, YMMV).
That you can decide to not go for the entire package is not what we disagree on (apart from above, I suppose).
What we were discussing is that the consent is optional; it is not in any of these examples. It is part of the package deal; then you don't call it opt-in or opt-out, as that allows you to opt-in or opt-out of something which is otherwise not in your direct advantage, but is in the other party's advantage.
Let's say there are two people who are supposed to get a punishment. One is found guilty by a fair trial, the other one is not found guilty by a fair trial.
For some superficial rule, I may only punish the person who has been found guilty by also punishing the person who has not been found guilty.
Can you explain to me how this is fair?
Here is where you and I differ. You find it OK when a party (e.g. business) uses your private data to sell or otherwise use for their benefit. I believe such personal data is ultimately my say. And I believe only informed opt-in (optional, not part of a package deal ie. how GDPR works) is a fair way to deal with such situation.
> In the United Kingdom, it is generally held that an organisation holding a 'controlling stake' in a company (a holding of over 51% of the stock) is in effect the de facto parent company of the firm, having overriding material influence over the held company's operations, even if no formal full takeover has been enacted.
Who do you think does most of the pharmaceutical research? According to some quickly googleable info, private funding for pharmaceuticals is about 5 times that of public NIH research [0]. And before we assume that it all goes into the executive pay, turns out that private pharma in the US reinvests more of its revenues back into research and development than any other industry in the US (according to the same source).
As for who pays for research, you're right that pharma companies now pay for over half of US biomed research, something that's been true for about a decade. I don't know how that "5 times" figure was calculated, but my figures show the government currently finances about 1/3 of biomed research, including almost all basic research.
Of course, pharma benefits from that research, too, and looking only at spends understates the value of those contributions. One recent study found that
"NIH funding contributed to published research associated with every one of the 210 new drugs approved by the Food and Drug Administration from 2010–2016."
What does that have to do with obtaining HIPPA/DNA data the way they did?
What does big pharma reinvesting more of its revenue back into R&D have anything to do with obtaining peoples DNA through any means but directly from the owners of the DNA?
Big Pharma also spends more in lobbying efforts than any other industry...in fact double the next industry (tech)...in fact they spend in lobbying what the #2 and #3 industries (tech and insurance) spend together. Were you aware big pharma lobbying goes towards R&D tax credits for themselves?
>Is there not a difference between using your data for research...and selling it to a pharmaceutical company attempting to develop a commercial drug?
No...? Precluding companies from coming up with cures for diseases based on researching this data seems to defeat one of the major points of medical research.
>Precluding companies from coming up with cures for diseases based on researching this data seems to defeat one of the major points of medical research.
Since when is privacy violations a major point of medical research? Did these pharma companies get your DNA through a 3rd party without your knowledge?
This genetic data will be used by 3rd parties not (only?) altruistically but to maximize profits. Any products developed using this genetic data will likely have profit as their primary motive.
Wanting to accelerate the development of novel drugs and therapies to treat disease is great. But rather than giving a private company carte blanche to share data with third parties trusting (hoping?) that the outcome will benefit humanity, it would be better first to establish a sensible regulatory framework around genetic information and its uses by private companies and the governnment.
The drug companies have a solution to patent limits called "evergreening" where once a patent is about to expire they make a very slight modification to the formula, pump massive amounts of cash into marketing it as "new and better" even when there are little to no benefits over the old formula. Doctors are easily bribed or mislead into prescribing the expensive new formula over generics and drug companies can continue to make large profits on old drugs instead of innovating.
> it would be better first to establish a sensible regulatory framework
The new common rule provides for just such a thing called broad consent, which requires tracking patient consent in a fine-grained and revokable way. Interestingly, about the time it came into effect, I heard about a new start-up supported by George Church, called Nebula, which provides just such a consent service using a blockchain.
So, the regulatory framework exists, and a product to implement that is on the market. And this stuff was in discussion for better part of a decade, so it's not like this just snuck up on people.
Of course their motive is not altruistic, and what does it matter anyway? They won't make money if the outcome of the research isn't beneficial. What use would a bunch of government bureaucracy be?
Only someone who either doesn't have a treatable disease themself or doesn't have a family member who does could think this way.
I have a medical issue with no cure and so does my dad. My mother died from cancer a few years ago. I could care less if they make a profit or not so long as it improves my quality of life and that of my father.
For much of my mother's treatment, both the first time she got cancer (and beat it) and the second time (when she did not), she was getting treatment that only existed in the US. Why? Because it's profitable here.
I myself take an orphan drug only available in the US and only developed because of changes like the Orphan Drug Act of 1983.
Altruism is fine and good, but profit-seeking is more effective and expedient.
I could similarly say only a person with a treatable illness who can afford said for-profit drugs thinks this way. 'profit-seeking is more effective and expedient' for the people that can afford it...
> 'profit-seeking is more effective and expedient' for the people that can afford it
It doesn't matter if you can afford everything in the world if the thing you need is never developed in the first place.
Some of the treatments me and my family have had were not available in Europe, Canada and other universal healthcare countries at any price. I would have probably lost almost two decades of time that I got to spend with my mother because she got treatment in the US the first time she got cancer. She was British and at the time the NHS had the 2nd worst success rates for cancer of all OECD countries and the US had the highest success rates.
Only one secure and wealthy enough has the time and interest discussing matters like this. The poor and downtrodden don't even participate in these debates. Your privilege is getting ahead of you.
I'm really shocked at some of the responses you're getting. I'm in a similar situation, except for Alzheimer's. I signed up to 23andme (and several other genome companies) explicitly to give them more data for their research. The product was kind of cool (I connected my mom with a long-lost brother!) but the real product is research and what comes from that research.
There are dangers if it's misused, sure, but the benefits for literally everyone on the planet dwarfs even the worst, least-likely dangers, IMO.
Sorry, but this is the classic "I have nothing to hide" argument in regards to privacy.
If they want to market their services as "donate your DNA for research" and then, as a side-note, we'll send you back some fun details about you... Fine. But right now, they sell it as a way to know about yourself, your family, genes, etc. Then millions of people wake up to the news to find out that their DNA was handed over to a pharma company.
It shouldn't be controversial to say that I value everyone on the planet having a higher quality of life more than I value a small subset of people's worry over losing privacy to a company that they not only willingly gave their DNA to, but also opted in during the signup process to use that DNA for health research.
If they feel fooled for whatever reason (I assume because that research is being done by another company instead of 23andme directly) and are now claiming they've lost some semblance of privacy over deidentified data they already handed over, that pales in comparison to lifesaving cures that are enabled and made more likely by sharing such data.
Quality of life for everyone > pedantics of what exact things you're opting into when you give your DNA to a genetic research company that dedicates a whole page in the signup flow to using your DNA for lifesaving research and cures.
How kind of you to make this decision for all of your relatives. They now better take care to not leave any DNA traces when protesting against some upcoming authoritarian government. And no, those databases won't be deleted before a wannabe-king takes over.
Or when signing up for health insurance a policy chain down the road. At that point the new treatment better be cheap enough to pay out of pocket...
But seriously, how can you in good conscious claim this all being willingly when it's very nature shares info about other people as well. This feels like unaware people giving Facebook access to their phone book all over again, thus giving away all kinds of info about me. No, I don't want FB creating shadow profiles about me and certainly wasn't asked.
Can we please find a way to not create piles of data about third parties? Since, if history has shown one thing, them being used against me is just a matter of time. Or, at least have in place strong protections by e.g. regulations?
drusepth's relatives don't own drusepth's DNA. This would be similar to arguing that if I had an identical twin, I need my twin's consent to donate a photo of myself to a facial recognition library.
But more generally, the arguments being raised here regarding risk of abuse of the data are predicated on tyrannical or illegal activities occurring. Instead of denying ourselves the benefits of cures derived from data such as this, why can we not build a society where the data is not abused?
Human pro-social activity is a very powerful thing. If there are risks in unifying data, we should work to build a society that stewards those risks responsibly, we shouldn't try to cut ourselves off and hope the life of a data hermit serves us better.
I mean, what other technologies should we deny ourselves? A tyrant can use tanks and troop transports to wage war on their citizens. Should we tear up the roads lest they be abused by tyranny?
This doesn't preclude drusepth from using their property in an assholish way.
>This would be similar to arguing that if I had an identical twin, I need my twin's consent to donate a photo of myself to a facial recognition library.
No, it'd just mean that you're an asshole if you do.
>But more generally, the arguments being raised here regarding risk of abuse of the data are predicated on tyrannical or illegal activities occurring. Instead of denying ourselves the benefits of cures derived from data such as this, why can we not build a society where the data is not abused?
Time scale. Societies come and go. To the extent that we don't have tyrannical ones they're not exactly long lived. Once you've given the data and power to the non-tyrannical government, you're screwed if tyranny ever swings around again. That's a huge gamble to make off of nothing given the history of all world governments. Seems far more likely they'll all be tyrannical again at some point than never again ever.
>I mean, what other technologies should we deny ourselves?
All of them. Technology is a perversion of our innate condition. A result of mate signalling gone off the rails.
>A tyrant can use tanks and troop transports to wage war on their citizens. Should we tear up the roads lest they be abused by tyranny?
I agree, but it's hard to establish good regulation in a space where society hasn't yet come to some consensus on the underlying philosophy that would guide such regulation, is the problem.
>I mean, what other technologies should we deny ourselves? A tyrant can use tanks and troop transports to wage war on their citizens. Should we tear up the roads lest they be abused by tyranny?
As you have been overly fond of using tu quoque as a rhetorical device throughout this thread ─ in your earlier response, you trivialised the exercise of willingly handing-over the most precious of all and the pinnacle of personal data, whilst paying for the privilege, and compared it to just another transaction on Amazon: what about the fact, that almost all tyrants are enabled and empowered by somebody (usually the govt.); it would be conducive to conclude based upon your fervour, that you are equally complicit in creating yet another tyrannical corporation, which shares your disdain for privacy?
Your conclusion begs the question that the corporation in question is tyrannical or disdains privacy. Apart from that, I'll absolutely own that I want to see them succeed; I believe in the likelihood that big-data analysis is a valuable tool in conquering the diseases that have been resistant to past methods of devising cures. I volunteered my DNA for this purpose (and none of the DNA that 23andme holds wasn't volunteered for this purpose).
I don't seek an answer, because I believe the question is answered that 23andme is not tyrannical and doesn't disdain privacy. Neither does Google, for that matter, and I think many people agree with such an assessment (Gmail has nearly half a billion active users).
"Begs the question" means your argument presupposed the truth of this part of the statement instead of supporting it.
>but also opted in during the signup process to use that DNA for health research.
That is not the same thing as selling data to third-parties. Especially considering that 23andMe asks users questions and then shows results based on correlations, it's too easy for users to understand "opting in for health research" as research being done by 23andMe and not by a third-party.
I don't get it, are you being naive or ignorant? Are you not aware of how much genetic science and ML have already been abused in the past? Are you also not aware of how much the laws and public understanding of the techs and their implications is severely lacking? Cure parkinsons but hey systemic eugenics no big deal? I mean,come on...we live in quite the evil world with all sorts of people that will gladly misuse this data and the tech to make inference out of it.
I am all for finding cures but the unwitting public needs to be protected. Most people assume there is no way a legit company would do something terribly evil.
> Most people assume there is no way a legit company would do something terribly evil.
Are you kidding? Cynicism is endemic in the U.S. today; likewise for anti-corporatism. You can see it in the comments.
Personally, I'm in the same boat as the OP: I was a very early 23&Me customer and persuaded many family members to also participate, with the knowledge that 23&Me would monetize the data through research. They never claimed to be a non-profit. They were relatively transparent about their opt-in and opt-out policies, though after the FDA debacle their "simplified" website became significantly more complex and opaque. I also participated in a Kaiser Permanente whole genome sequencing research program, donated my blood samples, and then never heard anything ever again. I hope they're doing good science, especially because donating my whole genome is significantly more invasive from a privacy perspective than a few thousand SNPs.
If we sat around and waited for the perfect environment that addressed everybody's concerns, we'll be waiting forever. In the meantime, the less selfish among us are putting our own privacy at risk for the greater good. And the more of us that do that, the more political pressure there will be to sustain and expand existing legal protections prohibiting discrimination.
Not only am I glad 23&Me is selling the data (and this isn't the first time), I hope that overtime they'll have enough income that they can start sharing much of their data for free with schools and labs around the world. The latter may never come to pass, but I can't let perfection be the enemy of the good. And I won't let fear and uncertainty turn me into a perpetual privacy victim.
EDIT: I just received an e-mail from KP regarding their research project. It's the first I've noticed, but judging by my e-mail log they seem to have sent a handful over the past several years which I apparently deleted as spam. Here's the project website: https://researchbank.kaiserpermanente.org/
I am not kidding. Only a subset of college educated people have that cynicism
> If we sat around and waited for the perfect environment that addressed everybody's concerns, we'll be waiting forever.
Forever sounds better than the alternative. You seem so eager to sacrifice so much on the altar of hope based on wishful thinking that this data will not be abused. The #1 rule in technology should be "if it can be abused,it will be abused" there are no exceptions to this.
Like another commenter suggested,perhaps your current place in society has you free from such fears but rest assured that in times of war,turmoil or civil conflict or when spy agencies and the military want to gain an operational advantage using this tech/data It will be used against you. Your sick and disabled family members would have been subject to eugenics. It's not difficult to imagine any social group finding themselves in a position of weakness against a hostile power,group or individual. Look at all the horrible experiments the CIA performed, euegenics by usgov/army, the horrible things they did in Iraq and cia detention facilities,etc... the typical situation imho will be a cooperation between evil government and these companies where the companies abuse the data/tech with impunity in exchange for sharing access with their gov protectors.
Just take a peek at all the inhumanity and amorality of the pharmaceutical industry's greedy price hikes/rigging. Do you still think these are trustworthy people who won't take every opportunity to profit and say "sorry" when they get caught? (Or just bribe politicians and ignore the whole thing).
I mean how naive and deluded are you? I still don't get you and op's state of mind here. Horrible abuses will happen at large scales, guaranteed (not even speculating)!
How do you see the risk of the most greedy company bidding the most to get privileged access to the data, and coming up with a cure that out-prices you or your family if you ever end up hit by the disease ?
For me this is the simulation that gives me pause. I also guess that research might not just happen on itself, but can't help to wonder what better ways they could be to avoid getting cornered at the end.
>How do you see the risk of the most greedy company bidding the most to get privileged access to the data, and coming up with a cure that out-prices you or your family if you ever end up hit by the disease?
Is that preferable to an alternative where no company can bid on such data, and therefore a cure either never exists or is delayed N years (where N is probably significant)?
Consider also that all medicine often starts prohibitively expensive to offset R&D, and predictably lowers in cost over time.
>Guess what, my maternal granddad had Parkinson's disease. I hope to god the do something with our data. I knew that $99 was not enough to pay for the processing, storage and hosting of my data. This is the long game for 23 and me. They are a genetic research company.
Sadly because of the state of America, your insurance company once it gets your genetic data is going to make you sorely regret it.
it's illegal for health insurers to discriminate using genetic information: https://www.genome.gov/about-genomics/policy-issues/Genetic-... ("Specifically, health insurers may not use genetic information to make eligibility, coverage, underwriting or premium-setting decisions").
Sure, but it's a law, and any change like that would be major national news, debated extensively in Congress, and then, if turned into a new law, would roll out over years.
And it's unlikely it would be passed as a law, because (currently) most people favor privacy for their genomic information.
Personally, I can see the value in allowing health insurance to access genomic information. Assuming it truly correlates with health outcomes, the data would be valuable in accurately personalizing contracts. I believe other indicators are already used.
There can easily be a hole punched in the law with some weasel words in an omnibus bill that nobody pays attention to until 5 years later and we are hearing about the problems in a 60 minutes exclusive.
Here in Australia it's not illegal for life insurance, but they've just brought in a morutorium before deciding if they're going to keep allowing it to be legal, so that could change.
It's problematic for life insurance. You can socialize the costs of the self-selection problem in healthcare, but you can't do the same with life insurance. Maybe at the margins we can tweak things, provide publicly-funded alternatives (e.g. like Social Security survivorship benefits in the U.S.), etc but fundamentally if you prevent discrimination then private life insurance will simply disappear.
When I bought my term life insurance policy they took a blood sample, as they have for decades. I don't know if they did any genetic screening, but if they didn't I presume it's just because the cost+benefit wasn't there yet. Considering that I could do whole genome sequencing today for a couple thousand dollars and game the system, that bodes well for the future as it suggests the viability of tiered screening and risk management strategies that smooth out the costs for most people in the face of increasing self-selection behaviors as genome sequencing costs decline for insurer and insured.
BTW, regardless of whether a life insurer does genetic screening, if you procure a policy knowing of a substantial risk of genetic illness without disclosing it that would violate the terms of most policies and may even rise to the level of insurance fraud.[1] We may see laws limiting the types of affirmative screening that can be done by insurers, but I could never see a law limiting such contractual terms and general background rules as it would certainly destroy the market for life insurance.
[1] Thus, if you want both life or disability insurance and genetic tests, the legally and ethically correct thing to do is buy the policy first and then do the genetic tests afterwards. It makes sense to buy life and disability insurance at a relatively young age, anyhow, like in your late twenties or early thirties where your income has [hopefully] already risen to a level where you can buy a multi-million dollar policy without a penalty--from a risk management perspective insurers can only offer the best rates when there's a correspondence between the policy amount and existing, proven income. By contrast, it makes less sense to do genetic testing until you have reason to, like in middle age. That's fortuitous and one reason why we should be less concerned about the effect of voluntary genetic testing and disclosure rules regarding life insurance. (Obviously affirmative genetic screening is a different problem.)
Do you find it similarly interesting that a 5 year old account with 3 other posts and a few comments posted a 1.5 year old article and managed to get over 300 upvotes on it?
This is why when I sent in my sample I used a fake name and a disposable debit card for the purchase. I also got it back when it was $99 without a subscription and I hope those steps are enough for them to not be able to connect my DNA data back to me. Guess my tinfoil hat worked out in this case!
> Guess what, my maternal granddad had Parkinson's disease
> Just think of what we could do if we could easily treat Alzheimer's or other age related disorders
If only scientists focused their research on Medical Cannabis which is time and again showing positive results on plenty of patients afflicted with Alzheimer's and Parkinson's. My grandpa had Parkinson's too. I wish I or my family knew of Medical Cannabis and the positive effects of CBD back then. It makes me angry that this naturally occurring plant was banned by the CIA and India followed suit when Cannabis (called Vijaya in Sanskrit) was used in Ayurveda for thousands of years. We discarded a medicine that was working perfectly fine for chemicals made artificially by Big Pharma. Now people have no choice and have to resort to going for allopathy when an alternative natural medicine exists but would invite prison time if you use it. No one would dare to break the law. And when accompanied by social stigma in using it you have this fine concoction of guilt for breaking the law and anger, sadness at the sheer ignorance of society.
These are my sentiments as well. My wife and I did this before our first child. The data is kept in both a secure server and physical thumb drive with reserved domains, personal email adress with their legal names. I wish I had this type of data growing up, I’m sure I would have at least eaten better. All I got was, grandpa died of a heart attack and grandma died of cancer. Hopefully the kids find it useful.
We are on the verge of a future where automated systems trawl through exabytes of genetic data, lazily analyzing it and spitting out promising results for further, focused, research.
The first steps are being taken today with similar systems for automated drug discovery, and the same amount of effort should be thrown into genetic research.
Not only do I want my DNA in a database making up a genetic version of DigitalCorpora.org, freely available to researchers (commercial and non-profit alike), I also want it available to law enforcement so that when a familial match pops up for a sample in a rape kit or crime scene they can catch the person.
If a critical mass of genetic information could be gathered and sufficient computing power thrown at it, live-saving discoveries could become so routine they aren't even reported on anymore.
Know someone who's trying to do this for rape kits, and a couple overzealous state AGs are trying to shut them down (unsuccessfully mind you).
Funny we don't see any subpoenas here while a private company openly trumphs monetizing your DNA data, but threaten the govt 'process' and whamo! lawyers out the wazoo
"I knew that $99 was not enough to pay for the processing, storage and hosting of my data."
Sure it is. Definitely the 'hosting and storage' part, which they wouldn't need to do if you weren't the product.
Though there are issues with privacy, I think we should remember that there's a lot of good that can come with this if cures are made available.
It's a really weird route that capitalism has forged on this one. It'd be nice to see public agencies get their act together on these kinds of things. Imagine if a university were able to do this - and all the data were made public to any researcher, properly anonymised.
My grandfather had parkinson, I have wondered about all this genetic testing. I almost bought those kits when they were alive. I was worried about future negatives, never imagined the law enforcement 'find relatives' thing that happens now.
While 23andMe has technically adhered to the original terms of service, they've been sharing your data without your consent with their new parent firms like pharma giant GSK (the same one described in this article) which purchased partial ownership of the company and therefore ownership of the data. You see, giving data to your parent firm is not technically giving data to a third party. This was the business model all along. The 'customers' were the product, and the real customers were pharmaco.
Getting the products (you) to pay for the cost of their own sequencing so the data is effectively free was a stroke of genius. Not only are you giving away incredibly valuable data about yourself only a tiny fraction of which is returned back to you in the form of a report, you're paying for the cost to collect it. It's brilliant.
You've been duped by the dupe that everyone saw coming.
I don't see how that article supports the claim that you are making. From the article
> A 23andMe spokesperson told TIME that data privacy is a “top priority” for the company, emphasizing that customer data isn’t used in research without consent, and that GlaxoSmithKline will only receive “summary statistics from analyses 23andMe conducts so that no single individual can be identified.”
Also, if I buy some shares in Amazon I don't get have all their client data.
Shareholders are still shareholders even if the company is not publicly traded/listed. GSK is a shareholder of 23andMe - not it's parent company. 23andMe is not a subsidiary of GSK. GSK does not even own a majority share in 23andMe:
GSK invested $300 million into 23andMe and created an exclusive collaboration agreement [1]. To be clear, these things happened together, one doesn't exist without the other.
If a publicly traded-company has more than 5% of outstanding shares owned by a single entity, they have to file an SEC Form 13D. This is a typical cut-off to indicate an activist investor [2]. Far less than the 14.5% GSK owns. Without knowing who owns the other 85.5% of 23andMe (or visibility into their board and voting structure), we have no idea who controls the company.
You would need to spend about $44 billion to own 5%, or 24.8 million shares, of Amazon. I'm still not clear on how GSK's purchase of 14.5% of 23andMe along with the exclusive agreement that came with it is the same as buying a single share of Amazon stock.
> To be clear, these things happened together, one doesn't exist without the other.
Buying 14.5% of a company does not come with an automatic collaboration agreement nor would a collaboration agreement come with 14.5% of a company's stock unless there is specific terms for that in some contract which establishes both. And there very well may have been - but both a collaboration agreement and 14.5% ownership can exists without such a contract.
> I'm still not clear on how GSK's purchase of 14.5% of 23andMe along with the exclusive agreement that came with it is the same as buying a single share of Amazon stock.
The argument that was made and that I was responding to was that GSK is 23andMe's parent firm and therefore not legally a 3rd party ... and I'm not sure how I much clearer I can say a shareholder is a shareholder.
If you want to argue that the exclusive collaboration agreement (which is not the same thing as 14.5% ownership) somehow defeats 23andMe's privacy policy then please, argue for it. Maybe it does - but you have not done anything more than allude to it doing so.
> You would need to spend about $44 billion to own 5%, or 24.8 million shares, of Amazon.
And spending that much will not entitle me to an exclusive collaboration agreement with Amazon nor will it make me somehow not a 3rd party of Amazon and therefore allow Amazon to give me all their client data without violating any privacy policies as the person I was responding to claimed.
> Without knowing who owns the other 85.5% of 23andMe (or visibility into their board and voting structure), we have no idea who controls the company.
We don't - but board members and owners are not the same as parent companies and I don't see how that somehow defeats their privacy policy either but if you think it can please clarify.
And I was responding to this comment: "if I buy some shares in Amazon I don't get have all their client data."
The point is that GSK wouldn't have invested $300 million without the exclusive collaboration agreement. That is why it's different than buying a publicly traded stock. GSK is not just a random shareholder, they are a significant owner (may even have board seats) with an exclusive collaboration agreement. You are splitting those things up to make your argument, but they are linked together.
> You've been duped by the dupe that everyone saw coming.
Not only that, this is one of the benevolent aspects of 23&Me that people saw coming. It's only a matter of time before this information trickles to insurance companies.
But wait, it gets better. The data is now permanently out there which means it's only a question of time until it leaks to insurance companies and bad actors, but the data is not only about the individual who submitted their DNA but everyone related to them.
I'm sure GP's children will love them for selling out their data to future employers and insurers.
This would be a concern if DNA was something secret like a password, but it isn't, it falls off you all the time in the form of hair and skin cells, so if there was something valuable in your DNA, your employers could get it easily anyway. And if your DNA was useful to insurers you would pay yourself for them to get it, because knowing that your risk of dying from certain disease is higher is also required for preventing that.
In general trying to keep DNA secret to prevent discrimination is a losing game, a better strategy is preventing discrimination itself, which we already have to do for DNA variations that have visible manifestation. Moreover if the number of people who need protection from discrimination increases, we'll get better at preventing it, which would be useful for the people who are being discriminated now.
I really hope that would be illegal here in the EU. It being physically possible (or even easy) doesn't make it okay. Not having the dataset easily available is one safety layer to prevent discrimination. No, it sadly doesn't help in all cases. Its unlikely there will ever be something that can, unless maybe you believe in perfectly implemented government policy reeducating us or controlling our behavior.
I'm curious what "bad actors" you imagine with a DNA dataset. Targeted viral agents to hunt and kill only shadowgovt's? If someone wanted to do that, raiding my trash for a half-eaten sandwich is a lot easier way to get the data they want then hoping I upload it to 23andme.
I think they were probably referring to the more mundane use of insurance companies buying the data and raising premiums for people with genetic risk factors. Which IMO seems very plausible.
Absolutism doesn't really help in crafting good policy. The threat that bad things could possibly, maybe happen isn't a good reason to stop chasing disease cures.
If we knew the ways vaccination programs would be abused, should we have refrained from inoculating so much of the world against polio?
It absolutely is and it's also the reason the FDA has a process you have to follow before doing human testing before potentially killing people with a new treatment you're trying to develop.
Correct, because we thought about the cost and risk of early human trials.
Which isn't the case here.
You're happy to forego any protection of the people involved.
I think the case is that people have put quite a bit of thought into costs and risks of big-data aggregation of DNA and come to different conclusions on what risks are realistic and what the consequences of those risks are.
"Which of my personal information is used for research?"
"Your genetic data and any other personal information you enter into the website, except for your Registration Information (name, contact information, and credit card information), may be analyzed in the research."
It really seems people are complaining because 23andme didn't demand they sign a consent for something they had already explicitly signed a consent to. I, for one, assumed large third-party pharmaceutical companies would have access to the data when I volunteered it. Is there significant risk people misunderstood that? How?
You have no idea how many ways there are to adhere to the letter of that law while ignoring the intent. There are entire multinational businesses built specifically to facilitate these kinds of data exchanges while keeping it technically legal.
The health insurer doesn't need the genome. It just needs a number from 1 to 10 from a 'de-identified' source to multiply their scores by.
Sure, for now. We would all be naiive to believe that insurance companies wouldn't lobby to be able to use other such information continually if they had it until they can use it to charge you more.
The state of health insurance in the US would be better described as a "private social health benefit program".
Insurance is effective at protecting people from uncertain financial risks, but the demands of the public have gradually changed the function of health insurance to include many things outside of that.
The question was never "what functions do insurance companies do efficiently?", the question has always been "what health benefits do people deserve?". Unfortunately, these questions have different answers.
Yes, there are saying information want to be free. These data should eventually be public anyway, yes including to insurance company. The solution should be even more transparency, rather than privacy. The sooner we embrace and adapt, the better.
Where to start. I could write an entire paper about this.
It's incredibly difficult to truly de-identify data and it's incredibly easy to re-identify it. Making data truly anonymous usually also neuters the data for any kind of predictive models.
23andMe is selling either straight up raw data (which is totally allowed under the investment terms) or tightly grouped 'summary' data which can be trivially re-identified. If they were selling actually anonymous data it would be worth nothing because it would yield no predictions.
Disclaimer: I work in ML/predictive analytics. 'anonymous data' is a marketing term for trivially reidentifiable data. If the data is truly anonymous then its predictive power tends towards 0 as does its market price. You don't think GSK dropped 300 mil on mostly useless data do you?
Trying to keep genetic identity anonymous is security through obscurity. You have shed thousands of skin cells in the time it took for you to read this. If people want your DNA it's trivial to collect -- and will only get easier and more common.
A better use of our time is to address the ramifications of public DNA and prevent it from being misused.
I can send someone to follow you around to see where you go. Therefore, you do not mind if your GPS data is public?
Now compare the cost of hacking into a database to the cost of obtaining millions of genomes by physically taking genetic material and then sequencing it. Then consider that your DNA is yours for the rest of your life.
Simply because data can be obtained by some means does not make protecting that data useless.
No, that's a bad analogy. Following someone is manpower intensive. A better analogy would be sending someone to observe your hair color -- do you mind if that's public?
As the value of DNA increases, people will collect it. Restaurants, washrooms, your employer, airlines, Uber etc. all could have trivially easy access to your DNA if they choose to.
It's illegal to follow someone around to collect their location data. It's a pretty good analogy.
Just because there is 'trivial' access to certain attributes of people doesn't mean that it's legal to capture those attributes, and even if you do capture them, they're worthless on the legal market. E.g. see SF ban on facial recognition.
Like you say, legal barriers can only prevent things that rely on a legal market, like insurance carriers from discriminating against people's genetic makeup. Against genetic weaponization and other state-sponsored uses it would be a bit like banning nuclear bombs -- a great idea for everyone but a foolish one for each individual state.
And that's only if such legal barriers are even constructed which I'm not sure they will be. Look how the privacy battle has turned out thus far.
Why, in 2019, would you trust such a statement from a faceless corporate behemoth?
Why, after the consistent abuses and lack of accountability across the corporate sphere, would you place any faith in a business's claim that they're just leaving what probably already amounts to billions of dollars of value on the table when there is effectively no penalty for covertly extracting said value at the cost of customer privacy?
Why, after a decade+ of security breaches and poor data handling practices, would you trust a financially motivated, publicly traded company to properly anonimize data?
Computer algorithm can identify 99.98 percent of Americans from almost any available data set with as few as 15 attributes, such as gender, ZIP code or marital status.
I'm going to have to investigate this more thoroughly. If it's true, then I'll delete my data at 23&me (and hope that data deletion actually does what it says).
I can't answer for the original poster, but were it me, yes.
I'm certainly not doing anything to cure that disease. Strict privacy advocates aren't doing something to cure that disease (I guess they might be, but how would I know, they don't talk about themselves much ;) ).
I value a cure for Parkinson's more than I value my privacy. If selling the DNA I provided as part of a research dataset (that I provided without knowing who would be doing the research, but knowing it'd be someone because that's how research works) cures Parkinson's, I'm on board.
> If selling the DNA I provided as part of a research dataset (that I provided without knowing who would be doing the research, but knowing it'd be someone because that's how research works) cures Parkinson's, I'm on board.
And that's the best case scenario, the worst case scenario is that your data is used to increase your insurance and healthcare rates.
Moreover, it normalises crappy corporate behaviour.
But the question was express consent. I'm willing to trust 23andme to pass the data to whatever research team has the resources to make progress (that was certainly my intent, at least, in signing over consent to them in the first place; I don't know enough about medical research to have an opinion on the details of who does the work, and I delegate that responsibility to 23andme).
And what percentage of your net-worth and/or your insurers bearance would you be willing to commit to the yearly treatment they'll come up with (not a cure)?
The idea that pharmaceutical companies focus on treatment at the expense of cures is inaccurate. Not because they’ve decided to put the greater good ahead of profits, but because they realized they could price breakthrough cures to match the customer LTV of chronic treatments.
(a) I have no reason to believe at this point, a priori, that Parkinson's isn't curable (Clarke's First Law)
(b) To address that issue, I vote for politicians who advocate for radically restructuring how healthcare is paid for in the US to minimize incentives to gouge unlucky individuals
Personally, I can't wait for the inevitable medical breakthroughs discovered through the service that we paid for, that GSK will sell back to us for thousands of dollars per treatment.
There's something so purely dystopian about paying a company to collect our genomic data, which then helps to create medical breakthroughs that none of us will be able to afford.
And though the idea is tricky, commercializing our genome is no longer about "hey, the next R&D breakthrough will come from your genome." It's about making sure that the first humans to create such breakthroughs can get rich off the money it pays for them.
This is why it's so important that companies refrain from selling our genomes to biotech companies.
I don't share my genome with my doctor because they don't need it (yet; also, EPIC and Apple Health don't really support OAuth to 23andme for grabbing the raw file). I have used 23andme, as well as my entire family, and have opted us all into their research. We make this choice voluntarily and in an informed manner. I am willing to trade genetic privacy (which is tenuous at best, I leave DNA everywhere as a human) for progress. Same reason my genome (as well as a sibling's) is public on Harvard's Personal Genome Project. I have a shelf life, but research lives on.
I don't believe myself to have been duped. I've made concessions based on priorities. Would I prefer this work be done, publicly funded, by the NIH and other non-profit researchers? Absolutely. Am I willing to wait for perfection? Absolutely not. Federal law currently protects your DNA data from employers and insurance companies. If you find that to be insufficient, run for office.
Disclaimer: Interviewed and was offered a role at 23andme a lifetime ago (2011), no other affiliation besides being a satisfied customer.
If you want progress give your genome to your local uni so they can pass it on to researchers, not to a comic book badguy profit seeking pharma giant like GSK who will totally sue the shit out of anyone else who uses it without their go-ahead.
See my comment above where I contributed my DNA to Harvard’s genome project. I approve all requests to use it in partner studies. Not sure what else you’re expecting, but my opinion is that your expectations are unrealistic.
If you don’t like the law, fix the law. If you have evidence a drug company or data provider violated the law, report them to your attorney general.
That's incorrect. HIPAA compliance only requires consent between patient and provider. Provider can choose to share that data with other providers. This is how Google purchased medical records by partnering with Ascension.
If you are covered under 42 CFR Part 2, then it would not be allowed because the patient has to give consent to ALL parties.
> Provider can choose to share that data with other providers
Not without express consent. The default is 0 hops. Same rules applies for banking info.
You want to share with someone else? You have to ask for consent again. A lot of people did unknowingly sign up to have their data shared like you say though, which I think is a regulatory failure more than anything else.
In the US, HIPAA allows your medical data to be shared without your express consent as long as certain conditions are met. Generally, they are that the data must be used to help your provider meet a legitimate medical or business need, and they have to have a contract with the entities they share with that constrains their use of that data.
HIPAA compliance has a lot of ambiguity. You are correct if, say, your employer requested medical records from your doctor. However, any entity that works with your provider that is facilitating its business can still get your data without your consent.
JohnFen's comment is correct. This is why 42 CFR Part 2 was created; HIPAA was too loose with patient data.
I see the word DNA being bandied around here. I wonder if folks here understand the difference between "genotyping" (what 23andme does) and full "sequencing"? [1]
Genotyping only returns variants of interest (SNPs) which are specified up front -- not the full sequence. It's a smaller dataset.
Sequencing gives you the full genome -- which is currently too expensive to do at consumer scale (though prices are falling). 23andme does not do this. This means the type of genetic research that 23andme can do is somewhat limited.
Is genotyping data that useful for drug development?
From my intuition, genotyping data (where you specifically look for already known gene variants) is per definition barely useful for making "breakthrough discoveries". If that were really the case I would expect a much higher price point than $300mil.
It absolutely is extremely useful. Your genetic predispositions toward disease, treatment response, anything really, can be due to a combination of these known variants. Tracing your ancestry is done with these variants. These are regions that are commonly variable in the population.
These days, thanks to large haplotypic reference panels, genotyping with an adequately dense array is more than sufficient to impute almost everything else with extremely high accuracy.* You might miss a few rare variants but not much else.
*Assuming your ancestry is from a well studied population e.g. European.
Okay for all the people that are talking about how great this is, try this one.
What if it turns out a company that they sold all of their data to was later contracted by a government to develop biological weapons? And what if they were suddenly able to target those weapons at specific populations because of all the DNA data they had?
Is it still great that they can do this?
EDIT: Here is a concrete hypothetical for people that pretend they don't understand what I am talking about...
Imagine that [oppressive communist superpower] decided that they were tired of all the criticism they get for their treatment of their [minority Turkic ethnic group originating from and culturally affiliated with the general region of Central and East Asia] population. Rather than overtly mistreat them, they (via third-party contractors) go to the DNA database and find out that members of that population typically share a vulnerability to a dangerous strain of flu to which the general population has a resistance.
Rather than overtly oppress them in camps, they could now just custom tailor diseases to handle the "problem" for them, and not have to suffer the PR backlash.
That's like saying what if the charity for the homeless to whom people donated money suddenly was found to be a front for a global human trafficking (slave) organization.
People would be rightly outraged and angry, but that doesn't mean they made a mistake by giving their money to the charity.
Everyone makes judgement calls every day, it's the way the world works.
There's a number of charities that have been exposed like this - care homes run by charities have been exposed for sexual abuse and violence, homeless charities have been exposed for selling data to deportation agencies. The situation there is different because people come to those organizations expecting help in a crisis or untenable situation and end up harmed rather than helped. In the case of people giving their genetic data to a for-profit corporation there is the reasonable expectation that that data is not and was never safe because any such organization is a target to friendly or hostile takeovers by organizations that wish to harm the users. So in one case it's a matter of a broken promise, an organization doing the opposite of what its very purpose of existence is, and in the other case it's just capitalism doing what capitalism does.
> there is the reasonable expectation that that data is not and was never safe
This is key, and not everyone has this expectation when they use these services. Most people do not, and they're not entirely wrong. If you examine the various genetic testing corporations' user agreements, many of them place explicit limits on what happens to original DNA or replicated copies if the company is sold, merged, or otherwise changes. Companies do tend to hold to that kind of legal agreement provided it was sincere in the first place (there's no fine print providing loopholes) because it can get them sued.
Even the companies providing genetic data for research aren't providing the original DNA, only marker or SNP data, and it's probably de-identified to comply with HIPAA and other privacy laws.
Security through obscurity. That's all you're proposing.
Your DNA is out there. You're constantly leaving your muck wherever you go. As its value increases people will continue to harvest it: your favorite restaurants, your employer, (semi-)public restrooms, etc.
Don't try and put worms in a can, learn how to live with worms.
you can already do this. there are lots of public databases of data representative of different populations. signatures of different populations are known.
If that’s your worst contrived scenario then you’ve only convinced me that this is a good idea. All technology can be used for good and evil, things will get more extreme but continue towards net positive. Your evil scenario is outweighed by the global benefits of medical research.
Next time, just jump straight to saying [oppressive fascist superpower] and [minority ethnic group originating in and culturally affiliated with a small Middle Eastern nation]. We’re still more sensitive to that one.
I knew they would do something like this when I used 23andMe. I have no problem with it at all. If my DNA helps people well after my death, I'm totally fine with it.
My main issue here would be the fact the data is being sold to a private pharma company. The 'help' you are talking about might come at a huge cost, this simply helps them develop ever more expensive drugs because they are the only ones holding the data.
private pharma companies can already get access to confidential patient information during clinical trials. these protections are established and robust.
If a pharmaceutical company coming up with a cure for some of the worst currently-incurable diseases known to man makes them potentially millions or even billions of dollars, that seems like a win-win for everyone.
Conversely, the pharma company could identify a population that for which other treatments are ineffective, and use that data to justify raising price of their monopoly lifesaving treatment.
Pharma industry is in the business of profiting off disease, helping is a side effect and marketing line.
I would like to add that this is only a small part of the ethically fraught landscape of DNA databases. A proper regulatory framework is needed.
Fundamental to the problem is that consent is not necessarily possible with this data because of the high degree of correlation across the population. If a family member decides to get some recreational genetic testing done on themself then they have given consent on your behalf for you to get that testing done as well.
"To give or decline consent for 23andMe Research. By agreeing to the Research Consent Document, Individual Data Sharing Consent Document, or participating in a 23andMe Research Community you can consent to the use of your de-identified data for scientific research purposes."
This is just like facebook all over again. In the early days people said “so what if they have my data, I can play farmville and chat to my friends”. Fast forward 5 years, everyone starts to realise they’ve given away too much for too little. Except now you also give away data about your children and all your blood relatives as well.
As someone living with various health issues, I'd rather share my gene data and hope that GSK makes a major breathrough on something. Atleast that will push a gold rush for others to search for others cures. Maybe I it will eventually be one that lets me live a normal life.
You have to write a letter to some authority to have the DNA sample destroyed. You cannot prevent the collection ahead of time, so you have to trust that they have actually destroyed both the sample and any analysis they may have already done on it.
We did this, it took about 2 months. We got a letter back that the sample had not been used for any purpose and was destroyed.
First off it's illegal for them to use genetic information in health insurance decisions in the US.
If it were legal and they did want to do it then why would they need to buy 23andMe to accomplish this? Instead they'd just refuse to insure you without you providing a sample of your DNA.
Don't give em ideas man. Next thing you know, your premium goes up by X% because you're predisposed to having an addictive personality and deemed at risk to becoming an alcoholic/opiate/etc. addict.
Which part sounds good? At it's most simplest, the part where you are not just frittering away your own privacy, but also of those related to you ─ in order to help a Google spin-off based on nepotism, should be reason enough to remain wary ─ until at least some semblance of how to deal with bad practices or egregious cases, is offered by lawmakers on this subject.
Tiffany C. Li, a privacy expert and resident fellow at Yale Law School’s Information Society Project, told Tom's Guide. "You are paying to help the company make money with your data"
When you give your DNA data to companies like Ancestry.com or 23andMe, you give up not only your own genetic privacy, but that of your entire family
"You are paying to help the company make money with your data" also describes Amazon, Target, and my local gas station. In this day and age, it's hardly an indictment.
NAL. The act of following someone with the express intent of collecting genetic material and then covertly sending it off to be processed, without any overall consent, might be considered legal in your jurisdiction. However, you will require a rigorously disciplined approach, in order to acquire a non-contaminated sample, not to mention the costs associated with this exercise ─ just in case, you had any designs of putting this idea on a pitch deck.
Nevertheless, the above-mentioned debate is moot, especially when you consider the original point(s) made in the article, with regards to the vagaries of explicitly sharing your genetic data without first analysing the implications.
it really wouldn't be hard. person goes to a cafe, train station, and a store. grab probable hair sample from cafe, train station, and store. run pcr on 5 fingerprinting markers (kids do this in ap bio, not hard). if all three samplings match, that's probably your guy.
One kind of insulin can be bought for ~$25 at Walmart.
Now, this means that you have to monitor you sugar levels, have a restrictive diet, etc. All things that are very restrictive but better than dying that people did when insulin treatment was first being developed.
Now we have newer, reformulated insulin that allows for a more permissive lifestyle. That is expensive.
Should the newer stuff be cheaper? It certainly allows for a greater QOL and took time and money to research.
My grandmother is on insulin which the Bulgarian government mostly pays for, the rest is equal to about 50 euro/month or 55 usd. So it's practically free for us. The US has f-ed up healthcare. Change that.
On another thread someone was talking about the possibilities of the use of big data on medical records, but people pointed out some restrictions, be it HIPAA or other legislations regarding personal medical information, that would prevent that from happening.
TBH I think we benefit from research having access to such data, if it means to open new venues for development of better and cheaper drugs. But it sure leaves me scratching my head, maybe because the way it happened, for profit company selling user DNA data to another for profit without any cashback to the customers.
DNA is where technology renders the idea of privacy and ownership moot... If a few people related to me share their data 23andMe has more than enough to convict me of a crime or predict my health to some degree. My DNA is not just mine, but it's really shared property. We really have few social conventions or intuitions to cover this situation (I think).
WTF. I didn't sign off on this. Also who are they using scanning this DNA? Why do I trust them. I guess my DNA is everywhere anyways. I just wish I had more of a say about my genetics. I am so glad 23andme never accepted my DNA
The problem with a lot of these privacy policies and Terms of Service is that no one really reads them,"
Sometimes things get escalated to me when my team can't handle calls with upset customers. Our T&Cs is one page but covers A to Z. Some people openly admit "they don't read that shit" and yet expect you to bend every rule you have in place for them.
I'll leave others to comment on moral aspects of this story,as it's got a lot of it on each side of the coin.
That’s not my understanding based on conversations with an attorney for a project I was involved with for medical research. As always, consult an attorney; don’t take comments in an online forum as gospel, and get whatever sign off you need in writing.
A patient has no obligation to adhere to HIPAA rules for their own PHI, if that is what you meant.
In my medical work, a patient directed request is one where a patient has authorized the transfer or release of their PHI. That transfer/release is absolutely covered by HIPAA.
However, if you are a covered entity as defined by HIPAA, you are required to be compliant to the privacy and security rules set forth in HIPAA for PHI data.
My understanding based on arguments with a friend of mine who is a 23andMe executive, is that they argue that DNA data is not medical information, even when sold to medical companies for medical purposes. Their argument is not that the data disclosure was authorized by the patient for a specific medical purpose. I disagree with him that DNA information is not medical data. But if it's simply not medical or even personal data at all then he's right, they can do with it as they please.
I really think this needs to be adjudicated because people believe judges even when the facts are obvious and the arguments on one side are entirely economically self-serving and absurd (as 23andMe's claims about this are IMO).
Also in my personal experience with medical providers, they provide me with "privacy agreements" they require I consent to before they provide services and these agreements typically say I consent to their giving my private medical data to third parties for unknown purposes unrelated to my treatment. I have been point-blank denied treatment from hospitals, emergency clinics, and specialists, several times because I have refused to consent to these. Coerced consent, given under threat of actual death, is not true consent. Courts don't recognize that and med-tech denounces my position. Massive legislation putting an end to this is necessary and I have zero hope that will happen since Congress is in the back pocket of the misnamed "health care" industry.
> Like other health information, to be protected it must meet the definition of protected health information: it must be individually identifiable and maintained by a covered health care provider, health plan, or health care clearinghouse.
Yes, exactly, bingo, and there is the carefully crafted by expert congressional advisors loophole. Gene testing companies aren't any of these three categories, nor is virtually anyone else that is trading personally identifiable genetic data.
i was diagnosed with Parkinson's disease nearly 4 years ago, at 51. I had a stooped posture, tremors, muscle stiffness, sleeplessness, slow movement. I was placed on Sinemet for 7 months and then Sifrol and Rotigotine was introduced which replaced the Sinemet but I had to stop due to side effects. Last year, I started on Parkinsons disease herbal treatment from Akanni Herbal Clinic, this natural herbal treatment totally reversed my Parkinsons disease. Visit www. akanniherbalcentre .com The treatment worked incredibly for my Parkinsons disease, i have a total decline in symptoms including tremors, stiffness, slow movement and others.
Guess what, my maternal granddad had Parkinson's disease. I hope to god the do something with our data. I knew that $99 was not enough to pay for the processing, storage and hosting of my data. This is the long game for 23 and me. They are a genetic research company.
I knew this was something they were going to do and I am happy they are doing it. I hope we can come up with some profitable drugs that will cure some of these more complicated disorders. Just think of what we could do if we could easily treat Alzheimer's or other age related disorders. I am not even talking about cancer or diseases like pendred syndrome that could be possible result in couples hacking nature and removing genetic illness from their kids.
I am excited. Dangers, sure. Debate, totally.