business news in context, analysis with attitude

Axios reports that “genetic testing companies that trace customers' ancestry are amassing huge databases of DNA information, and some are sharing access with law enforcement, drug makers and app developers.” The story points out that “there are now more than 50 DNA-testing kit services on the market,” and they are doing enough business that “MIT Technology Review predicts more than 100 million people may be part of commercial genetic databases within the next two years.”

The story notes that “commercial DNA-testing services aren't specifically covered by federal privacy rules, such as HIPAA, because they aren't health providers or insurers. They are subject to the FTC's protections around privacy disclosures, as well as some FDA standards for how data is used in drug and medical device research.

“But protections can get murky when genomic data is used for human-subject medical research or for treatment…”

This isn’t just theoretical: “ and 23andMe - the largest companies that, combined, have DNA data of 15 million users - both share anonymized genetic data with outside researchers and companies.” Kathy Hibbs, 23andMe's chief legal and regulatory officer, tells Axios that this sharing can speed up vital drug development, that its customers are asked if they want to opt in, and that "it's not individual data that's interesting for research - it’s the ability to look at large groups of people to see what's unique. It's the aggregate data, not individual data, that's meaningful.”
KC's View:
This story struck me as interesting because it underlines the whole privacy issue; it is critical for businesses to take customer privacy very seriously.

I don’t mind my DNA being used for medical research purposes, but I do want to be asked. I’m less thrilled with the idea that law enforcement will have access to my DNA, even though I haven’t done anything wrong … it just strikes me as intrusive.

Same goes for my specific shopper data.