Is your genome worth guarding?

3 minute read

Katrina Voss wrote in New Scientist a couple of weeks ago: “Your genome isn’t that precious – give it away”. After discussing legislative efforts to provide remedies for genetic data security breaches, she writes:

Yet much of our concern about the abuse of personal genetic data seems overblown. It betrays a fundamental delusion of self-importance: we assume that someone will find our individual genome interesting enough to hack into it and exploit it. In most cases, this would be a waste of time: our genetic secrets are rarely worth the cost of obtaining them clandestinely.

The article touches on the Personal Genome Project’s aim to release data unconditionally. In that context, complete openness can be cast as a selfless sacrifice:

The PGP's open approach is pragmatic: society has much to gain from unrestricted access to genome sequences, medical histories and phenotypic data. For example, only by knowing how traits, experience and genes interact can we discover how both environmental factors and DNA affect disease. The prospect of such progress was a major factor in my family's decision to get involved. Whatever our fears about privacy, we have chosen to cast them aside for the greater cause. But no one who chooses to have their DNA tested should expect perfect anonymity - especially since DNA is the ultimate identifier.

Hmmm….the ultimate identifier.

I don’t have anything against people choosing to make their data totally open – I could imagine choosing to do so myself. I do think we should consider the rights of siblings, children, and parents, who after all share half each others’ genomes.

But I read another article that I think makes an interesting juxtaposition: “How much are you worth on the black market?”

Ever wondered how much your online identity is worth to a cybercriminal? A new tool from Symantec Corp. will perform the calculation for you.
The Norton Online Risk Calculator, unveiled within a microsite to coincide with the launch of Norton 2010, calculates your net worth on the black market by asking a few questions about your personal Internet use.

It’s a catchy intro for a story about data security – later the miserable facts:

Mistakes Internet users continue to make include forgetting to renew their security software subscriptions, not keeping operating system patches up to date and failing to use the latest version of their Internet browser, Merritt pointed out.

Sure, a genome today is worth less than a credit card number on the black market. But suppose you knew somebody’s DNA fingerprint, mtDNA sequence or other data used routinely in forensics. It would be trivial to synthesize fragments with the right lengths and primer sequences, use PCR to make a bunch of copies of them, and scatter them at a real crime scene.

Well, that’s the paranoid scenario, anyway!

"Every four and a half minutes, a crime is committed on the streets of Los Angeles. Every three minutes, a crime is committed on the streets of Washington, D.C. In New York, a crime is committed every two minutes ... every three seconds, a crime is committed on the net," she said.

For genetics, the question hinges on whether there will ever be a practical use for the data. I mean, when we talk about “identity theft”, we think there’s something worse going on than thieves walking into your house and taking down the genealogy chart.

Blackmail is a use, but not very practical on a large scale. Now, if somebody could corrupt your data, say change a nucleotide or two, then they could spoof drug interaction risks and thereby damage your medical treatment courses. Still, that’s not going to drive a huge underground of omecrackers.

Of more relevance: What could somebody do if they knew the average genetic makeup of an organization, say by cracking a representative sample?