Getting into your genes

DNA privacy is the subject of debate in both Washingtons. Will they protect your personal code?

By Angela Gunn • October 9, 2006 12:00 am
Getting into your genes

WHATEVER YOU THINK of marketers following your Web-surfing habits or cookies cluttering your hard drive, most of us would still like to consider private any activity that involves wearing a garment with one’s butt hanging out the back.

Medical-related privacy worries even people who don’t fear data collection on the Internet—a shrinkin’ group to be sure, in light of recent revelations about the reprehensible privacy track record at medical Web sites. It worries people who have never been on the Internet. And though most of us (somewhere in between) are touchy about the diseases-and-cures data in our standard medical records, DNA information is especially unnerving since it provides not only a history of what has happened but a look at what might.

Though the basic set of information in DNA doesn’t change over time (nuclear accidents notwithstanding), the ability of science to interpret the encoded information is barreling ahead—faster than patients can keep track, faster than consent forms can be filed, and definitely faster than legislators can rein it in. And the nature of that information—genetic predisposition to disease and infirmity, not to mention all- but-unique personal identification—is potentially far more sensitive than logs of your lunchtime Net-shopping excursions. It’s something like listening to your toddler holding a conversation with your visiting boss: No telling what the little dickens might blurt out next, but odds are good it’s going to be somewhere on the scale between embarrassing and damning.

DOWN IN OLYMPIA last Friday, the Senate managed to affirm SB 6498, a bracing declaration that “a person’s DNA or individual sequence of chemical base pairs is private information, which may not be obtained and utilized in an individually identifiable form by others without express written informed consent or pursuant to federal or state law.” Later that afternoon, the House saw their way clear to signing off on SHB 2491, which OKs DNA tests for those convicted of capital crimes or serving life sentences.

One if not both bills are now expected to die quiet little deaths as their nonnative houses ignore them in the usual Olympia fashion. Other bills on the agenda include liabilities for misuse of DNA info, various informed-consent statutes for allowing others to gather your DNA, a couple of big “POLICE LINE DO NOT CROSS” banners to keep insurance companies from using your DNA against you, and committees to keep an eye on the whole thing.

AS WITH OTHER KINDS of privacy, the people who want a piece of you only want a little piece, and really it’s for your own good. Earlier in the month a parade of concerned folk wended through the Senate’s DNA-committee hearings on the six bills in play this session.

Everybody’s got issues. Insurance spokespersons (one of whom had to be reminded repeatedly on-camera to at least pay lip service to the notion of privacy rights) are giving the stink-eye to SB 6326, a humble little bit of code that forbids insurance companies from using genetic data to deny or jack prices on individual coverage. Washington, of course, already forbids insurance companies to discriminate by underwriting. You know how happy that makes them; any move to reinforce that law is destined to be lobbied down with great volume.

Research labs and biogenetics folk—and a fabulously snide and condescending set they were, too—explained to the committee that they were already doing plenty to protect individual privacy, thanks, and shouldn’t have to be bound by certain kinds of informed-consent structures when they really only care about aggregate data anyway. Yeah, guys; tell that to the good people of Iceland, who have seen their genetic data sold several times over for profit, first by their government to a holding company, then by that company to a German research firm, then by that firm to an American outfit. Why is this data so desirable? Because it’s an aggregate—yes, an aggregate of data about folks whose family trees are so meticulously kept and whose number is so small that individual genetic mutations can be traced through generations, right down to individuals if need be.

Perhaps the most interesting contingent is the group whose concerns are most currently concrete: the crime-and-punishment crowd. Law enforcement representatives were on hand to emphasize DNA’s increasing usefulness in investigations. They were joined by representatives from the victims-rights movement and from the Catholic bishops’ anti-death penalty efforts, all arguing essentially the same thing: DNA helps society to convict the guilty and free the innocent.

But how well does it work? The law-enforcement related legislation, while well-intentioned and a step in the right direction, may not take into account the fact that DNA does a far better job of freeing the innocent than of convicting the guilty. The success of DNA data in reversing wrongful death-row verdicts is heartening, and the Senate bill (if it eventually becomes law) will enable more of the same. At a time when the legal mechanisms leading to the death penalty are being questioned by everyone from Amnesty International to the governor of Illinois (who recently signed a moratorium on executions until the state can complete an investigation into its own capital-punishment system), bills encouraging reexamination of DNA data in capital crimes are a step toward justice.

However, DNA is less effective at proving guilt. A recent case in Britain “conclusively” fingered a burglary suspect who, in fact, not only has a nearly airtight alibi but is so disabled he can barely walk, much less steal. Here in the US, the FBI uses a test that uses more loci (that is, data points) and thus ensures greater accuracy, but the statistical probability of a bad match is still not eradicated, and many states use no more loci than the Brits do. And ironically, as the number of entries in the government’s DNA database increases, so do the odds of a false positive. It’s hard to argue against stockpiling DNA samples from convicted felons, since it’s not hard to acquire them (blood will do) and they’ll keep. But as the good people of Iceland will tell you, it’s a lot easier to get DNA into a database than to extract it again, as one might wish to do in cases of wrongful conviction. In the next few months you’re likely to see a good deal of legislation covering how databases are to be put together. What you won’t see is policy on how to take them apart.

IF THE LONGEST journey begins with a single step, perhaps the circularity of the Clinton presidency can be conclusively proven by the fact that, hey, here we are at health care again. The Health Insurance Portability and Accountability Act of 1996 required Congress to come up with comprehensive policy standards by August 21, 1999; otherwise, the ball would get passed to Donna Shalala and her merry band of Health and Human Services folk. The August deadline came and went; in November, Clinton submitted his own suite of national medical privacy regulations and sent them to HHS, where they remained for public comment—sort of—until this week.

Shalala’s proposal covers five areas of concern, many of which overlap with those at the state level here: consumer control of records (including the right to see one’s own records and to request correction of errors in them), criminal and civil accountability for violating a patient’s right to privacy, the establishment of security procedures in individual organizations, the use of health info by employers for non-insurance-related matters like hiring and firing, and counterbalancing societal issues like public health and medical research. Clinton himself waded back in last week with an executive order prohibiting the federal government from hiring, firing, or promoting on the basis of genetic info—an action not unlike our own SB 6327 or SSB 6395.

BUT WHERE ARE YOU in the federal mix? Congratulations: You, concerned citizen, may have been literally thrown in the recycling bin. The so-called “public comment” period just ending at HHS has come under fire from the ACLU, which has strongly criticized HHS’s somewhere-between-hostile-and-incompetent mechanism for gathering public comment not made by lobbyists. Letters? Letters will be accepted by HHS, but they’re not considered any sort of official communication. Online feedback? The HHS Web site has a form on its site, but if you find it—good luck—it’s all but unusable.

And forget faxing. After grudgingly setting up a fax line for comments (and letting the ACLU publicize the number), over 2,400 people faxed in comments—at which point HHS decided that they weren’t accepting faxes, had no intention of accepting faxes, and what were all these faxes doing here anyway? Busy checking the want ads (the elections are in only nine months, y’all), the agency couldn’t take time to inform the ACLU; that organization first heard it from a representative of the Criminal Intelligence and Investigations section of the Federal Protective Service.

It is believed that the faxes were simply thrown away. Aren’t you glad you don’t entrust these idiots with, say, your indelible and permanent genetic data?