Search


  • Categories


  • Archives

    « Home

    Archive for the ‘DNA’ Category

    Privacy Problems Continue with Anonymization of Data

    Friday, February 6th, 2015

    In a recent article for Science, researchers Yves-Alexandre de Montjoye, Laura Radaelli, Vivek Kumar Singh, and Alex “Sandy” Pentland showed that the “anonymization” of personal data is not a guarantee of privacy for individuals. Before we discuss their study, let’s consider that it has been almost two decades of researchers telling us that anonymization, or “de-identification,” of private information has significant problems, and individuals can be re-identified and have their privacy breached.

    Latanya Sweeney has been researching the issue of de-anonymization or re-identification of data for years. (She has taught at Harvard and Carnegie Mellon and has been the chief technologist for the Federal Trade Commission.) In 1998, she explained how a former governor of Massachusetts had his full medical record re-identified by cross-referencing Census information with de-identified health data. Sweeney also found that, with birth date alone, 12 percent of a population of voters can be re-identified. With birth date and gender, that number increases to 29 percent, and with birth date and Zip code it increases to 69 percent. In 2000, Sweeney found that 87 percent of the U.S. population could be identified with birth date, gender and Zip code. She used 1990 Census data.

    In 2008, University of Texas researchers Arvind Narayanan and Vitaly Shmatikov were able to reidentify (pdf) individuals from a dataset that Netflix had released, data that the video-rental and -streaming service had said was anonymized. The researchers said, “Using the Internet Movie Database as the source of background knowledge, we successfully identified the Netflix records of known users, uncovering their apparent political preferences and other potentially sensitive information.” Read more »

    Continuing Debate on Privacy and Use of Newborns’ Blood Samples

    Monday, December 1st, 2014

    There has been considerable debate about the ethical, privacy, and civil liberty issues surrounding the unauthorized or unknowing retention and use of babies’ blood samples for purposes other than disease-screening in the United States and abroad. Often, parents are not told of the possible lengthy data retention period, possible distribution to other agencies, and possible other purposes for which their children’s blood samples could be used. Now, WNCN in North Carolina looks at the situation, and what it finds shows there are also questions about de-identification or “anonymization” of newborns’ medical data.

    Asked what the government plans to do with the data, Scott Zimmerman, director of the N.C. State Public Health Lab, said, “So if an outside agency such as an academic institution approaches us and asks for dried blood spots, there are two approaches that can be taken. One, we can get parental consent to release that dried blood sample to an outside entity. We will not release any DBS that contains patient information without parental consent.”

    Zimmerman added, “The only other way DBS are released is if they are de-identified.”

    Researchers have shown that, often, data that has been de-identified can be re-identified (or “de-anonymized”), and sensitive data could be linked back to an individual. Therefore, there is a significant privacy concern for individuals’ whose information is shared, without their consent, in this manner.  Read more »

    Vox: 23andMe reverses its decision to move to more lax privacy settings

    Thursday, September 18th, 2014

    Vox reports on a decision concerning the privacy of medical data by by genetics testing company 23andMe:

    The personal genetics testing company 23andMe is reversing plans to make a major change to its privacy settings, after a Vox story raised concerns about the move.

    On September 9, we published a feature about some of the pitfalls of personal DNA testing, with a focus on 23andMe, a leading company in the field. We talked to some people who used 23andMe and ended up unexpectedly finding close family members they didn’t know they had. In one case, a professor’s parents divorced after the site revealed that his father had a child before he was married. We reported that 23andMe was planning to alter its user settings in a way that could make these unexpected reunions happen more frequently. [...]

    But, because of concerns raised by the Vox story, the company reversed its decision to make those changes. It is also going to hire a Chief Privacy Officer.

    Read the Vox story for the full statement from the 23andMe chief executive.

    InformationWeek: When Big Data & Infants’ Privacy Collide

    Friday, August 29th, 2014

    InformationWeek reports on issues concerning children’s medical and genetic privacy:

    For decades, hospitals have conducted blood tests on newborns, checking babies for various conditions, treatable and not. Today’s less costly tests, genomic research, and technological advances, coupled with differing policies across states, worry some privacy and ethics advocates.

    Whereas some states allow parents to opt-in for testing, others have an opt-out approach. Critics argue parents have little to no say in whether this data is collected, where and how long it’s stored, and what organizations do with this information. Lower genome testing costs sparked debate about researchers’ right to use this information; who should learn of infants’ chronic conditions and when; and the type of data government, researchers, payers, or healthcare providers can cull. Other concerns surround the storage and transmission of data that’s not de-identified and its potential theft. [...]

    In May, Minnesota Gov. Mark Dayton signed a law allowing the state to indefinitely store blood spots for future research. Parents can opt out. In New York, parents can decline testing for religious reasons, said the Wadsworth Center, NY Department of Health, which screens the state’s newborns for more than 40 inherited metabolic conditions.

    Economic Times: Indian government to set up Data Protection Authority to safeguard privacy

    Friday, February 21st, 2014

    The Economic Times reports that India is considering the creation of a data protection agency, which would seek to protect privacy:

    NEW DELHI: The government plans to set up a Data Protection Authority (DPA) that will rule on issues around privacy invasion and impose penalties on violations, moving strongly towards safeguarding individual privacy and defining invasion of privacy offences.

    The authority will “investigate any data security breach and issue appropriate orders to safeguard security interests of all affected data subjects in respect of any personal data that has or is likely to have been compromised by such breach,” according to a draft Right to Privacy Bill that was seen by ET.

    In the draft prepared for approval of a committee of secretaries, the government has proposed that all Indian residents shall have a right to privacy. Restrictions can be imposed only in accordance with the law and to meet specific objectives. Further, more extensive safeguards for privacy will override the Act in case of a conflict.  Read more »

    PBS: Forget Fingerprints: Law Enforcement DNA Databases Poised To Expand

    Wednesday, January 8th, 2014

    PBS’s “Nova Next” reports on the expansion of DNA databases, and the biometric data collection has implications for privacy rights:

    In June, the Supreme Court ruled that it is constitutional to take DNA samples from people who have been arrested for serious crimes—without a warrant, much less a conviction. Like bits of DNA taken from people found guilty, those samples can be entered into a database and used not only for the case at hand, but compared to other crime scene samples, connecting the arrestee to past crimes. [...]

    Today, 28 states and the federal government already collect genetic samples from people arrested for serious crimes (mostly felonies, though some jurisdictions include certain misdemeanors as well), while the remaining 22 states only take samples from people convicted of those crimes. The recent ruling is likely to have wide-reaching implications—both for states that already have databases and for those that don’t, yet. [...]

    Depending on whom you ask, DNA databases herald a future of either lower crime or less privacy. Many of the arguments echo the Supreme Court ruling and dissent: Proponents say the databases help police catch dangerous criminals faster and identify offenders who had eluded detection, thus providing a big pay-off for each law enforcement dollar. Others object to the databases on the grounds that they violate privacy by storing genetic data, are an inefficient use of limited resources, or are likely to encompass more and more people—perhaps including those never even suspected of a crime. Read more »