Publication Date

3-27-2020

Document Type

Paper

Faculty Advisor

Jennifer B. Wriggins

Abstract

With the rapid evolution of technology and science comes a risk – a privacy risk. As fortunate as we are to be alive at a time where we can connect with others around the world who share our DNA, we must also ask, “At what cost?” Consumer DNA database companies such as Ancestry and 23andMe provide a wealth of knowledge to consumers seeking to learn more about their genetic makeup. The first step in using these sites is to consent to a privacy policy. However, the privacy policy only addresses the person submitting the sample even though the DNA being submitted is shared in part by many others.

As I began to think about everyone with whom I share a genetic link, I questioned whether my use of my own DNA could ever infringe on the privacy rights of my family members. More specifically, I was concerned that my sole consent was not enough and that to be absolutely accurate, the privacy policy would need to obtain the consent of every person with whom I share a genetic link. Obviously to garner consent from all of those people would be unreasonable, especially since many of whom may even be unknown to me. My article highlights some key instances in which a non-consenting individual’s privacy is at risk because of another person’s use of the DNA database.

Many would argue that the benefits of these companies outweigh the privacy risks – the cons. And my article does not seek to weigh these. It does, however, consider whether the privacy policy, addressed only to the person submitting the sample, is sufficient as is.

COinS