A weekend day, I'm sitting with a friend on the terrace having coffee. The sun is shining and brings our conversation to skin protection. I talk about my preference for UV clothing where possible instead of creams. However, she has discovered a promising cream, developed by researchers she knows, but apparently difficult to bring to market. Just send in some cheek mucus and based on your DNA, a personalized sunscreen is sent. No, my friend hasn't tried it herself yet.
My friend is an intelligent woman, who, like so many of us, is venturing into unknown territory. I give my well-meant advice to be careful with this. Her reaction - 'There is regulation, what could go wrong?' - triggers me to delve deeper into this. Because yes, genetic data can have so much added value for breakthroughs in healthcare, but at the same time can also cause so much damage when they fall into the wrong hands, whether intentionally or not.
World of the genome
The world of the genome: an unprecedentedly large domain for research and development. Beautiful steps have already been taken. Think of more accurate diagnostics, personalized treatment, early detection of risks, improvement of medication, insight into rare and complex diseases. For example, a medication passport with the notification that someone is hypersensitive to morphine can save many (miserable) side effects.
The world of the genome: an unprecedentedly large domain also for criminals: theft of DNA data to hide under a false identity; unwanted revelations of family secrets. You name it. And even such a seemingly innocent cream is a reason for vigilance.
By no means safe
Giving up our DNA is by no means safe. And sharing DNA data online is not inherently reliable. Meanwhile, the scope and complexity of laws and regulations continue to increase with the digitalizing society. Can my friend still expect this entrepreneur in personalized creams to neatly comply with all rules?
Apart from security aspects - often traceable to vulnerability due to software errors, hardware issues, or human negligence - there is another issue. It is questionable whether there is sufficient attention to the way the data, in this case the DNA, is treated.
For DNA, you won't get there with de-identification techniques, for example; they remain traceable. After all, DNA is by definition the best authentication we know! My friend also turns out to be not so aware of how much DNA data is in demand. They are now part of complex international value chains. Think of international research, where researchers make the data available for insights, and in this work with all kinds of companies that provide or purchase services (such as instruments for analysis or processing to pharma). Regulation and supervision are therefore becoming increasingly difficult.
Also special: while in the medical domain a professional healthcare provider is involved, a commercial test such as for the sunscreen is performed without supervision of healthcare professionals. And can those who agree to the use of (DNA) data by third parties foresee the consequences of a seemingly innocent service that can be developed by third parties? What about discrimination, exclusion or stigmatization based on genetic predisposition? Or the possibility that parties claiming to deliver health gains actually do the opposite because investors or insurers were focused on 'other' outcomes.
Glass half full
Having said all this: my glass is always half full as you might know. As a doctor, I have seen for years that I can also scale up my expertise exponentially with digital means. For example, in a reliable and secure digital space, counseling is possible for many more people at the same time from my expertise and knowledge.
If I then imagine that together with other involved parties I take care of the (in this case DNA) data, from a network of professional healthcare providers, I think I can assume that a safe place has been arranged for this data. A place that continues to meet the strictest requirements and keeps up with the times. That the citizen as owner of DNA data has control over when and for how long this data is made available. And all this in a transparent process with structural auditing on the most important matters. For our very rapidly changing digital society, I see no other possibility to stay on top of it as humans, do you?
