One doctor explains the privacy concerns surrounding the kits
One Dublin-based doctor is arguing that she won’t be buying any at-home DNA testing kits that are especially hawked in the lead-up to Christmas, and neither should you.
Writing for the Irish Times, Dr. Karlin Lillington noted how after signing up for an ancestry site online, her emails have been plagued with advertisements for DNA testing services, which led her to tweet a warning on November 26.
Guys: DON'T DO THE DNA KIT. JUST DON'T. DON'T DON'T DON'T. Why is the price so low? Because YOU and your DNA are the PRODUCT they will sell elsewhere. Giving you the results for $49 for databases they get paid millions for has them laughing, and you, exposed at DNA-level. FOREVER— Dr Karlin Lillington (@klillington) November 26, 2018
“DON’T DO THE DNA KITS,” Dr. Lillington tweeted. “Because YOU and your DNA are the PRODUCT they will sell elsewhere.”
Elaborating, Dr. Lillington writes: “Let’s be clear: DNA companies offer you cheap DNA analysis not because they want to help you find your ancestors and living relatives, or your precise ethnicity, or your possible risk for developing various medical conditions, but for the same reasons Google offers you free searches, or Facebook a free social media universe.”
“Once you opt in to sharing your data, you are the product.”
Separately, on her Facebook, Dr. Lillington wrote: “The kits are marketed as a bit of fun, or helpful medical information, or helpful in learning who your past and living relations are."
"But they are ONLY being offered by these companies to compile DNA databases that can be sold, for tens to hundreds of millions, to private companies, generally big pharma or med startups.”
In her column, Dr. Lillington explains how on each of the relatively cheap DNA testing kits someone purchases, there’s always an amount of ‘fine print’ as to who can handle the data once it’s been collected.
While Dr. Lillington acknowledges that the recently rolled out GDPR (General Data Protection Regulation) in the EU may be helpful in protecting users' data, the new regulations are not fail-proof and do not guarantee safety outside of the EU.
“Creating regulations isn’t the same as guaranteeing compliance,” says Dr. Lillington, “especially when companies are themselves sometimes unsure of how to comply, or are actively seeking ways to duck compliance. Or are just ignoring GDPR.”
Antoin O Lachtnain, director at Digital Rights Ireland, echoed Dr. Lillington by saying that when DNA data is concerned, GDPR “provides legal protections. But the problem is that those protections may not be practically effective.”
Further, even if a company is adhering to GDPR and users’ privacy rights, it does not make the data impervious to hacking.
Do you agree or disagree with Dr. Lillington about DNA kits? Share in the comments