By Ajay Royyuru
A physician once told me that “your genes load the gun. Your lifestyle pulls the trigger.”
We were talking about how genetics play a role in the likelihood of a disease manifesting itself – and how the way we live also influences that likelihood. And it’s getting easier and faster for doctors and scientists to precisely understand which genes influence which diseases, and by how much.
This improved access and understanding of the genome, though, brings up challenges to the notion of ownership, consent, and privacy. Should a patient ask her siblings, parents and grandparents for permission to reveal genetic information? How much of a person’s genome should be tested, disclosed, or archived, per analysis?
Currently, we know of about 15,000 disease informing mutations within the 3 billion positions in our genome.
Accessing your genes
Parental contribution only tells part of the story about our personal genome. We know that germ line genes – genes you are born with and persist over generations – can mutate and cause cancer, or diseases like cystic fibrosis and sickle cell anemia. And we can even test for a few hundred of the germ line’s Mendelian inherited diseases, such as Huntington’s, because they’re caused by a single gene. New York State, for example, tests every newborn child for about 40 genetic diseases that otherwise may not be identified at birth, but that may cause illness, mental retardation, or even death if not treated in the first weeks or months of life. Still other mutations are somatic; the result of changes to your genetics after birth. This is where a predisposition for certain cancers or diseases, from hypertension to Type-2 diabetes, interact with lifestyle.
It’s also where the issue of privacy gets nuanced.
The National Institutes of Health considers germ line information re-identifiable. It’s been shown that anonymous genetic data can, indeed, still identify individuals by connecting it with publicly available information.1 Genetic data describing somatic mutations is considered non-identifiable and therefore disclosed and disseminated with lesser concerns.
That identifiability is due to the fact that there is nothing more unique than your genome. It’s the difference between knowing someone’s cholesterol number, versus the genetic elements that influenced that number. The latter is more specific and closer to uniqueness, hence a greater aid at identifying that person. And it might also identify members of that person’s family.
Protecting your genes
My team studies these aspects of genomics research and privacy in our work on precision oncology, looking at treatment options based on somatic mutations that drive cancer. And 10 years ago, during our Genographic Project, we realized the definition of genetic privacy had to be broadened to the workplace. The policies established for that project later laid the first-of-its-kind legislative ground work for the 2008 Genetic Information Nondiscrimination Act (GINA).
As identifying genes, and processing entire genomes gets better and faster – and we discover more connections between genes and diseases – we will need new kinds of privacy protection. One area I’m exploring is around the fact that identifiability is not a binary attribute. Gene commonality ranges from the individually unique to across the populace. We need to ask: what is a more sophisticated metric for the identifiability of our genetic data?
Register for the Computer History Museum’s Techonomy BIO on March 25, where Dr. Royyuru will discuss “Who Owns Your Genetic Data?” and “The Internet of (Bio)Things.”