FREE NEJM E-TOC    HOME   |   SUBSCRIBE   |   CURRENT ISSUE   |   PAST ISSUES   |   COLLECTIONS   |   Search Term  Advanced Search

Sign in | Get NEJM's E-Mail Table of Contents — Free | Subscribe

Previous Volume 355:545-546 August 10, 2006 Number 6 Next

PDF PDA Full Text Interview Add to Personal Archive Add to Citation Manager Notify a Friend E-mail When Cited E-mail When Letters Appear PubMed Citation

"Who am I?" has always been a fundamental philosophical question that may require decades of reflection to answer. With the advent of DNA analysis, there is a growing public impression that the answer may be found in our genes. Various Internet sites offer descriptions of our ancestral history on the basis of our DNA, as well as testing for specific "disease genes" or general profiles that are used to recommend lifestyle changes, such as foods to be eaten or avoided. Researchers have even suggested that although the scientific evidence is speculative and at best probabilistic, many people will want to have their DNA analyzed for markers of predispositions toward certain behaviors, including risk taking, overeating, aggression, and even criminality.^1,2

As these opportunities to learn about our DNA expand and affect the way we construct our personal identities, we should be alert to the risks as well as the benefits of exploring our DNA and basing an understanding of who we are on genetic testing. We should be wary of perceptions of ourselves — whether our own or others' — that are based on results of tests that have not been validated or on misinterpretations of valid tests. We should be at least as concerned that others may know more than we do about our own genetic makeup. DNA analysis, in combination with the Internet, creates an unregulated market in DNA and new opportunities for invasions of genetic privacy.

Using the Internet for the marketing and purchasing of genetic tests sidesteps the doctor–patient relationship and eliminates meaningful, face-to-face genetic counseling. It also magnifies an older but unresolved danger: whenever identifiable DNA samples are collected and stored, there is a high risk that violations of genetic privacy will follow. As the evolution of DNA banking for research demonstrates, DNA donors shouldn't assume that the privacy protections they take for granted in medical care and clinical research apply. People give up more than they realize when they hand over their DNA.

DNA collection and banking have already gone through two distinct stages. Initially, the people most actively involved in DNA collection (outside law enforcement and the U.S. military, both of which use DNA for identification purposes only) were researchers seeking genetic markers for a particular disease, who typically collected DNA samples from families at risk for the disease of interest and stored those samples. Consent forms typically contained a provision permitting the researchers to retain and reanalyze DNA samples in related research after the primary study was completed. In the next iteration, consent documents included much broader statements in which subjects acknowledged that their DNA samples would become the property of the researchers (or institutions), who could control the samples for their own benefit. The research subject was thereby transformed into a DNA donor.³

Recent years have seen the emergence of private companies, such as the Ardais Corporation and DNA Sciences, that — either at hospitals or through appeals over the Internet — collect and analyze samples and personal information for the express purpose of selling them to researchers. The National Institutes of Health also has plans to develop a national repository similar to the U.K. Biobank, a new resource for researchers that will eventually include information and blood samples from 500,000 volunteers. With such developments, DNA banking is quickly changing from an academic research activity to a governmental and commercial enterprise conducted by DNA brokers. As a result, the relationship between subjects and researchers is being severed, and along with it the associated legal rights and obligations, including obligations to reduce risks to subjects' privacy and to maintain the confidentiality of their information. The unresolved legal status of the relationships among donors, brokers, and researchers raises troubling questions about privacy and property rights.

Without adequate protections for genetic privacy, autonomy to discover and use one's own genetic information for one's own purposes cannot be realized. A fundamental concern is that the possession and storage of a personally identifiable DNA sample give the possessor access to a wealth of information about the person and his or her genetic relatives. This includes information derivable from new DNA tests that were not available, or even anticipated, when the sample was relinquished. Consequently, as long as personally identifiable DNA samples are stored, there is the possibility of unauthorized access to and use of genetic information — an invasion of genetic privacy. To the extent that we see ourselves and our future as influenced by our genes, such invasions can disrupt our very sense of self.⁴

In response to this concern, a majority of states have begun to regulate genetic testing and fair uses of genetic information. But these laws are almost exclusively antidiscrimination statutes that target the behavior of insurers, employers, or both after the DNA has been collected and analyzed. Some states, such as New Jersey, include broader privacy protections by prohibiting unconsented-to collection and testing of DNA generally (although those statutes typically include broad exceptions for law enforcement and medical research) and by defining requirements for consent to testing. Only about half a dozen states, however, require either explicit consent for sample storage or the destruction of samples after the purpose for their collection has been achieved.

It is, of course, the DNA sample itself, which can usefully be viewed as a coded probabilistic medical record, that makes genetic privacy unique and differentiates it from the privacy of medical records.⁵ The absence of any meaningful property or privacy protection of DNA samples means that consumers must be extra cautious and seek specific information about the fate of the samples before sending them off for testing. Minimal information that they should obtain includes the site where the sample will be analyzed, whether and how long it will be stored, and who will have access to it and to any identifiable information linked to it. The best consumer advice, given current law, is that one should not send a DNA sample to anyone who does not guarantee to destroy it on completion of the specified test.

Redefining ourselves and our futures in accordance with insights offered by our DNA is hopelessly reductionistic, if inherently fascinating. We will not learn who we are by having our DNA analyzed, but we will almost certainly give others the opportunity to learn something about us. And our DNA is not like our credit cards: we cannot simply get a new number. As long as someone has our identifiable DNA sample, he or she will be able to learn things about us we may not know, may not want to know, and certainly don't want others to know. DNA collection, banking, and analysis are expanding rapidly, and we need a federal genetic privacy law to protect people who want to know what secrets their DNA contains, as well as those who don't.

Source Information

Ms. Roche and Mr. Annas are professors in the Department of Health Law, Bioethics, and Human Rights at Boston University School of Public Health, Boston.

An interview with Prof. Annas can be heard at www.nejm.org.

References

1. Harmon A. That wild streak? Maybe it runs in the family. New York Times. June 15, 2006:A1. 
2. Begley S. Genes, not experience, explain why the lives of some take a bad turn. Wall Street Journal. June 16, 2006:B1.
3. Washington University v. Catalona, 2006 U.S. Dist. NEXIS 22969 (D.C. Mo. 2006).
4. Annas GJ. Privacy rules for DNA databanks: protecting coded `future diaries.' JAMA 1993;270:2346-2350. [Free Full Text]
5. Roche PA, Annas GJ. Protecting genetic privacy. Nat Rev Genet 2001;2:392-396. [Web of Science][Medline]

PDF PDA Full Text Interview Add to Personal Archive Add to Citation Manager Notify a Friend E-mail When Cited E-mail When Letters Appear PubMed Citation

This article has been cited by other articles:

• Gray, S. W., O'Grady, C., Karp, L., Smith, D., Schwartz, J. S., Hornik, R. C., Armstrong, K. (2009). Risk Information Exposure and Direct-to-Consumer Genetic Testing for BRCA Mutations among Women with a Personal or Family History of Breast or Ovarian Cancer. Cancer Epidemiol. Biomarkers Prev. 18: 1303-1311 [Abstract] [Full Text]  
• Beskow, L. M., Dean, E. (2008). Informed Consent for Biorepositories: Assessing Prospective Participants' Understanding and Opinions. Cancer Epidemiol. Biomarkers Prev. 17: 1440-1451 [Abstract] [Full Text]