Google Knows What’s in Your Inbox, But It Shouldn’t Get Your Genome Without Consent

Originally posted in the Timmerman Report

I once had an idea for a science fiction story where everyone was paranoid about their genetic information getting out because of a misguided belief that genes equal destiny and that the burden of privacy is all on the individual. People would wear protective suits and carefully guard against leaving any iota of tissue out in public—not a single follicle or skin flake. All to prevent anyone else—potential employers, rivals, even potential lovers—finding out information about their genes.

I planned the story as a satire, taking our current world where Precision Medicine and cheap genome sequencing and not-quite-as-cheap genome interpretation are real things, and extrapolating to an absurdity. I wanted to highlight the kinds of more realistic challenges we might face as we learn more about our genes and face increasing questions about privacy and access to health care services. Of course, I thought this was completely speculative; I’d just be building a straw man story to make a point. I knew something this extreme would never really happen.

But maybe I was wrong.

Bloomberg news recently reported on a presentation by Bill Maris, the managing partner at Google Ventures, that was quite startling. Maris framed genomic information—your genome, my genome—as something everyone should be willing to share, all toward the goal of trying to extend human lifespan and increase wellness. As for privacy concerns? Why, “Your genome isn’t really secret,” he said. He went on to explain that we all leave traces of ourselves behind everywhere, and so anyone with the resources could fish your coffee cup out of the trash, swab off your lip-mark, and sequence your genomic DNA.

On the level of technological feasibility, he’s right. It’s possible.

But this is confusing feasibility with permission and legitimacy.

There are two related issues this brings up. First, just because something can be done doesn’t mean there’s nothing to worry about, and saying otherwise, especially from someone in a position of influence and stature like Maris, is a problem. Whether a hacker gets your genomic data from a database and exposes it in public or the data is obtained directly by someone—let’s call him a genetic pirate–sequencing off a coffee cup, it’s still illegal, immoral and unethical. There could be some big negative consequences to the people so exposed. In answer to the question, “What are you worried about?” I would answer, “A lot.”

For starters, think about discovering unexpected risks for disease. Finding key genes with variants that are of unknown significance could still cause unnecessary stress. Uncovering unexpected ancestry, as many 23andMe users have learned all too well. People who may one day play a role in your work and personal relationships may discover things in your genes that alter the course of your career and personal life. You may also discover risk that is shared with family members who may not want to know. That last point is a pretty fundamental one. We share half our genetic data with each parent, about the same (on average) with each sibling. Making a decision to share your own genetic data impacts them as well. Some of the genome projects out there, like the Personal Genome Project being run at Harvard, make a point of telling prospective participants to discuss the project with family members for this exact reason.

These kinds of risks exist. Downplaying them with the fatalistic argument that genomic data could get out one way or the other isn’t a reason for capitulation. I’m not on the corner handing out my credit card numbers because, you know, a hacker might get them eventually or an unscrupulous salesclerk could one day take a photo of them while I’m not looking.

Maybe I’m a bit sensitized to this having read Dave Egger’s The Circle, and in the middle of Whiskey Tango Foxtrot by David Shafer. Both describe organizations trying to capture all information across the globe, in the name of the greatest good and, along the way, world domination. The justifications in these stories are glib and simplistic—why not have cameras everywhere? Crime would never happen! Good people would have nothing to worry about! Maybe that’s part of what’s troubling about Maris’ comments. I’m sure he’s aware of the many risks inherent in sharing one’s genomic data. But his comments seem to be brushing them aside because of a view of what’s the greater good for everyone.

The second issue concerns the seeming cavalier attitude about consent and ethics that’s embodied by the coffee cup story. Again, this is possible. But would anyone do that? The story suggests an attitude toward informed consent that’s less stringent and more superficial than seems prudent with respect to genetic research.

There are reasons why the ethics of genome sequencing is a hot, thorny topic. Biomedical research using genome information is qualitatively different from that performed with more conventional experiments that look at serum or other tissues and measure just one or a few analytes. The huge breadth of information that a genome sequence reveals about a person, which is nevertheless dwarfed by the amount we don’t understand, means strong consent is a requirement for people to participate in genetic research. People absolutely need to know what they’re getting into before they agree to hand over their genomic information to any research form, corporation, or government body.

Over the past few years entrepreneurs from the information technology and software domains have started several different initiatives to shake up biomedical research. It’s been exciting and encouraging. There’ve been a lot of new ideas, great big goals, and innovative approaches. But I wonder if there’s also a problem with a lack of experience with the specific and peculiar nature of biomedical research. Peculiarities such as informed consent. While A vs. B experiments happen all the time in online platforms and companies continually collect and mine user data, genomic data is different and should be obtained, approached and treated as such.

Will the same confidence and willingness to push forward and take risks that has succeeded so well for Silicon Valley end up being a problem as these companies move forward? The ethos of getting a product out as quickly as possible, warts and all, so that user feedback can be gotten quickly works great for an app or mobile device. But when the process involves human health data and one key customer is the FDA, bad feedback and bugs may mean being shut down, as Maris well knows since Google Ventures is a backer of 23andMe. It took 23andMe about two years to get out of the FDA penalty box after the agency said it went too far in its attempts to interpret and provide health-related information from a person’s genomic DNA sequence.

Still, that same example gives a glimpse of how Silicon Valley can thread the needle. 23andMe is back in the genetic testing game, with a modified approach and more limited set of genes that it reports on that are well validated for providing guidance on disease risk, such as the APOE4 variants that predispose a person to Alzheimer’s disease. And they also didn’t stay still during their time away from Direct-To-Consumer health testing, launching into drug development using their genetic database. With, I should add, informed consent.

I expect Bill Maris and Google Ventures will continue pushing the envelope. But they will likely run into stiff resistance from medical institutions and patients, if they try to treat genomic data as if it’s the same as what’s captured in your web browsing history. Maybe in the future their statements will be a little more circumspect about what we can versus what we should do. Although I have to say, if I should ever find myself having coffee with Bill Maris, I’m keeping my cup.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s