Numerous direct-to-consumer genetic testing services now offer individuals genetic sequencing, testing, and ancestry mapping services outside of the traditional healthcare infrastructure and regulatory barriers. The rise of direct-to-consumer testing services presents policy questions on how to best protect consumers while still promoting future innovation. From a data privacy perspective, concerns include who can share other people’s genetic information, what entities can use the information, what happens if the information is stolen, and whether law enforcement, or other entities, can request information from a third party. The overarching concern is that once disclosed, genetic information often cannot be unshared or returned. Further, genetic information from biological relatives can provide information on others who have not personally disclosed or authorized disclosure of their genetic information.
In the United States, a patchwork of regulations has been created at the state level that exceeds the minimum requirements created by Congress. In other parts of the world, countries and regional networks have similarly created varying regulations to govern genetic information and its use. This comment reviews various regulations both in the United States and Europe, discusses the implications of the various regulatory schemes, and proposes a regulatory regime. This proposal aims at harmonizing rules across jurisdictions, distinguishing between “faceless” and individually labeled data, and seeks to allow for data use, testing, and development of new technology, while limiting exposure of individuals genetic information.
Direct-To-Consumer Genetic Testing: Privacy Issues & Impacts on Biological Relatives,
SMU Sci. & Tech. L. Rev.