DeCODE Genetics, a genetics research firm, began offering personalized DNA testing through its deCODEme website two years ago. A customer mails in a sample taken from the inside of his cheek, and the service calculates the subject’s genetic risk for disease — cancer, diabetes, Alzheimer’s, heart disease.
The company told the Times that Saga would be bound by deCODE’s privacy agreements with customers, which prohibits the disclosure of customer data to third parties such as insurers, employers or doctors.
It may be true the disclosing customer data is against this particular company’s policy, but if their assets (including this data) are purchased by another firm, then they can do whatever they want with it (in theory – I’m not super familiar with Icelandic privacy laws).
The problem is that the firm could be bought by another bio-tech company, or by a telemarketing group. The data (and DNA samples) could be used for any number of interesting, beneficial, or nefarious things.
As personal data continues to be collected by private firms, these sorts of issues will begin to occur with greater and greater frequency. Unfortunately, my guess is that companies will treat this data like any other asset, and sell it to the highest bidder when they face liquidity problems. What happens to the people who are connected to that data are the least of the company’s concerns.
In the near future, society will need to devise a better way of dealing with personal information management. I’m afraid, however, that it will take a watershed event to make this problem apparent.
In the meantime, I’ll be anxiously watching this case to see what happens to the stored DNA. At this point, it’s anyone’s guess.