The First Rule of Genomic Identifiability
In the 7 February 2013 edition of Nature I have a commentary on genomic privacy arguing that it is time to re-frame how we think about this issue. I wrote this partly in response to the Science paper by Gymrek et al in which the authors used a combination of public genetic and genealogical data to re-identify the surnames of supposedly anonymous—or at least “de-identified”—people.
The initial reaction to my commentary from the senior author of the paper, Yaniv Erlich, was anger. He felt that I was denigrating his work, that I was implying that it had been done before and therefore it was not a big deal. Rereading my piece, I can see how he would think that; given a do-over and more space I reckon I would phrase some things differently. But I did not mean anything of the sort.
Yaniv and I had an honest and respectful exchange. His revised and measured response is here; I admire and appreciate his willingness to reconsider his initial reaction. I did my best to assure him that my goal was never to minimize what he and his team had done. On the contrary: Academic “privacy hackers” like Yaniv Erlich, Latanya Sweeney and Brad Malin are essential to understanding how secure our genomic data might—and might not—be.
What I was really trying to convey was frustration: we now have a decade’s worth of data demonstrating that genetic information is identifying. NIH (disclosure: I am a recipient of NIH funding), in its commentary that appears alongside the Erlich group’s paper, says it is concerned about this issue, but doesn’t seem all that willing to entertain policy alternatives that fundamentally challenge the status quo. The PGP, for example, is not mentioned.
Folks who study human beings are nervous. Indeed, in a phone conversation today Yaniv told me that a senior colleague of his said that his paper should not even be published lest it lead to a shutdown of public sequencing resources.
Really? So genomic identifiability is like Fight Club?
- John Lauerman is not only monitoring his medical condition, he is actively receiving treatment: see Pete Estep’s comment on my piece.
- I got Yaniv’s institutional affiliation wrong. The Whitehead Institute informed me that, “Yaniv Erlich is a scientist at, and employee of, Whitehead Institute for Biomedical Research, where his lab is located. He does not work at Massachusetts Institute of Technology.”
- I should not have implied that dead people are not covered by HIPAA Privacy. “…the medical record of a deceased patient is subject to all restraints on disclosure that are applicable to the record of a living patient.” Phew: corpses everywhere are resting easier.