Any consumers who do business transactions with any companies must be aware of how their information is being collected, stored, and for what purpose.
Giant pharmaceutical company GlaxoSmithKline declared in July its acquisition of a $300 million venture in 23andMe. Included in the four-year deal is that GSK will have the sole privilege to extract customers’ personal data to deepen drug functions.
It was reported last month that DNA testing firms such as Ancestry and 23andMe acknowledged a few guidelines to engage in the consumer privacy concerns. The said guidelines are outlined together with the Future of Privacy Forum which stated that companies need to acquire “separate express consent” from consumers preceding the distribution of their individual-level data including genetics and personal data to certain third party companies.
Customer details involve the employer’s name, insurance companies (if any), educational institutions as well as government agencies. Any approach of distributing individual-level” information requires consent from the owner of the DNA. According to the best practices regulations, DNA testing companies should notify their customers regarding the emanation of personal data disbursements to authorities inquiries as long as the information is legally acquired to keep it classified.
Now, 23andMe has been splitting awareness accumulated from over 5 million individuals who had sent their saliva sample to the genetic testing company. However, the obtained information is shared with GSK along with other six biotechnology and pharmaceutical companies. But because of the huge stake that GSK invested in 23andMe, it has the exclusive rights to mine amassed and comprehensively de-identified customer data.
Nevertheless, 23andMe customers have suggested some mortification regarding the agreement. CEO and co-founder Anne Wojcicki pointed out that 23andMe customers are not asked to opt-in to the data-sharing agreement but instead informed that they could opt-out through email. However, customers are not convinced that it would suffice.
According to Wojcicki, 23andMe will not collaborate with police departments in identifying any of its customers. She emphasized that it takes a good amount of customer saliva, particularly for privacy issues. The company also forbids people from uploading information that comes from external sources in an attempt to establish connections just as in the case of the so-called “Golden State Killer.” Investigators made use of an open-source genetic database known as GEDmatch to find out if it contains matches to DNA samples they hold. She emphasized that the company has a moral responsibility to its customers and would decline any requests from the law enforcers.
Millions of patients have samples stored in various kinds of biobanks including universities and key teaching hospitals. Once a patient has undergone surgery, biopsy, or blood draws at hospitals. Those samples might be kept for future research. A new survey conducted by the University of Michigan reveals what members think of between 23andMe and the GSk agreement. The results are published in the August issue of the “Health Affairs” journal. It was authored by a team of researchers from the U-M bioethics in the Medical School and School of Public Health.
Of the 886 people who were nationally surveyed, only one in four stated that they would be complacent with firms that will get access to their remaining samples from a hospital or university biobank. Two-thirds of the surveyed people noted that if such an agreement took place, they should be informed. If the samples in academic biobanks do not contain the patient’s determining details, then there is no need for researchers to seek permission from the owners of the specimen.
When asked about what hospitals and universities must do with the money they could get from such arrangements, 62% states that they need to turn over those funds back into more study.