Friday, September 19, 2008

GAO on HHS Health IT

A new GAO report is calling on the HHS to define privacy mechanisms for emerge health information technologies.

Exposing Yourself via 23&me

(Thanks to John Paulett for the pointer)
Though it may be the obligatory publicity stunt, it's no less interesting that Sergei Brin has revealed his genetic predispositions via 23andme (NY Times story).

Monday, September 15, 2008

UK Monitoring + Storing Travel Records

Do you know where you've been every day for the past 5 years? No? Well, maybe you can ask the government, that is, if you live in the UK. Apparently, the UK has plans to record and stockpile license plate pictures from a bevy of roadside cameras around the country (and this cameras will be geocoded to location). They expect to capture 50 million pictures a day, which will be stored for five years (or more).

Friday, September 12, 2008

Is IP Traceback Coming?

Declan McCullagh reports that the U.N. is considering technical standards for "IP Traceback", which in the process of enabling traceability, will permit the uncovering of of the source of Internet communications. The goal would be to provide law enforcement agencies with the ability to determine the source(s) of crimes perpetrated over the Internet, such as denial of service attacks. Yet, at the same time, it would make it much easier to rescind anonymity protection mechanisms. Now, I'm not saying that the Chinese government would use it for suppression, but they are the ones that brought the proposal before the U.N...

The Estonian Genome Project (Public vs. Private)

The following paper is an interesting read on the issues in public versus private funding in Estonia's biobanking / genome project. It doesn't address the privacy issues, per se, but it's worth reading to learn about how such large scale projects have (and still are) unfolded and where the funding is coming from.

Rainer Kattel and Margit Suurna. The Rise and Fall of the Estonian Genome Project. Studies in Ethics, Law, and Technology. 2008; 2(2): article 4.

Tuesday, September 9, 2008

Aggregated Genotype Data and "Privacy"

There's been much news lately regarding a paper recently published in PLoS genetics:

N. Homer, et al. Resolving individuals contributing trace amounts of DNA to highly complex mixtures using high-density genotyping microarrays. PLoS Genetics. 2008; 4(8): e1000167 doi:10.1371/journal.pgen.1000167.

Basically, this work shows the following. Imagine a biomedical research study publishes the summary statistics for many snippets of DNA broken down by case and control populations (e.g., When DNA region X has value equal to "A", there is a positive association with a particular disease 80% of the time). Now, someone manages to get hold of a known individual's DNA sequence. Then, the latter person can determine (based on the summary statistics) if the individual is in the case population, control population, or neither population with high certainty.

The response to this paper has been quite swift. The NIH in the US and the Welcomme Trust in the UK, have pulled aggegrated genome wide association study data from their public websites. (See Zerhouni and Nabel letter in to Science Magazine)

I guess the first question that we need to ask is, how often is it the case that someone will have the ability to perform high density genotyping without having access to clinical information?