DNA firms ought to obtain the dying penalty for getting hacked
Private knowledge is the brand new gold. The latest 23andMe knowledge breach is a stark reminder of a chilling actuality – our most intimate, private info may not be as safe as we expect. It’s a damning indictment of the sheer negligence of firms that, whereas cashing in on our DNA, are failing to guard it.
The 23andMe breach noticed hackers having access to a whopping 6.9 million customers’ private info, together with household bushes, delivery years and geographic places. It brings to the fore a couple of important questions: Are firms actually doing sufficient to guard our knowledge? Ought to we belief them with our most intimate info?
Corporations are promising to maintain our knowledge protected, however there are a few quirks right here. Authorities overreach is definitely a risk, because the FBI and each policing company on the earth might be salivating on the considered having access to such an enormous knowledge set of DNA sequences. It may very well be a gold mine for each chilly case from right here to the south pole.
The argument “But if you haven’t done something wrong, you have nothing to worry about!” is simply partially relevant, right here: The issue is one in every of consent. My father at one level did a DNA check, and found he had a half-brother who’s about to show 80. Cue an unimaginable quantity of household drama after they began digging into the historical past and unearthed a complete bunch of probably problematic household historical past.
The issue isn’t a lot that my dad selected to do this, it’s that I didn’t consent to being in a database, and that’s the place issues get sticky. I can envision a particular Black Mirror-esque future, the place one member of the family is interested in their ancestry, will get examined, and two weeks later, the FBI comes knocking on each individual’s door who shares 50% DNA with that individual as a result of they’re needed for some form of crime.
The audacity of 23andMe, and corporations prefer it, is astounding. They pitch themselves as guardians of our genetic historical past, because the gatekeepers of our ancestral pasts and potential medical futures. However when the chips are down and our knowledge is leaked, they cover behind the previous “we were not hacked; it was the users’ old passwords” excuse.
This logic is equal to a financial institution saying, “It’s not our fault your money got stolen; you should have had a better lock on your front door.” It’s unacceptable and a gross abdication of duty.
Corporations that cope with such delicate knowledge ought to be held to the best doable normal. We’re not simply speaking about bank card numbers or e-mail addresses right here. That is our DNA, the very blueprint of our existence. If something ought to be thought-about “sacred” within the digital realm, certainly it ought to be this?
The truth that the stolen knowledge was marketed as an inventory of individuals with ancestries which have, up to now, been victims of systemic discrimination, provides one other disturbing layer to this debacle. It highlights the potential for such knowledge to be misused in probably the most nefarious methods, together with focused assaults and discrimination.
The DNA testing trade must step up. It should be sure that the safety measures in place will not be simply enough, however distinctive. They need to be main the cost in cybersecurity, setting an instance for all different industries to comply with.
This isn’t nearly higher passwords or two-factor authentication. That is a few basic shift in how these firms view the info they’re entrusted with. It’s about recognizing the profound duty they’ve, not simply to their prospects, however to society at giant.
Am I hopeful? Not even somewhat. I’ve lengthy argued that after the Equifax breach, the corporate ought to have acquired the company equal of the dying penalty. As an alternative, it was given a $700 million high-quality. I feel that’s laughable. Permitting a breach of such a magnitude to even be doable, by no means thoughts really come to go? You don’t need to proceed to be an organization. I feel that’s even more true for firms coping with our DNA.
It’s time for 23andMe and the DNA testing trade as a complete to comprehend that they aren’t simply coping with knowledge. They’re coping with individuals’s lives, their histories and their futures. It’s time they began treating our knowledge with the respect and care it deserves.