Jennifer Lewis Priestley

Associate Dean & Dir. of the Analytics and Data Science Institute, Kennesaw State University

Your DNA has rights. Or at least it is protected under the law. The Genetic Information Nondiscrimination Act of 2008 (GINA) and the Health Information Portability and Accountability Act (HIPAA) both apply information privacy and data security obligations to protect genetic information. By extension, the humans to whom the DNA is attached are protected from discrimination with regard to medical insurance coverage, hiring, termination, or compensation. To clarify, the protection of an individual’s DNA under GINA and HIPAA is relevant only when it is connected to that individual.

Millions of people have contributed (actually paid to contribute) their physical DNA to repositories such as Ancestry.com or 23andMe and have “clicked” their tacit approval to have the value of their DNA disassociated from their physical person for the purposes of genealogical research, medical research, and even the association and identification of criminals. In 2015, the $20 billion genomics company Helix sequenced about 90% of the world’s DNA data, with the expectation of opening it up to consumers in a digital marketplace built on DNA.¹

Now consider online activity.

Increasingly, our online activity creates a digital DNA that is as unique to each ...