Private information is the brand new gold. The latest 23andMe information breach is a stark reminder of a chilling actuality — our most intimate, private info may not be as safe as we expect. It’s a damning indictment of the sheer negligence of firms that, whereas taking advantage of our DNA, are failing to guard it.
The 23andMe breach noticed hackers having access to a whopping 6.9 million customers’ private info, together with household timber, delivery years and geographic areas. It brings to the fore a number of vital questions: Are firms actually doing sufficient to guard our information? Ought to we belief them with our most intimate info?
Corporations are promising to maintain our information secure, however there are a few quirks right here. Authorities overreach is actually a chance, because the FBI and each policing company on this planet might be salivating on the considered having access to such an enormous dataset of DNA sequences. It might be a gold mine for each chilly case from right here to the South Pole.
The argument, “But if you haven’t done something wrong, you have nothing to worry about!” is just partially relevant, right here: The issue is one in every of consent. My father at one level did a DNA take a look at, and found he had a half-brother who’s about to show 80. Cue an unimaginable quantity of household drama after they began digging into the historical past and unearthed a complete bunch of probably problematic household historical past.
The issue isn’t a lot that my dad selected to try this, it’s that I didn’t consent to being in a database, and that’s the place issues get sticky. I can envision a particular Black Mirror-esque future, the place one member of the family is interested in their ancestry, will get examined, and two weeks later, the FBI comes knocking on each individual’s door who shares 50% DNA with that individual as a result of they’re wished for some form of crime.
The audacity of 23andMe, and corporations prefer it, is astounding. They pitch themselves as guardians of our genetic historical past, because the gatekeepers of our ancestral pasts and potential medical futures. However when the chips are down and our information is leaked, they disguise behind the previous “we were not hacked; it was the users’ old passwords” excuse.
This logic is equal to a financial institution saying, “It’s not our fault your money got stolen; you should have had a better lock on your front door.” It’s unacceptable and a gross abdication of duty.
Corporations that take care of such delicate information must be held to the best doable normal. We’re not simply speaking about bank card numbers or e-mail addresses right here. That is our DNA, the very blueprint of our existence. If something must be thought-about “sacred” within the digital realm, certainly it must be this?
The truth that the stolen information was marketed as a listing of individuals with ancestries which have, previously, been victims of systemic discrimination, provides one other disturbing layer to this debacle. It highlights the potential for such information to be misused in essentially the most nefarious methods, together with focused assaults and discrimination.
The DNA testing trade must step up. It should be sure that the safety measures in place usually are not simply enough, however distinctive. They need to be main the cost in cybersecurity, setting an instance for all different industries to observe.
This isn’t nearly higher passwords or two-factor authentication. That is a few basic shift in how these firms view the info they’re entrusted with. It’s about recognizing the profound duty they’ve, not simply to their clients, however to society at giant.
Am I hopeful? Not even a bit of. I’ve lengthy argued that after the Equifax breach, the corporate ought to have obtained the company equal of the dying penalty. As an alternative, it was given a $700 million advantageous. I believe that’s laughable. Permitting a breach of such a magnitude to even be doable, by no means thoughts truly come to cross? You don’t should proceed to be an organization. I believe that’s even more true for firms coping with our DNA.
It’s time for 23andMe and the DNA testing trade as a complete to understand that they aren’t simply coping with information. They’re coping with individuals’s lives, their histories and their futures. It’s time they began treating our information with the respect and care it deserves.
