Blockchain And Data Harvesting: “It’s Only Paranoia If It’s Not True”

Blockchain, Opinion, Regulation | August 2, 2018 By:

Popular genetics-testing company 23andMe is partnering with GlaxoSmithKline to use people’s DNA to develop medical treatments. The $300 million deal gives GSK access to 23andMe’s substantial genetic database — roughly five million customers. GSK is working to design new drugs that could treat diseases like Parkinson’s, among others.

That sounds like a noble undertaking. But it’s also a major privacy concern for customers who have used genetic testing company products. Many strongly believe that if a person’s DNA is used in research, that person deserves compensation. And DNA is just one aspect of company’s selling data from their customers. As the blockchain industry grows and data harvesting becomes a core feature of many business plans, the problem will only grow.

Theresa Payton is CEO of Fortalice Solutions. Her contention is that profiting from your customer’s data without their knowledge is totally unethical. She talked with Block Tribune about the growing problems in data harvesting.

BLOCK TRIBUNE: What is the danger of DNA information being sold and/or leaked on the net?

THERESA PAYTON: DNA is at its core, another set of data – albeit extremely important – and its risk of being sold or leaked on the net is high. Cybercriminals will monetize any type of data they can in order to make money and DNA is no exception. Companies that store or collect DNA are certainly at risk for a data breach and should ensure that they are protecting themselves accordingly. FortiGuard Labs recently found healthcare organizations experience more than twice the number of attacks on average as compared to organizations in other verticals.

BLOCK TRIBUNE:  What is government’s position on DNA being used to develop drugs at the moment?

THERESA PAYTON: According to The Hastings Center, the “United States has the world’s largest databank of DNA samples of criminals and criminal suspects,” so the government hasn’t kept away from all the good DNA collection can do, especially in cases of law enforcement and criminal prosecution.  According to its website, The National Institutes of Health uses DNA – genetic information – in much of its research, but most drugs are developed by private companies outside of the direct purview of the federal government. The reality is that federal laws haven’t kept pace with the rapid advances in technology we’ve experienced in the past two decades and DNA collection, and its use, is one of those ways.

BLOCK TRIBUNE:  Sharing and selling data is complex, and most EULAs go on for pages. How can we simplify things?

THERESA PAYTON: EULAs are notoriously boring to read and are often not even comprehendable by the average user. This is yet another way in which we have failed to design for the human – we expect anyone who uses technology to have a masters degree from MIT in order to understand the ins and outs of their rights. This must change. I would be interested in seeing if gamification technology or the popularity of comic books could be leveraged with EULAs. Yes its a bit more work for the company involved than just throwing legalese at their customer base, but it could be a very interesting and captivating way to help users understand what they are agreeing to.

BLOCK TRIBUNE:  Should 23andMe be trusted at this point?  What about any Alphabit Inc. company?

THERESA PAYTON: We have a saying in my company – it’s only paranoia if it’s not true. Whether or not to trust and use a company or brand is a personal decision – as is the use of all technology. Some people are highly concerned about their privacy and won’t use social media, others are happy showing (in often incredibly intimate ways) the details of their day to day lives. It’s all a spectrum. I encourage everyone to know where they fall on that spectrum, use the tools they want, and then implement the safety and security features needed in order to protect themselves and their loved ones.

BLOCK TRIBUNE:  There are reports that insurance companies are harvesting data from places like clothing for big and tall people in order to determine rates. How do you feel about this and how widespread is it?

THERESA PAYTON: I think monitoring clothing stores to determine rates would be considered by many to be is an absolute invasion of privacy. We need to discuss the technology, it’s capabilities, and the privacy issues they can cause more openly.  I would certainly hope these reports are more anecdotal than anything, although I do cite in my book a case where an insurance company denied disability insurance to a woman after viewing her social media profile.

In the case of using DNA or genetic information to deny coverage, thankfully there is a law in place that prevents discrimination. “The Genetic Information Non-discrimination Act (GINA) provides national protections against discrimination for health insurance and employment purposes based on genetic test results.  Some states offer additional protections for health care consumers that undergo genetic testing.”

BLOCK TRIBUNE:  We are moving into an era of driverless cars and AI predictions. Is it too late to stop this relentless harvesting of data?

THERESA PAYTON:  Yes. I don’t envision we’ll ever stem the tide and revert back to the days before Big Data, but there are absolutely things we can do to protect ourselves. Obviously, it starts with understanding where you data is being stored, how it’s being used, and what would happen in the event of a breach. There are great tools out there that can help, things like password managers, encryption apps for phones, virtual private networks, etc.