Episode Description
Susanna Smith
On today's episode, I will be talking with legal scholar Anya Prince, who is a professor at the University of Iowa College of Law. Anya's writing and research focuses on health and genetic privacy, particularly the potential for genetic discrimination and the privacy implications of big data and genomic and genetic clinical care and research.
I became really interested in Anya's work because she's published extensively about GINA, the Genetic Information Non-Discrimination Act, writing analysis about what legal protections exist for genetic information in the United States and examining through survey work what healthcare professionals, insurance commissioners, and the public do—and don't—understand about healthcare privacy and the potential for genetic discrimination.
I'm interested in how we protect people's genetic information because as a provider of genetic disease, I personally could stand to lose a lot if protections are insufficient. I also take the view that people, all people, should be able to exercise privacy and control over how their healthcare
In my view, we don't have enough protections in place yet, and we're not well prepared for a future or even the present moment in which genetic information is increasingly driving healthcare decisions and operates as a valuable form of data currency. So thank you for joining me today on Genetic Frontiers, Professor Prince.
Anya Prince
Thanks for having me.
Susanna Smith
I want to start by talking a bit about the big picture. How is privacy viewed or valued in American culture, the legal system, and in healthcare?
Anya Prince
Yeah, so I think, you know, so many people say, oh, privacy is dead. We don't have privacy anymore. But when you actually start talking to individuals about privacy, they really value it in lots of different ways. But I think one of the big problems is there's a disconnect between how the public thinks that privacy is viewed or valued and how the legal system actually values it.
So overall, and we'll talk about the details, I'm sure, today, but the law is not very good at protecting health privacy. And so most notably, the law treats the privacy of health data and genetic data differently depending on if it's within clinical care, within a research setting, or within a commercial space. And so it's really hard for the public to see whether or not the protections match the values that they have for the privacy of their health information.
Susanna Smith
How would you describe Americans' relationship to privacy?
Anya Prince
I think that they value it. I also think that people are happy to share information, especially if they know how it might be used, or if they trust who they're sharing with. So on the one hand, you know, people use social media and post all sorts of things that could tell them about, you know, tell others publicly about their health information and so there's lots of ways where we're not as private about our health information as one might think.
But there's also data that when you tell people that they might be part of a biobank, or you tell people that their genetic information has been commercialized. They're actually surprised about that and uncomfortable with that. And so I think we have a little bit of a both-and, right?
In some ways people don't think about privacy on a regular basis. They just go through the world and social media and the internet without necessarily having that in the forefront. But when you start to ask people how they want their information to be used, I think we start to see more of those values coming in.
Susanna Smith
Yeah, and I think trust is a big part of it, right? Like, how private you want to keep information is often about how you trust whether it's going to be used in a way that might harm you.
So how do you think about the importance of privacy and or data security when it comes to healthcare data versus genetic data specifically?
Anya Prince
So I think, so some argue that thinking about the privacy of genetic information or health information without thinking about just general privacy at large is exceptionalism that we should not think about health privacy or genetic privacy as anything different than just how do we protect data at large? Some people argue that, but I think it makes sense to think about the privacy of health data and the privacy of genetic data as more important or something that should be given extra consideration, both in the law and both by the public.
Part of that is that your genomic data, your health data is incredibly valuable so there's, you know, most of the cybersecurity attacks and threats to data privacy come to hospitals and places that hold our health information because it's just valuable on the dark web. But it's also valuable for advertisers, right? If they know that you might have a predisposition to diabetes, they might try to sell you insulin pumps or healthier foods or whatever that is. And that could be really beneficial to a person, but it still means that somebody is leveraging your health data in certain ways.
And for better or worse, I think people think about their healthcare and especially their genetic data or their genomic data as different than just general data, you know, especially genomic data. It's who we are. It's our blueprint. It ties us to our family members. And so I think people do think about the sharing of their genetic information in a much different way than other health data and other general data, and so therefore, I think about the importance of privacy and data security in that space as heightened since people tend to value the privacy of that information a little more.
I also think, and this might complicate the picture a bit, but some of my other research is in how much we can infer private health information from other information. So let's say we say, Okay, I have a predisposition to colon cancer, and so I don't want my genetic information that that shows that predisposition to be sent around. Okay, well, that's really important to protect that privacy. But if I joined a Facebook group for the Lynch syndrome community or I did a bunch of Google searches or online searches for cancer predispositions, those things could also proxy for that information.
So while I do think it's really important to keep genetic information more private, because like you said, you can't change it I also think it's really important for us to think about how much we need broad data protection to because of the ways that we interact with the world based on what we know about our health information.
Susanna Smith
Yeah, I think that's such a valuable point because we kind of, and even I do this sort of narrow in on certain data points as these are things I want to keep private, but I operate in a world, right? So I'm creating data all around me by my behaviors that is collectible, people can analyze it.
Anya Prince
I was just going to say, it might not be perfect, right? They might get it wrong like you know as a health privacy researcher who does not have a medical background, I search all sorts of diseases on Google, right, to try to just learn about the communities and the predispositions that I'm studying. And so an advertiser might think that I've ended up with 100 different conditions but there could be ways that they could identify it correctly.
Susanna Smith
Yeah. So, you opened with saying, some people say privacy is dead. It sounds like you don't totally believe that. I don't totally believe that, but what does privacy mean in a world where your genetic data, possibly your full genome, could be collected from your toothbrush and your genetic data can implicate others, namely people you're biologically related to.
Anya Prince
Yeah, so these examples do show ways in which it's really hard to completely insulate ourselves from intrusion upon our confidential information. But I agree with you that privacy still matters.
There are some state laws that or some states have laws that are against what's called surreptitious testing so that collecting something from your toothbrush and sending it in for a testing lab. There are laws that help protect against that. But also, I think each time that anybody is able to successfully minimize the amount of data available about them, it minimizes their likelihood of harm. So even if it never completely ameliorates the harm that could come, I think privacy matters because it gives us some control and the ability to lower our risk of future harm that might come if somebody knows our information
And it also just as you started off the podcast saying, I think it matters to give as much control as possible to somebody to say, this is how I want my data used. I think it's respectful. I think it it's just something that everybody should have as much as possible, even if it's harder and harder to gain in this complex world.
Susanna Smith
Yeah, I mean, my opinion and my view of it is that we're also only slowly creating those systems of control, right? That we started out decades ago collecting this data and then sort of in some ways backed into this idea of, oh, well, we should figure out some ways that you can control how your data is used. So it feels like there's a catch up that's happening societally of awareness of what data can tell us about a person and how that data might be used. And I'm talking even more broadly than healthcare and genetic data, but including that.
Anya Prince
Yeah, I think that's a really important point.
Susanna Smith
So you published this brief but really rich article with a co-author in JAMA called "Protecting Privacy When Genetic Databases Are Commercialized."
In that article, you write that many people are unaware that their health or genetic data may be commercialized, whether it was collected when they were a patient, a research subject, or through some kind of direct to consumer testing. And then when people realize this, they're often uncomfortable. But this is long been the model, particularly for direct-to-consumer genetic testing companies.
So how do you view this disconnect between what people think about the privacy that they have over their health and genetic data and how private their data actually is?
Anya Prince
Yeah, so I think this is really a confluence of three problems. So that's going to be a little bit longer of an explanation, but I want to walk through each of those problems because I think it goes to what you were saying of people playing catch up.
So one, we have a system in this country where privacy rights, for the most part, especially outside of clinical care and outside of the research setting, is given through what we call notice and consent so those are if you download an app on your phone, they give you your privacy policy, and you say, yeah, yeah, yeah, of course I've read this and you click on it. And basically nobody actually reads those all, right? But that's notice and consent.
We've given somebody notice of how their data is going to be used, and they consented to it, and then it's fair game. And that's such a problem because we know that people don't understand fully how their information can be shared, and yet we still have that as the legal basis for a lot of respecting privacy in this country.
The second problem we have is that we've built a data economy. So there's the saying of, "If the product is free, you are not the customer, you are the product, right?" And so there's so much of that in our society now because companies are allowed to share people's data and sell people's data. Again, this is outside of the health care, healthcare and research setting space. But for the most part, we have companies that have built their business model over treating people's data as a monetary value.
And then the third problem, I think, is that the law treats de-identified information differently than identifiable information. And here now I am talking about the research context and the healthcare context and the commercial context. And so there's a lot of sharing of our de-identified information that does not need people's consent, and that happens wildly. And on the one hand, that's great, because a lot of our research has happened because we can now study 1,000,000 people's genomes at once.
The researcher doesn't know that it's Anya or Susanna's genomes, but it's, you know sample 1, 2, 3, 4, 5, and 1, 2, 3, 4, 6. But when it comes to genetic data, it's hard to completely de-identify it because it's unique to everybody.
And I think people still might care about how their information is used to, you know, in ways, even if their name's not attached to it. So when you put all of those three systems in place, it really creates this disconnect where people might think that their health and genetic data is
more protected. And in reality, they've often given away their rights of how their data is used. And then there's this monetary incentive for companies to run wild with it.
Susanna Smith
Yeah, I want to pause on two things you said there. One is this idea of what health data is collected when it's collected inside a healthcare system and possibly some of the same information could be collected direct to consumer and legally, how is that different? How is that treated differently? If I do it through a company versus I do it through a clinician and a hospital system?
And then I just want to ask, what is your real opinion of "de-identified"—and I'm doing air quotes here—genetic data.
Anya Prince
Yeah, so the first one, so in the healthcare setting and health insurance setting, I should say, the health insurance portability and Accountability Act, or HIPAA, applies. So HIPAA has a privacy rule that really starts with the baseline of health information should not be shared unless and then there's some exceptions. And so if you go and get genetic testing with a genetic counselor in a clinic, then your information is protected in a much different way. But one of the exceptions of HIPAA is that if it's de-identified then the hospital or insurer doesn't need consent to further share it. But that has so much more protections than in the commercial space.
So if you do direct to consumer genetic testing, HIPAA does not apply to those type of companies. And so really at the federal level, the only thing that applies in terms of privacy, is that whatever they say in their privacy policy, they have to follow, otherwise it's an unfair business practice. And so theoretically, I don't know of any companies that do this, but theoretically, the privacy policy could say, we are going to put your entire genome on the web for everybody to read, and you consent to that. Is that okay?
And then if you click I agree, that's fine, right? So theoretically, they can say we could sell this for millions of dollars. You know, they could agree to sort of anything, or they could say that they're going to do anything. And as long as you click, I agree, right, and they abide by those terms of the privacy agreement that you agreed to it's really the Wild West at the federal level.
Now, at the state level, some states are increasingly passing laws that give more protections to individuals. But that's the dichotomy in terms of healthcare and outside direct to consumer testing.
In terms of what I think about de-identified there have been plenty of studies that show that
that genetic sequences, raw genetic sequences, that have had people's names removed can be re-identified. And so just removing somebody's name is not enough to completely expel the risk. De-identifying genetic information lowers the risk.
So would a pharmaceutical company that has a large database of hundreds of thousands of genetic sequences really go back and find one particular persons and re-identify particular persons. No, I think that's relatively low risk. But it is interesting that we've created laws that treat these information differently, whether it's identifiable or de-identifiable without really grappling about what that means in the context of genetic information
Susanna Smith
Yeah, and I think I want to pause on this point because I think the reality is the science has changed, right? And so the laws were formulated around this idea that that if you strip personal information out of it, we're protecting people's privacy. And then the science advanced to the point where we can go back and do the work to identify. And so I think it's just this place, and it exists in other places, where the current legal protections don't reflect our current scientific understanding of what we know about DNA.
Anya Prince
Yeah, and I think this to not make this exceptional about DNA, I think this is a problem for all data, right? There have been studies, there's a computer scientist named Sweeney, her last name's Sweeney, and she's done studies showing that you can identify individual people with it's something like age, zip code, and gender, right? You can identify like almost everybody, I don't know, it's upwards 80, 90% in the study of people in the US, just based on those 3 things alone, right? Because if you think about it, how many people in one zip code have the exact same birth date? You really start to narrow very quickly, and so then, if you think about all the data crumbs we're leaving everywhere, it becomes pretty easy pretty quickly to put together different data points about people.
So I think this is something that the law and society will have to grapple with, not just in genetics, but in just big data and algorithms in general.
Susanna Smith
Yeah, I totally agree with you. And I don't want to go down the entire dystopian path of like the reality we're living in currently of how that data could be used, but I think it's a great point.
We're really lacking in both data privacy protections and data security protections, but I would also say public education around what people understand about what data is being collected on them regularly, and the current uses and the potential uses.
Anya Prince
Yeah, and I think that that current use versus potential is so important to you, right? I came back to… I still think it makes sense. I mean, I still think it's a good thing that when people share information, they de-identify it, right? If a direct-to-consumer company is sharing with a pharmaceutical company, great to de-identify, because that lowers the privacy risks.
So again, I go back to, sure, we could go down the dystopic path and have all sorts of scary scenarios, but in reality, right now the motivations to re-identify large data set, I don't know, what would they actually be? So is it theoretically possible? Sure. But does it minimize the risk? And really, you know a pressing risk at this moment? No, I think there's other pressing risks in terms of privacy that we might want to tackle first.
Susanna Smith
What would you see those as being? What do you think are the most pressing risks in the privacy world around healthcare and genetic data?
Anya Prince
So one is the disconnect, right? I think we should make sure that and by that I mean the disconnect between how people think their health privacy is protected broadly and how it actually is.
And so I think one of the largest ones is the fact that outside the healthcare setting health information, the exact same health information, is protected in a different way. And so that's that's one that I think would be important to do.
This is outside the privacy space but I think another piece is how the information is used, right? So another part of my research is discrimination, and I think privacy and discrimination go hand in hand because one of the big concerns about not having your privacy protected is the risk of discrimination. So I think then shoring up anti-discrimination laws is also helpful. But from this privacy perspective, I think the privacy laws are just as important, if not more, because the best way to prevent discrimination is to stop the person from having the information with which to discriminate. And so both of those would be things that I would try to tackle.
Susanna Smith
I want to pause here and just have you say a bit about where we are on anti-discrimination laws, particularly around genetic information in this country.
I've talked about in other episodes, sort of the federal law, GINA, and the loopholes in the law, but I think it's also really important to stress, particularly for practicing clinicians, that the protections are different state to state, and it depends what state you're practicing in. So could you just expand upon that a little bit with clinicians in mind?
Anya Prince
The Genetic Information Non-discrimination Act (GINA) prohibits health insurers and employers from using genetic information but it doesn't cover other any entities. So the main ones that are talked about as not being protected at the federal level are life, long-term care and disability insurers.
And so at the federal level, a life insurer or any of those other insurers could take somebody's genetic information and say, we're not going to insure you, or we're going to charge you a higher premium because of your genetic test results.
At the state level, there are some states that have provided protection. For example, the one that has protected all three is Florida now prohibits life, long-term care, and disability insurers from using genetic information for any insurance purpose whatsoever, right? And I think the language of the law is any insurance purpose. And so that's the most protective one.
But there are some other protections that create a patchwork across the country. For anybody, clinicians or patients, I actually recently collaborated with a researcher from the University of Maryland School of Law who does research in law enforcement's use of genetics.
We've created a website that maps out the state laws regarding life, long-term care, and disability insurance, as well as the state laws that regulate life insurer use of genetic information. So you could check those out to see what the legal protections are in your state.
Susanna Smith
That website, for anyone listening who'd like to check it out is geneticprivacy.lib.uiowa.edu and we'll put a link to that in our show notes.
So thinking about this disconnect that you mentioned, how do you think people and clinicians should think about both the privacy and profit motives when they're either deciding to undergo or they're recommending genetic testing or genomic sequencing, like, how should we shift our mindset around what that choice is?
Anya Prince
I think this is a really hard one in practice because there's a balance between access and cost and privacy. And so sometimes I think the benefits of access are greater than the privacy risks.
And so I know I've heard from people where a genetic counselor, for example, might say, well, you could do this test in the clinic, but it's going to cost X amount of dollars. But if you go and get this test outside the clinic, it will be cheaper, right? And so, I don't think that those are bad things to recommend, but I do think that patients should know that they're balancing privacy and cost in that case. So I think it's just really important for clinicians and researchers or clinicians when they're talking to patients to be open about that and to also understand
what the protections are.
And it gets complicated quite fast, because there can be an outside genetic testing company that's what's called a business associate of a hospital, and if they're a business associate, then they do fall under HIPAA and so the lines get blurry quickly. But I think clinicians should understand what laws might apply, what privacy laws might apply, and just be upfront with that with their patients.
I also think in terms of researchers thinking about this I would encourage researchers to have a little bit of self-reflection, right? We talked about how de-identifying genetic information allows broader sharing. Really, researchers love this because it allows them to create large databases of hundreds of thousands or millions of participants and really do groundbreaking research
But there also could be researchers who care about their research participants' privacy. And so I think there's a little bit of tension between making research easier and faster and also respecting people's privacy and allowing getting more specific informed consent. And so I think members of the research community sometimes push more towards the efficiency of their research than necessarily asking each individual person for consent for every study, because that would take a long time.
Susanna Smith
I think when researchers fail to really understand how people value data privacy, and I think increasingly, the public is waking up to what is data privacy and how data is being collected on them and how they feel about that, I think researchers sometimes struggle to enroll people because they haven't really engaged with how people want their data to be used, and possibly they don't engage in studies because it's being used in ways they don't agree with.
Anya Prince
There are… I think there are more and more people who care very deeply about privacy. I think there's a lot of people who are more comfortable with sharing a broader amount of things. And so I think it's very easy for researchers to say well, we aren't going to give those options, right? Because it's only, you know, quote unquote a small percentage of people who might… who might want those broader protections. But then I think you have to start thinking about how that might be biasing your sample or just disrespecting a small but hopefully growing segment of the population that do care more deeply about these issues.
But again, it's that adds complexity and work to, you know, researchers' lives to create those different ways of going through the process. And so I think there's a tendency when with really busy people who, you know, want to do the best science and get the results and have pressures to get results more quickly to just say, oh, it's only a handful of people. And I just, I think that's disconcerting, right? I think it's… I think I would encourage researchers to think, how can we be privacy maximizing and choice maximizing? Because everybody's different in how they think about their data.
Susanna Smith
I agree with that, and I think it doesn't anticipate the potential of a cultural shift, right? Because as people see ways their data could be used that they may not judge as in their best interest. There could definitely be a pushback.
Susanna Smith
So I wanna turn a little bit. It may tie into this to direct-to-consumer genetic testing, which we've seen now an estimated 20% of adults in the US have participated in but it's stagnated, right? So people are not continuing to purchase genetic test kits at the rate that they once were. And some of that may be privacy concerns. But once you do a test kit and your genetic data lives in a database, it's owned by that company or its successors, unless you intentionally take the steps to remove it, which most people don't do.
So, what are some of the ways that data could be used? And let's talk from the most altruistic to the commercial to potentially nefarious applications.
Anya Prince
Yeah, so the most altruistic version of what companies can do with the databases, one, of course, is returning services to the customers. So you want to learn about your ancestry, we're going to return that. If you want to learn about health information, we'll return that, maybe continuing to update as we learn more about variants of uncertain significance, for example, updating those resources. So that's one altruistic or maybe just business model way.
There's also, as I've talked about, medical research or pharmaceutical advances. So for example, we can talk about one of the largest direct to consumer genetic testing companies, 23andMe. They've had multiple agreements with pharmaceutical companies like GlaxoSmithKline to look at millions of people's DNA that have that adopted into the research arm of 23andMe. And the hope would be to come up with really important pharmaceutical advances when we're pooling all of this data.
I've also mentioned some of the commercial uses of genetic information. So this could be advertising, right, targeted advertising to people. And some people see that as really helpful, and some people see that as maybe more coercive or problematic, or invasive. I think that just might be in the eye of the beholder, or possibly in the eye of who's doing the advertising and what they're advertising.
And then potentially more nefarious or problematic, and there's different opinions on these, but we mentioned, you know, insurance companies, theoretically, an insurance company could use large-scale genetic data to try to map actuarial results.
And so by that I mean who are the populations that do cost more to a life insurance company or do cost more to a disability income insurance company? And then using that information in their underwriting. Law enforcement has access direct-to-consumer genetic testing in various ways to try to identify either a perpetrator of a crime or their family member, right? A partial match in order to narrow down suspects in a crime, and that's quite controversial. Some people are more happy with that use than others.
And, you know, and going down the… again, we can go down more and more dystopic versions, but also looking at 23andMe, there was a hack of 23andMe back in 2023, and there's evidence that the information that was sought was targeting people with Ashkenazi Jewish ethnicity and Chinese ancestries. And so you know, that gets into more and more problematic potential uses when it's really targeting groups of people in ways that could be ripe for discrimination or stigmatization.
Susanna Smith
Yeah, and I mean, that hack I find so disturbing. I think it's important to pause there and just, what I kind of say to myself is, we're not envisioning the potential future. This is actually something that has happened. It has already happened. So...
Anya Prince
Yeah.
Susanna Smith
So I want to talk about one thing you mentioned in your article about the Coalition for Genetic Data Protection. Could you just talk a little bit about what is the Coalition for Genetic Data Protection? And then what is this model law that they have put forth.
Anya Prince
So there's a model law, and what a model law means is it's usually an organization that creates a blueprint of a law, and then they lobby states to pass the law, and that's really helpful for state legislatures to, you know, take something already written and then put it into their bill, and then if it's passed into their statutes. And so what it means is that you see sort of copycat versions of the law that are very, very similar across multiple states.
And so there's a model law called the Genetic Information Privacy Act that has now been passed in I think 13 to 15 states it was introduced in a couple of states this year as well. So I don't know this past year. So I don't know the exact number, but it's a pretty large handful of states that have passed this law. This gives privacy rights to customers of commercial genetic databases so these direct to consumer genetic testing companies.
But what's fascinating about it is this coalition that you mentioned that's pushing for these laws is actually made up of two companies, 23andMe and Ancestry.
So the two largest direct to consumer testing companies are pushing for laws that regulate how they protect consumer privacy. And the laws do give some really good, sensible privacy protections. So it gives the right to delete your genetic information from a database. It requires law enforcement to have some sort of judicial agreement like a warrant in order to access genetic information in the database. So they can't just informally call up the company and say, hey, can we do a quick search for X, Y, and Z genetic sequence? And it requires some data security protocols. So that's all great.
But from my perspective, there could be probably some greater privacy protections that we might want but the companies that are lobbying for this also have an interest to not be overly protective of privacy so that they can do, you know, have their business model, which is all about sharing genetic information.
Susanna Smith
So from the perspective of consumer privacy protections and protecting people versus companies, what do you think that the model law is missing? What would you add if you had a wand and could just add it in there?
Anya Prince
So a couple of things, and I'll just give some examples. I mean, we could have, you know, a multiple hour conversation about all the different ways we could have, but just a couple of examples.
So the model law says a direct to consumer genetic testing company won't share genetic information with life, long-term care, or disability insurers without written informed consent.
Okay, that sounds good. But when you think about the power dynamics, if a life insurance company says, hey, we're going to collect your genetic information from a direct to consumer testing company, Do you consent? The consumer could say no, and then the life insurance company can say, great, we are not going to insure you or not going to further look at your application. And so consent is important, but it doesn't really give you much power when you're dealing with large companies like life insurance company.
And so California, for example, when they passed the model law, they made a change and it just says direct to consumer genetic testing companies won't share genetic data with lifelong-term care and disability insurance companies. They just got rid of the consent part and said, you just don't share it at all, full stop. And so that's a version that is a stronger protection. Protections that people have, but again, they click, I agree when they do the DTC testing without necessarily actually reading the privacy policies.
So one version of the Genetic Information Privacy Act could be greater requirements to get the information in front of consumers before they agree to have them really understand what sort of sharing could happen so have more overt opt-in.
Susanna Smith
Yeah, no, I think those are great, and I think it's why I keep circling back to the topic of privacy and discrimination. And, you know, I've got skin in the game around all of those issues, but I think my personal scenario is very telling or it's like a canary-in-the-coal-mine type situation for what I think applies to lots and lots of people.
But from my perspective, many consumers, people, and a lot of clinicians don't fully understand that. And actually, that's what your survey research shows. So when you think about healthcare data privacy and how it's approached in the United States today compared to other countries, where do you think the U.S. needs to go, and why does it matter?
Anya Prince
Yeah, so I think a couple of things. One, I think as we talked about more in the beginning, I think the US needs a broad general data protection law and to not, you know, that would help depending on how strongly it's written, that would help some of these concerns about how there's great federal protections for the direct to consumer or the health information that's outside the healthcare setting. And so I think that's one thing we need to do within that.
I think there's a couple principles that would be really helpful to move towards. So one is this idea of data minimization. And so this is a principle that shows up in regulation in Europe. But data minimization is just the idea that companies or data collectors should only be allowed to collect and keep the data, like the minimum amount of data necessary to do its purpose.
So this is outside the genetic context, but one that comes to mind. There was a flashlight app that turned on the flashlight on your phone. That was the sole purpose of the app, and it collected your geolocation data, right? There's no reason that a flashlight app needs to know where you are when you're turning on and off your flashlight, right? So that's the idea of data minimization is don't let companies collect more than they actually need.
And I think this is more and more difficult thing to push against in an era of AI and algorithms, because AI is going to want more and more data, right? Companies are going to think, oh, if I get more and more data, maybe we'll come up with, you know, some new thing.
So I think it's really important to keep data minimization in mind. And the other thing I think is we need to move away from this idea of notice and consent, that if we just put a complex, long privacy agreement in front of somebody, and they click yes, then we're going to pretend that they actually have read it, and can digest it easily. And that's not to say that that's a problem from the consumers, right? There's studies that it would take like days to read through all of the privacy agreements that are put in front of us. So I think there needs to be a move away from notice and consent to more protective models from the outset.
Susanna Smith
Yeah, I think that's a great point. And then you're constantly getting the notices from companies that their privacy policy has changed. So it's like, I didn't read it the first time. I'm not reading it the second, third, and fourth time either.
Anya Prince
Yeah, well, and even so, you know, I do sometimes click on those as a privacy scholar and they don't tell you how it's changed. So when you do click on that privacy update, it just gives you the new privacy thing. So then you have to go back and, like, compare, like, I download them and put them into Word documents and then do a cross-compare to see even what changed. And sometimes it's like the address that you're supposed to contact, and sometimes it's a more major thing. But there's not necessarily flashing lights that says, here's what we're doing.
Susanna Smith
Yeah, I absolutely agree with you.
Well, thank you, Professor Prince, for joining me today on Genetic Frontiers.
Anya Prince
Yeah, my pleasure.
Susanna Smith
Genetic Frontiers is co-produced by Brandi Mello and by me, Susanna Smith. Music is by Edward Giordano and design by Abhinav Chauhan and Julie Weinstein
Susanna Smith
On today's episode, I will be talking with legal scholar Anya Prince, who is a professor at the University of Iowa College of Law. Anya's writing and research focuses on health and genetic privacy, particularly the potential for genetic discrimination and the privacy implications of big data and genomic and genetic clinical care and research.
I became really interested in Anya's work because she's published extensively about GINA, the
Genetic Information Non-Discrimination Act, writing analysis about what legal protections exist for genetic information in the United States and examining through survey work what healthcare professionals, insurance commissioners, and the public do—and don't—understand about healthcare privacy and the potential for genetic discrimination.
I'm interested in how we protect people's genetic information because as a provider of genetic disease, I personally could stand to lose a lot if protections are insufficient. I also take the view that people, all people, should be able to exercise privacy and control over how their healthcare
In my view, we don't have enough protections in place yet, and we're not well prepared for a future or even the present moment in which genetic information is increasingly driving healthcare decisions and operates as a valuable form of data currency. So thank you for joining me today on Genetic Frontiers, Professor Prince.
Anya Prince
Thanks for having me.
Susanna Smith
I want to start by talking a bit about the big picture. How is privacy viewed or valued in American culture, the legal system, and in healthcare?
Anya Prince
Yeah, so I think, you know, so many people say, oh, privacy is dead. We don't have privacy anymore. But when you actually start talking to individuals about privacy, they really value it in lots of different ways. But I think one of the big problems is there's a disconnect between how the public thinks that privacy is viewed or valued and how the legal system actually values it.
So overall, and we'll talk about the details, I'm sure, today, but the law is not very good at protecting health privacy. And so most notably, the law treats the privacy of health data and genetic data differently depending on if it's within clinical care, within a research setting, or within a commercial space. And so it's really hard for the public to see whether or not the protections match the values that they have for the privacy of their health information.
Susanna Smith
How would you describe Americans' relationship to privacy?
Anya Prince
I think that they value it. I also think that people are happy to share information, especially if they know how it might be used, or if they trust who they're sharing with. So on the one hand, you know, people use social media and post all sorts of things that could tell them about, you know, tell others publicly about their health information and so there's lots of ways where we're not as private about our health information as one might think.
But there's also data that when you tell people that they might be part of a biobank, or you tell people that their genetic information has been commercialized. They're actually surprised about that and uncomfortable with that. And so I think we have a little bit of a both-and, right?
In some ways people don't think about privacy on a regular basis. They just go through the world and social media and the internet without necessarily having that in the forefront. But when you start to ask people how they want their information to be used, I think we start to see more of those values coming in.
Susanna Smith
Yeah, and I think trust is a big part of it, right? Like, how private you want to keep information is often about how you trust whether it's going to be used in a way that might harm you.
So how do you think about the importance of privacy and or data security when it comes to healthcare data versus genetic data specifically?
Anya Prince
So I think, so some argue that thinking about the privacy of genetic information or health information without thinking about just general privacy at large is exceptionalism that we should not think about health privacy or genetic privacy as anything different than just how do we protect data at large? Some people argue that, but I think it makes sense to think about the privacy of health data and the privacy of genetic data as more important or something that should be given extra consideration, both in the law and both by the public.
Part of that is that your genomic data, your health data is incredibly valuable so there's, you know, most of the cybersecurity attacks and threats to data privacy come to hospitals and places that hold our health information because it's just valuable on the dark web. But it's also valuable for advertisers, right? If they know that you might have a predisposition to diabetes, they might try to sell you insulin pumps or healthier foods or whatever that is. And that could be really beneficial to a person, but it still means that somebody is leveraging your health data in certain ways.
And for better or worse, I think people think about their healthcare and especially their genetic data or their genomic data as different than just general data, you know, especially genomic data. It's who we are. It's our blueprint. It ties us to our family members. And so I think people do think about the sharing of their genetic information in a much different way than other health data and other general data, and so therefore, I think about the importance of privacy and data security in that space as heightened since people tend to value the privacy of that information a little more.
I also think, and this might complicate the picture a bit, but some of my other research is in how much we can infer private health information from other information. So let's say we say, Okay, I have a predisposition to colon cancer, and so I don't want my genetic information that that shows that predisposition to be sent around. Okay, well, that's really important to protect that privacy. But if I joined a Facebook group for the Lynch syndrome community or I did a bunch of Google searches or online searches for cancer predispositions, those things could also proxy for that information.
So while I do think it's really important to keep genetic information more private, because like you said, you can't change it I also think it's really important for us to think about how much we need broad data protection to because of the ways that we interact with the world based on what we know about our health information.
Susanna Smith
Yeah, I think that's such a valuable point because we kind of, and even I do this sort of narrow in on certain data points as these are things I want to keep private, but I operate in a world, right? So I'm creating data all around me by my behaviors that is collectible, people can analyze it.
Anya Prince
I was just going to say, it might not be perfect, right? They might get it wrong like you know as a health privacy researcher who does not have a medical background, I search all sorts of diseases on Google, right, to try to just learn about the communities and the predispositions that I'm studying. And so an advertiser might think that I've ended up with 100 different conditions but there could be ways that they could identify it correctly.
Susanna Smith
Yeah. So, you opened with saying, some people say privacy is dead. It sounds like you don't totally believe that. I don't totally believe that, but what does privacy mean in a world where your genetic data, possibly your full genome, could be collected from your toothbrush and your genetic data can implicate others, namely people you're biologically related to.
Anya Prince
Yeah, so these examples do show ways in which it's really hard to completely insulate ourselves from intrusion upon our confidential information. But I agree with you that privacy still matters.
There are some state laws that or some states have laws that are against what's called surreptitious testing so that collecting something from your toothbrush and sending it in for a testing lab. There are laws that help protect against that. But also, I think each time that anybody is able to successfully minimize the amount of data available about them, it minimizes their likelihood of harm. So even if it never completely ameliorates the harm that could come, I think privacy matters because it gives us some control and the ability to lower our risk of future harm that might come if somebody knows our information
And it also just as you started off the podcast saying, I think it matters to give as much control as possible to somebody to say, this is how I want my data used. I think it's respectful. I think it it's just something that everybody should have as much as possible, even if it's harder and harder to gain in this complex world.
Susanna Smith
Yeah, I mean, my opinion and my view of it is that we're also only slowly creating those systems of control, right? That we started out decades ago collecting this data and then sort of in some ways backed into this idea of, oh, well, we should figure out some ways that you can control how your data is used. So it feels like there's a catch up that's happening societally of awareness of what data can tell us about a person and how that data might be used. And I'm talking even more broadly than healthcare and genetic data, but including that.
Anya Prince
Yeah, I think that's a really important point.
Susanna Smith
So you published this brief but really rich article with a co-author in JAMA called "Protecting Privacy When Genetic Databases Are Commercialized."
In that article, you write that many people are unaware that their health or genetic data may be commercialized, whether it was collected when they were a patient, a research subject, or through some kind of direct to consumer testing. And then when people realize this, they're often uncomfortable. But this is long been the model, particularly for direct-to-consumer genetic testing companies.
So how do you view this disconnect between what people think about the privacy that they have over their health and genetic data and how private their data actually is?
Anya Prince
Yeah, so I think this is really a confluence of three problems. So that's going to be a little bit longer of an explanation, but I want to walk through each of those problems because I think it goes to what you were saying of people playing catch up.
So one, we have a system in this country where privacy rights, for the most part, especially outside of clinical care and outside of the research setting, is given through what we call notice and consent so those are if you download an app on your phone, they give you your privacy policy, and you say, yeah, yeah, yeah, of course I've read this and you click on it. And basically nobody actually reads those all, right? But that's notice and consent.
We've given somebody notice of how their data is going to be used, and they consented to it, and then it's fair game. And that's such a problem because we know that people don't understand fully how their information can be shared, and yet we still have that as the legal basis for a lot of respecting privacy in this country.
The second problem we have is that we've built a data economy. So there's the saying of, "If the product is free, you are not the customer, you are the product, right?" And so there's so much of that in our society now because companies are allowed to share people's data and sell people's data. Again, this is outside of the health care, healthcare and research setting space. But for the most part, we have companies that have built their business model over treating people's data as a monetary value.
And then the third problem, I think, is that the law treats de-identified information differently than identifiable information. And here now I am talking about the research context and the healthcare context and the commercial context. And so there's a lot of sharing of our de-identified information that does not need people's consent, and that happens wildly. And on the one hand, that's great, because a lot of our research has happened because we can now study 1,000,000 people's genomes at once.
The researcher doesn't know that it's Anya or Susanna's genomes, but it's, you know sample 1, 2, 3, 4, 5, and 1, 2, 3, 4, 6. But when it comes to genetic data, it's hard to completely de-identify it because it's unique to everybody.
And I think people still might care about how their information is used to, you know, in ways, even if their name's not attached to it. So when you put all of those three systems in place, it really creates this disconnect where people might think that their health and genetic data is
more protected. And in reality, they've often given away their rights of how their data is used. And then there's this monetary incentive for companies to run wild with it.
Susanna Smith
Yeah, I want to pause on two things you said there. One is this idea of what health data is collected when it's collected inside a healthcare system and possibly some of the same information could be collected direct to consumer and legally, how is that different? How is that treated differently? If I do it through a company versus I do it through a clinician and a hospital system?
And then I just want to ask, what is your real opinion of "de-identified"—and I'm doing air quotes here—genetic data.
Anya Prince
Yeah, so the first one, so in the healthcare setting and health insurance setting, I should say, the health insurance portability and Accountability Act, or HIPAA, applies. So HIPAA has a privacy rule that really starts with the baseline of health information should not be shared unless and then there's some exceptions. And so if you go and get genetic testing with a genetic counselor in a clinic, then your information is protected in a much different way. But one of the exceptions of HIPAA is that if it's de-identified then the hospital or insurer doesn't need consent to further share it. But that has so much more protections than in the commercial space.
So if you do direct to consumer genetic testing, HIPAA does not apply to those type of companies. And so really at the federal level, the only thing that applies in terms of privacy, is that whatever they say in their privacy policy, they have to follow, otherwise it's an unfair business practice. And so theoretically, I don't know of any companies that do this, but theoretically, the privacy policy could say, we are going to put your entire genome on the web for everybody to read, and you consent to that. Is that okay?
And then if you click I agree, that's fine, right? So theoretically, they can say we could sell this for millions of dollars. You know, they could agree to sort of anything, or they could say that they're going to do anything. And as long as you click, I agree, right, and they abide by those terms of the privacy agreement that you agreed to it's really the Wild West at the federal level.
Now, at the state level, some states are increasingly passing laws that give more protections to individuals. But that's the dichotomy in terms of healthcare and outside direct to consumer testing.
In terms of what I think about de-identified there have been plenty of studies that show that
that genetic sequences, raw genetic sequences, that have had people's names removed can be re-identified. And so just removing somebody's name is not enough to completely expel the risk. De-identifying genetic information lowers the risk.
So would a pharmaceutical company that has a large database of hundreds of thousands of genetic sequences really go back and find one particular persons and re-identify particular persons. No, I think that's relatively low risk. But it is interesting that we've created laws that treat these information differently, whether it's identifiable or de-identifiable without really grappling about what that means in the context of genetic information
Susanna Smith
Yeah, and I think I want to pause on this point because I think the reality is the science has changed, right? And so the laws were formulated around this idea that that if you strip personal information out of it, we're protecting people's privacy. And then the science advanced to the point where we can go back and do the work to identify. And so I think it's just this place, and it exists in other places, where the current legal protections don't reflect our current scientific understanding of what we know about DNA.
Anya Prince
Yeah, and I think this to not make this exceptional about DNA, I think this is a problem for all data, right? There have been studies, there's a computer scientist named Sweeney, her last name's Sweeney, and she's done studies showing that you can identify individual people with it's something like age, zip code, and gender, right? You can identify like almost everybody, I don't know, it's upwards 80, 90% in the study of people in the US, just based on those 3 things alone, right? Because if you think about it, how many people in one zip code have the exact same birth date? You really start to narrow very quickly, and so then, if you think about all the data crumbs we're leaving everywhere, it becomes pretty easy pretty quickly to put together different data points about people.
So I think this is something that the law and society will have to grapple with, not just in genetics, but in just big data and algorithms in general.
Susanna Smith
Yeah, I totally agree with you. And I don't want to go down the entire dystopian path of like the reality we're living in currently of how that data could be used, but I think it's a great point.
We're really lacking in both data privacy protections and data security protections, but I would also say public education around what people understand about what data is being collected on them regularly, and the current uses and the potential uses.
Anya Prince
Yeah, and I think that that current use versus potential is so important to you, right? I came back to… I still think it makes sense. I mean, I still think it's a good thing that when people share information, they de-identify it, right? If a direct-to-consumer company is sharing with a pharmaceutical company, great to de-identify, because that lowers the privacy risks.
So again, I go back to, sure, we could go down the dystopic path and have all sorts of scary scenarios, but in reality, right now the motivations to re-identify large data set, I don't know, what would they actually be? So is it theoretically possible? Sure. But does it minimize the risk? And really, you know a pressing risk at this moment? No, I think there's other pressing risks in terms of privacy that we might want to tackle first.
Susanna Smith
What would you see those as being? What do you think are the most pressing risks in the privacy world around healthcare and genetic data?
Anya Prince
So one is the disconnect, right? I think we should make sure that and by that I mean the disconnect between how people think their health privacy is protected broadly and how it actually is.
And so I think one of the largest ones is the fact that outside the healthcare setting health information, the exact same health information, is protected in a different way. And so that's that's one that I think would be important to do.
This is outside the privacy space but I think another piece is how the information is used, right? So another part of my research is discrimination, and I think privacy and discrimination go hand in hand because one of the big concerns about not having your privacy protected is the risk of discrimination. So I think then shoring up anti-discrimination laws is also helpful. But from this privacy perspective, I think the privacy laws are just as important, if not more, because the best way to prevent discrimination is to stop the person from having the information with which to discriminate. And so both of those would be things that I would try to tackle.
Susanna Smith
I want to pause here and just have you say a bit about where we are on anti-discrimination laws, particularly around genetic information in this country.
I've talked about in other episodes, sort of the federal law, GINA, and the loopholes in the law, but I think it's also really important to stress, particularly for practicing clinicians, that the protections are different state to state, and it depends what state you're practicing in. So could you just expand upon that a little bit with clinicians in mind?
Anya Prince
The Genetic Information Non-discrimination Act (GINA) prohibits health insurers and employers from using genetic information but it doesn't cover other any entities. So the main ones that are talked about as not being protected at the federal level are life, long-term care and disability insurers.
And so at the federal level, a life insurer or any of those other insurers could take somebody's genetic information and say, we're not going to insure you, or we're going to charge you a higher premium because of your genetic test results.
At the state level, there are some states that have provided protection. For example, the one that has protected all three is Florida now prohibits life, long-term care, and disability insurers from using genetic information for any insurance purpose whatsoever, right? And I think the language of the law is any insurance purpose. And so that's the most protective one.
But there are some other protections that create a patchwork across the country. For anybody, clinicians or patients, I actually recently collaborated with a researcher from the University of Maryland School of Law who does research in law enforcement's use of genetics.
We've created a website that maps out the state laws regarding life, long-term care, and disability insurance, as well as the state laws that regulate life insurer use of genetic information. So you could check those out to see what the legal protections are in your state.
Susanna Smith
That website, for anyone listening who'd like to check it out is geneticprivacy.lib.uiowa.edu and we'll put a link to that in our show notes.
So thinking about this disconnect that you mentioned, how do you think people and clinicians should think about both the privacy and profit motives when they're either deciding to undergo or they're recommending genetic testing or genomic sequencing, like, how should we shift our mindset around what that choice is?
Anya Prince
I think this is a really hard one in practice because there's a balance between access and cost and privacy. And so sometimes I think the benefits of access are greater than the privacy risks.
And so I know I've heard from people where a genetic counselor, for example, might say, well, you could do this test in the clinic, but it's going to cost X amount of dollars. But if you go and get this test outside the clinic, it will be cheaper, right? And so, I don't think that those are bad things to recommend, but I do think that patients should know that they're balancing privacy and cost in that case. So I think it's just really important for clinicians and researchers or clinicians when they're talking to patients to be open about that and to also understand
what the protections are.
And it gets complicated quite fast, because there can be an outside genetic testing company that's what's called a business associate of a hospital, and if they're a business associate, then they do fall under HIPAA and so the lines get blurry quickly. But I think clinicians should understand what laws might apply, what privacy laws might apply, and just be upfront with that with their patients.
I also think in terms of researchers thinking about this I would encourage researchers to have a little bit of self-reflection, right? We talked about how de-identifying genetic information allows broader sharing. Really, researchers love this because it allows them to create large databases of hundreds of thousands or millions of participants and really do groundbreaking research
But there also could be researchers who care about their research participants' privacy. And so I think there's a little bit of tension between making research easier and faster and also respecting people's privacy and allowing getting more specific informed consent. And so I think members of the research community sometimes push more towards the efficiency of their research than necessarily asking each individual person for consent for every study, because that would take a long time.
Susanna Smith
I think when researchers fail to really understand how people value data privacy, and I think increasingly, the public is waking up to what is data privacy and how data is being collected on them and how they feel about that, I think researchers sometimes struggle to enroll people because they haven't really engaged with how people want their data to be used, and possibly they don't engage in studies because it's being used in ways they don't agree with.
Anya Prince
There are… I think there are more and more people who care very deeply about privacy. I think there's a lot of people who are more comfortable with sharing a broader amount of things. And so I think it's very easy for researchers to say well, we aren't going to give those options, right? Because it's only, you know, quote unquote a small percentage of people who might… who might want those broader protections. But then I think you have to start thinking about how that might be biasing your sample or just disrespecting a small but hopefully growing segment of the population that do care more deeply about these issues.
But again, it's that adds complexity and work to, you know, researchers' lives to create those different ways of going through the process. And so I think there's a tendency when with really busy people who, you know, want to do the best science and get the results and have pressures to get results more quickly to just say, oh, it's only a handful of people. And I just, I think that's disconcerting, right? I think it's… I think I would encourage researchers to think, how can we be privacy maximizing and choice maximizing? Because everybody's different in how they think about their data.
Susanna Smith
I agree with that, and I think it doesn't anticipate the potential of a cultural shift, right? Because as people see ways their data could be used that they may not judge as in their best interest. There could definitely be a pushback.
Susanna Smith
So I wanna turn a little bit. It may tie into this to direct-to-consumer genetic testing, which we've seen now an estimated 20% of adults in the US have participated in but it's stagnated, right? So people are not continuing to purchase genetic test kits at the rate that they once were. And some of that may be privacy concerns. But once you do a test kit and your genetic data lives in a database, it's owned by that company or its successors, unless you intentionally take the steps to remove it, which most people don't do.
So, what are some of the ways that data could be used? And let's talk from the most altruistic to the commercial to potentially nefarious applications.
Anya Prince
Yeah, so the most altruistic version of what companies can do with the databases, one, of course, is returning services to the customers. So you want to learn about your ancestry, we're going to return that. If you want to learn about health information, we'll return that, maybe continuing to update as we learn more about variants of uncertain significance, for example, updating those resources. So that's one altruistic or maybe just business model way.
There's also, as I've talked about, medical research or pharmaceutical advances. So for example, we can talk about one of the largest direct to consumer genetic testing companies, 23andMe. They've had multiple agreements with pharmaceutical companies like GlaxoSmithKline to look at millions of people's DNA that have that adopted into the research arm of 23andMe. And the hope would be to come up with really important pharmaceutical advances when we're pooling all of this data.
I've also mentioned some of the commercial uses of genetic information. So this could be advertising, right, targeted advertising to people. And some people see that as really helpful, and some people see that as maybe more coercive or problematic, or invasive. I think that just might be in the eye of the beholder, or possibly in the eye of who's doing the advertising and what they're advertising.
And then potentially more nefarious or problematic, and there's different opinions on these, but we mentioned, you know, insurance companies, theoretically, an insurance company could use large-scale genetic data to try to map actuarial results.
And so by that I mean who are the populations that do cost more to a life insurance company or do cost more to a disability income insurance company? And then using that information in their underwriting. Law enforcement has access direct-to-consumer genetic testing in various ways to try to identify either a perpetrator of a crime or their family member, right? A partial match in order to narrow down suspects in a crime, and that's quite controversial. Some people are more happy with that use than others.
And, you know, and going down the… again, we can go down more and more dystopic versions, but also looking at 23andMe, there was a hack of 23andMe back in 2023, and there's evidence that the information that was sought was targeting people with Ashkenazi Jewish ethnicity and Chinese ancestries. And so you know, that gets into more and more problematic potential uses when it's really targeting groups of people in ways that could be ripe for discrimination or stigmatization.
Susanna Smith
Yeah, and I mean, that hack I find so disturbing. I think it's important to pause there and just, what I kind of say to myself is, we're not envisioning the potential future. This is actually something that has happened. It has already happened. So...
Anya Prince
Yeah.
Susanna Smith
So I want to talk about one thing you mentioned in your article about the Coalition for Genetic Data Protection. Could you just talk a little bit about what is the Coalition for Genetic Data Protection? And then what is this model law that they have put forth.
Anya Prince
So there's a model law, and what a model law means is it's usually an organization that creates a blueprint of a law, and then they lobby states to pass the law, and that's really helpful for state legislatures to, you know, take something already written and then put it into their bill, and then if it's passed into their statutes. And so what it means is that you see sort of copycat versions of the law that are very, very similar across multiple states.
And so there's a model law called the Genetic Information Privacy Act that has now been passed in I think 13 to 15 states it was introduced in a couple of states this year as well. So I don't know this past year. So I don't know the exact number, but it's a pretty large handful of states that have passed this law. This gives privacy rights to customers of commercial genetic databases so these direct to consumer genetic testing companies.
But what's fascinating about it is this coalition that you mentioned that's pushing for these laws is actually made up of two companies, 23andMe and Ancestry.
So the two largest direct to consumer testing companies are pushing for laws that regulate how they protect consumer privacy. And the laws do give some really good, sensible privacy protections. So it gives the right to delete your genetic information from a database. It requires law enforcement to have some sort of judicial agreement like a warrant in order to access genetic information in the database. So they can't just informally call up the company and say, hey, can we do a quick search for X, Y, and Z genetic sequence? And it requires some data security protocols. So that's all great.
But from my perspective, there could be probably some greater privacy protections that we might want but the companies that are lobbying for this also have an interest to not be overly protective of privacy so that they can do, you know, have their business model, which is all about sharing genetic information.
Susanna Smith
So from the perspective of consumer privacy protections and protecting people versus companies, what do you think that the model law is missing? What would you add if you had a wand and could just add it in there?
Anya Prince
So a couple of things, and I'll just give some examples. I mean, we could have, you know, a multiple hour conversation about all the different ways we could have, but just a couple of examples.
So the model law says a direct to consumer genetic testing company won't share genetic information with life, long-term care, or disability insurers without written informed consent.
Okay, that sounds good. But when you think about the power dynamics, if a life insurance company says, hey, we're going to collect your genetic information from a direct to consumer testing company, Do you consent? The consumer could say no, and then the life insurance company can say, great, we are not going to insure you or not going to further look at your application. And so consent is important, but it doesn't really give you much power when you're dealing with large companies like life insurance company.
And so California, for example, when they passed the model law, they made a change and it just says direct to consumer genetic testing companies won't share genetic data with lifelong-term care and disability insurance companies. They just got rid of the consent part and said, you just don't share it at all, full stop. And so that's a version that is a stronger protection. Protections that people have, but again, they click, I agree when they do the DTC testing without necessarily actually reading the privacy policies.
So one version of the Genetic Information Privacy Act could be greater requirements to get the information in front of consumers before they agree to have them really understand what sort of sharing could happen so have more overt opt-in.
Susanna Smith
Yeah, no, I think those are great, and I think it's why I keep circling back to the topic of privacy and discrimination. And, you know, I've got skin in the game around all of those issues, but I think my personal scenario is very telling or it's like a canary-in-the-coal-mine type situation for what I think applies to lots and lots of people.
But from my perspective, many consumers, people, and a lot of clinicians don't fully understand that. And actually, that's what your survey research shows. So when you think about healthcare data privacy and how it's approached in the United States today compared to other countries, where do you think the U.S. needs to go, and why does it matter?
Anya Prince
Yeah, so I think a couple of things. One, I think as we talked about more in the beginning, I think the US needs a broad general data protection law and to not, you know, that would help depending on how strongly it's written, that would help some of these concerns about how there's great federal protections for the direct to consumer or the health information that's outside the healthcare setting. And so I think that's one thing we need to do within that.
I think there's a couple principles that would be really helpful to move towards. So one is this idea of data minimization. And so this is a principle that shows up in regulation in Europe. But data minimization is just the idea that companies or data collectors should only be allowed to collect and keep the data, like the minimum amount of data necessary to do its purpose.
So this is outside the genetic context, but one that comes to mind. There was a flashlight app that turned on the flashlight on your phone. That was the sole purpose of the app, and it collected your geolocation data, right? There's no reason that a flashlight app needs to know where you are when you're turning on and off your flashlight, right? So that's the idea of data minimization is don't let companies collect more than they actually need.
And I think this is more and more difficult thing to push against in an era of AI and algorithms, because AI is going to want more and more data, right? Companies are going to think, oh, if I get more and more data, maybe we'll come up with, you know, some new thing.
So I think it's really important to keep data minimization in mind. And the other thing I think is we need to move away from this idea of notice and consent, that if we just put a complex, long privacy agreement in front of somebody, and they click yes, then we're going to pretend that they actually have read it, and can digest it easily. And that's not to say that that's a problem from the consumers, right? There's studies that it would take like days to read through all of the privacy agreements that are put in front of us. So I think there needs to be a move away from notice and consent to more protective models from the outset.
Susanna Smith
Yeah, I think that's a great point. And then you're constantly getting the notices from companies that their privacy policy has changed. So it's like, I didn't read it the first time. I'm not reading it the second, third, and fourth time either.
Anya Prince
Yeah, well, and even so, you know, I do sometimes click on those as a privacy scholar and they don't tell you how it's changed. So when you do click on that privacy update, it just gives you the new privacy thing. So then you have to go back and, like, compare, like, I download them and put them into Word documents and then do a cross-compare to see even what changed. And sometimes it's like the address that you're supposed to contact, and sometimes it's a more major thing. But there's not necessarily flashing lights that says, here's what we're doing.
Susanna Smith
Yeah, I absolutely agree with you.
Well, thank you, Professor Prince, for joining me today on Genetic Frontiers.
Anya Prince
Yeah, my pleasure.
Susanna Smith
Genetic Frontiers is co-produced by Brandi Mello and by me, Susanna Smith. Music is by Edward Giordano and design by Abhinav Chauhan and Julie Weinstein
Thank you for listening to this episode of Genetic Frontiers. Connect with us at geneticfrontiers.org or on Instagram and LinkedIn at Genetic Frontiers to continue the conversation.