Private information is the brand new gold. The latest 23andMe information breach is a stark reminder of a daunting actuality: that our most intimate private data might not be as safe as we expect. It’s a damning indictment of the utter negligence of companies that, though they profit from our DNA, fail to guard it.
The 23andMe hack noticed hackers entry the private data of about 6.9 million customers, together with household bushes, delivery years and geographic places. It raises some necessary questions: Are firms actually doing sufficient to guard our information? Ought to we belief them with our most intimate data?
Firms promise to maintain our information secure, however there are some quirks right here. Authorities overreach is definitely a risk, with the FBI and each police company on the planet probably salivating on the thought of accessing such an enormous information set of DNA sequences. It may very well be a goldmine for each chilly case from right here to Antarctica.
The argument: “But when you have not accomplished something fallacious, you don’t have anything to fret about!” It applies solely partially, right here: the issue is one in every of consent. At one level my father took a DNA check and came upon he had a half-brother who was about to show 80. He seen an unbelievable quantity of household drama once they began digging into historical past and found an entire bunch of probably problematic household historical past.
The issue shouldn’t be that my father selected to do that, however that I didn’t consent to being within the database, and that is the place issues get troublesome. I can think about a particular Black Mirror-style future, the place a member of the family is excited about their ancestry, will get examined, and two weeks later, the FBI comes knocking on the door of everybody who shares 50% DNA with that particular person as a result of they’re wished for some type of crime.
The audacity of 23andMe, and firms prefer it, is astounding. They current themselves as guardians of our genetic historical past, gatekeepers to our ancestral previous and potential medical future. However when the chips fail and our information leaks, it hides behind the outdated phrase, “We weren’t hacked; It was an excuse for customers’ outdated passwords.
This logic is equal to a financial institution saying: “It is not our fault your cash was stolen; You must have had a greater lock in your entrance door.” That is unacceptable and a blatant abdication of accountability.
Firms dealing with such delicate information should adhere to the very best potential commonplace. We’re not simply speaking bank card numbers or e-mail addresses right here. That is our DNA, the blueprint for our existence. If something must be thought-about “sacred” within the digital world, certainly it must be this?
The truth that the stolen information was made public as a listing of names of individuals with ancestors who have been victims of systemic discrimination provides one other troubling layer to this debacle. It highlights the potential for this information to be misused in probably the most harmful methods, together with focused assaults and discrimination.
The DNA testing trade must ramp up. They need to be sure that the safety measures carried out are usually not solely ample, however distinctive. They need to lead the cost in cybersecurity and set an instance for all different industries.
It is not nearly higher passwords or two-factor authentication. It is a couple of basic shift in how these firms view the info entrusted to them. It is about realizing the profound accountability they’ve, not simply to their purchasers, however to society as an entire.
Am I optimistic? Not even a bit. I’ve lengthy argued that after the Equifax breach, the corporate ought to have acquired the equal of a dying penalty. As an alternative, a $700 million wonderful was imposed. I feel that is laughable. Permitting a breach of this magnitude to be potential, not to mention really occur? You do not need to proceed being an organization. I feel this is applicable much more to firms that take care of our DNA.
It is time for 23andMe and the DNA testing trade as an entire to understand that they don’t seem to be simply coping with information. They take care of folks’s lives, their historical past and their future. It is time to begin treating our information with the respect and care it deserves.