Bioinformatics Research and the Case of deCODE Genetics, Inc.
As computer/information technology and biotechnology converge, new combinations of the two have emerged. One such field in bioinformatics, which involves the acquisition, storage, manipulation, analyses, visualization, and sharing of biological information on computers and computer networks. Much biological research, including genetic/genomic research, is now conducted via computational techniques and modeling (that is, in silicon using digital representations of biological material) rather than in traditional “wet” laboratories with chemicals. Computational tools enabled genomic researchers to map the complete human genome by 2003; using traditional sequencing methods would have required many more years to accomplish this objective. Computational techniques have also assisted researchers in locating the genes for many diseases, which has lead to the development of pharmaceuticals that can treat and cure those diseases. However, the use of computer technology is genetic and genomic research remains controversial, as illustrated in the case of deCODE Genetics.
Karl Stefansson, the founder of decode Genetics, left his academic position as a professor of neurology at Harvard University in 1996 to set up a genetics company in the private sector. Stefansson had worked on a Harvard-sponsored investigation into multiple sclerosis, and his concerns about limited resources involving access to data about populations, influenced his decision to seek private funding to start a genetics company. Stefansson believed that the right kind of resources needed for genetics research could be found in a homogeneous population such as that of Iceland, his native country. Iceland’s 280,000 inhabitants are descended from a common set of ancestors (Norse and Celts) who arrived there in the ninth century. Because of the country’s population was virtually isolated until World War II, it has remained remarkably homogeneous and thus has provided genomics researchers like Stefansson with an ideal resource.
Stefansson negotiated with the Icelandic government for access to the nation’s health care records, which date back to 1915. He already had access to Iceland’s genealogical data, comprised of records that date back more than 1,000 years. Iceland’s Parliament also promised Stefansson access to any government-owned medical information that he would need to conduct his research. With these and other agreements in hand, Stefansson officially formed deCODE Genetics and immediately began to construct a genetics database consisting of information based on DNA samples that would eventually be acquired from 70,000 volunteers. deCODE was then able to link together and cross reference medical/healthcare records, genealogical records, and genetic information included in the three separate databases.
Why is the deCODE case controversial from an ethics/social perspective? The ethical/social concerns raised in this case can be described in terms of three distinct but related kinds of issues: (i)privacy and confidentiality concerns affecting research subjects who volunteered their DNA; (ii) concerns affecting the consent policies and practices used in collecting personal genetic data; and (iii) concerns involving ownership rights to, and thus control over, personal genetic information that resides in computer databases.
First, consider the privacy-related issues. Research subjects who volunteered their DNA samples to deCODE had an expectation that their personal genetic data was confidential information and would be treated and protected accordingly. However, those individuals were given no guarantee that their personal data would remain confidential and continue to be protected once it was aggregated and cross-referenced, via data mining techniques, with information in deCODE’s non-genetic databases. (The aggregated information does not enjoy the same kinds of legal protection that is typically given to “personally identifiable information”.) Aggregated information can generate “new facts” about people, and that in turn can generate “new groups” based on arbitrary and nonobvious patterns and statistical correlations. For example, data mining might reveal a statistical pattern indicating a high incidence of breast cancer among women who read nineteenth-century British novels. As a result, these individuals may be assigned to a new group or category (of individuals)- namely, the group of women who read nineteenth century British novels and who are likely to develop breast cancer. It is quite likely that these women would have no idea that such a group existed, even though knowledge of this group based on seemingly arbitrary statistical correlations could be known to insurance companies or employers. Because of their association with such a group, these women could, without the appropriate kind of privacy protection, be at increased risk for denial of employment and health insurance.
Second, problems affecting the consent practices used arise on at least two different levels. For one thing, medical information inn the health care database that deCODE acquired from the Icelandic government is based on data gained from “presumed” (rather than informed) consent. For another thing, the DNA-specific information allegedly acquired from “informed” volunteers may not meet the required conditions for what many medical ethicists described as “valid informed consent.” Even though research subjects who volunteered their genetic data to deCODE agreed to have their data used in a specific context, it is not clear that they explicitly consented to have their data used in secondary or subsequent contexts (made possible by data mining). That is, they did not authorize their personal data to be cross-referenced with other personal medical data, such as electronic records residing in the health care and genealogy databases. Nor did they authorize the subsequent “mining” of the cross-referenced information. In this sense, the consent practices used by deCODE would seem to be far more “opaque” than transparent to the research subjects involved.
Third, issues of property rights and ownership of personal genetic data arise. For example, who should (and who should not) have access to that data? In the case of deCODE, personal genetic information resides in the company-owned databases. Should the company hold exclusive rights to this data in perpetuity, or should deCODE be permitted to do whatever it wishes with that data once it has been acquired? Alternatively, should the Icelandic government be granted custodial rights to the personal genetic information in deCODE’s databases, so that it can better protect the interests of Iceland’s citizens? It is not clear that the individuals who volunteered their DNA have any control over how their personal genetic data is used.
The deCODE case has suggested some important questions and issues for bioinformatics research in the private sector. For example, should privacy laws be expanded or modified to protect research subjects? Do we need new privacy laws because of the computational techniques that can be used to manipulate personal genetic data in secondary uses of that information? Do informed-consent policies need to be updated and revised? Should review boards be set up in the private sector, similar to the institutional review boards (IRBs) used in government funded research, as well as in academic research, to protect individuals? Do our property laws need to be revised in light of the fact that personal genetic data may reside in commercial databases? Perhaps it would be prudent to consider these questions now, while bioinformatics is still a relatively new field.
Material used in this case description has been extracted from H. Tavani, Ethics, Computing, and Genomics(Sudbury, MA: Jones and Bartlett, 2006).