Recently, UC Berkeley has announced that they will offer complimentary DNA testing to incoming Letters and Science freshman. The testing will be optional, confidential, and look at three genetic markers related to alcohol, lactose, and folate tolerance. While the project intends to provide a unifying educational experience and help students prevent health issues, it has become the subject of criticism because of the ethical and privacy concerns associated with genetic information.
One dimension of the system that should not be ignored is the threat model. According to the FAQ on privacy for the program, the confidentiality of the system relies on two bar codes sent to each student. The student sends one back and keeps the other to view the results. This description is too simplistic to give me any confidence in the system. In order to provide confidentiality, these barcodes would need to be randomly generated. There would never be a time when the bar codes associated with student names were viewable by another person (who is stuffing the envelopes?). And, the web site that provides the information would have to be free of security vulnerabilities. Given that the only time I’m ever received an SB1386 “sorry, we’ve been hacked” letter was from UC Berkeley and involved a website compromise, I think that this is a big assumption.
Like other dilemmas involving ethics and privacy, the people responsible for the decision should deeply consider the security risks. Ensuring privacy often means ensuring the confidentiality of information, which is tremendously difficult to guarantee. I’d like to see more organizations analyze and present the security concerns and how they impact privacy before making unfounded guarantees and rushing towards their desired conclusion.
