Bioinformatics and Privacy

Wade L. Robison


In Iceland, DNA is being gathered from all citizens with the idea of creating a database of information. There are not that many Icelandic citizens, and they are geographically isolated from neighbors. Those gathering the data do not need to concern themselves as much with strangers wandering in from outside to contaminate the sample, and citizens not in Iceland can be readily identified because there are few ways off the island that do not require passing through passport control. ? One concern is that gathering this information in a database will put at risk individual’s privacy, but that general claim encapsulates different kinds of harm to our privacy. These different harms have developed in tort law since the first privacy law was passed in New York in the early 1900’s. We might think of this as open source development of the concept of privacy by practitioners with great skill in discerning, and creating, distinctions that make a difference to the rights of individuals and corporations. The concept has been honed by a great many good minds with a real interest in getting clear on what the concept means and what it entails. A decision in a case depends upon it. So the distinctions between these different kinds of harms to our privacy are clear: they harm us in different ways, the ways in which we prevent the harms are different, and the remedies when our privacy is invaded in any of these different ways are different.

So when concern is expressed about databases like that in Iceland invading our privacy, we need to sort out which privacy harms such databases ensure or make likely. Otherwise, we may find ourselves in the position of having created software for a database that protects us against one kind of privacy harm, but not against some other. We shall discover that a database like that in Iceland will ensure one kind of privacy harm and that there is no way to protect against it, that the remedies for two that we must protect in the same way are very different, and thus, among other things, there is no single response appropriate to a concern about such databases invading our privacy.