I gave my DNA away. Can I get it back?
Why are people selling the very core of their identity to private firms?
I recently spat in a pot and sent my saliva off in an envelope for analysis.
A growing number of people are willingly handing over their DNA to corporations in return for learning about their ancestry or to get health reports.
Why are we prepared to make this trade with our most intimate of data and what are we getting in return?
And what happens if you want your data back?
Interest in off-the-shelf DNA tests has exploded in recent years.
It is estimated that by the start of 2019, 26 million people had added their DNA to four leading databases, operated by Ancestry, 23andMe, MyHeritage and Gene by Gene.
In 2016, 23andme began selling access to anonymised data to more than 13 drug firms. Genentech reportedly paid $10m (£8.3m) to look at the genes of people with Parkinson's disease, while GlaxoSmithKline has reportedly paid $300m for access to the database.
The firm told the BBC that 80% of its customers choose to opt in to the research programme, and can opt out again at any time they choose.
But Tim Caulfield, research director at the health law institute at the University of Alberta, is not sure that people realise what they are signing up for when they answer the lengthy questionnaires about their health and heritage.
"People need to look carefully at privacy statements because often these firms are partnering with the pharmaceutical industry and people should be aware that is happening," he told the BBC.
And while most of the firms - including 23andMe - operate on the basis that users can withdraw consent to use their genetic information at any time, it can be more complicated than that.
"Once it has been aggregated and data is out there, it becomes difficult to get it back. And what happens if the firm goes bankrupt, what happens to all the DNA then?"
Bankruptcy is not the only thing that can go wrong.
Vice journalist Samantha Cole was concerned in May that the FBI may have confiscated her vaginal cultures when the DNA firm uBiome, which she had sent her sample to, was raided as part of an investigation into how the firm was billing for insurance.
And it is not the first time police have used the vast DNA databases which firms such as 23andme are amassing.
In April last year, it was revealed that US police uploaded DNA they suspected of belonging to a man thought to have committed multiple rapes, murders and burglaries across California, to GEDMatch, a free online database where anyone can share their genetic code in order to search for relatives who have also submitted theirs.
From this, police were able to create a complex family tree with the details of around 1,000 people, which led eventually to the third and fourth cousins of Joseph James DeAngelo, who was arrested and charged with the crimes.
None of those whose data was compiled had given prior consent for their data to be used in a murder enquiry.
Dr Emiliano Cristofaro, head of the information security research group at University College London (UCL), said: "These firms like 23andMe and Ancestry DNA do the bare minimum to be GDPR-compliant (General Data Protection Regulation) but they don't always have the users' best interests at heart," he said.
"When we donate traditional data to companies it is our choice, but with genetic data your decision affects your close relatives as well. And we don't yet really know what this data contains. Every month we learn something new about genomic data and it might not be sensitive at the moment, but it might be in future."
Joyce Harper, a professor at UCL Institute for Women's Health, has used two of these databases to trace her family tree. But she questioned whether inputting information into a DNA database to "unlock relatives" was GDPR-compliant.
"Those that put their DNA in the bank have agreed to be in the database. They then build up their family tree with information about relatives who have not consented." she said.
She is also worried about data breaches, although she is not sure what damage hackers would do with DNA information.
Genome sequencing of the general population would improve the diagnosis and treatment of a whole range of diseases, but it also raises questions.
"Part of me is thinking 'just go with the flow' but we need to think about what it means to give away this data. Is your DNA then government property? I am not sure how much of an issue this could be."
Prof Harper recently visited just such a facility in China, and came away "with more questions than answers".
Mark Thomas, professor of evolutionary genetics at UCL, thinks there is some science behind the tests but the genetic information they share is often just too general to be of real value.
"What they mean by ancestry is that they have identified where some of your ancestors come from. If an Italian does the test, they will find that their ancestry is broadly Mediterranean and if someone from Africa does it, it will be broadly African.
"It can be useful if you want to join up with lost relatives, and if you are not going to take it too seriously and if sharing genetic data doesn't bother you."
Are the tests worth the data trade-off?
Tim Caulfield thinks the health information he was given was not particularly helpful.
"In the test I did, I was found to be at increased risk of colon cancer and my personalised health advice was to not smoke, exercise more and drink in moderation. I didn't need a genetic test to tell me that.
"These tests promise that this information will be empowering and will allow you to make adjustments to your life, but there is no evidence to back up the claim that people change their behaviour based on risk factor."
To read more ofthe article hit here
