Monthly Archives: September 2014

Canadian life and health insurers limit use of genetic test results

Canadian life and health insurers are adopting new policies on the use of genetic test results that will guide how this type of information should be used when underwriting policies. The guidelines would also restrict the type of information companies can collect.

The action by the Canadian Life and Health Insurance Association Inc.(CLHIA) demonstrates the industry’s pledge not to seek genetic testing results from research where the information wasn’t disclosed. Insurers also won’t ask for genetic test results of any other person than the policy applicant. Companies must now have a plan to address complaints related to underwriting decisions.

This adds to the long-standing voluntary ban on insurers asking applicants and policy holders to undergo genetic testing.

The CLHIA, which counts the majority of the industry as members, is clarifying its position on genetic testing less than three months after the Office of the Privacy Commissioner of Canada called on the insurers to stop asking clients for access to genetic data altogether until insurers can show the information is necessary and effective for actuarial purposes. Genetic testing has become a hot-button topic as improvements in science and technology make the process faster, more affordable and easier to access. Canadians are increasingly getting genetic testing done to determine their ancestry, for reproduction planning and to find out their genetic predisposition to diseases such as cancer.

The CLHIA says insurers should have access to medical information to accurately assess the risk profile of potential clients. The group points to research by the Canadian Institute of Actuaries that found there would be a “substantial” impact on companies if they were denied access to genetic test data.

But the intention is not to turn clients away. The insurance group said any applicant denied life or health insurance will get help looking for other coverage – either by insurers or through advisers.

Since existing life insurance policies can’t be changed by subsequent genetic testing, the CLHIA suggests consumers “consider applying and obtaining insurance before undergoing genetic testing.” This maintains the “good faith” agreement, where both parties enter into the insurance agreement with equal knowledge.

“Insurers have one opportunity to assess whether to provide insurance. Those policies can last 40 or 50 years,” said Frank Zinatelli, general counsel of the CLHIA. “If it turns out [later] that you have some genetic condition that can affect you in a negative way, we’ve already made the promise.”

Jacqueline Nelson , Globe and Mail

FBI Plans Rapid DNA Dragnets

The FBI is preparing to accelerate the collection of DNA profiles for the government’s massive new biometric identification database.

Developers of portable DNA analysis machines have been invited to a Nov. 13 presentation to learn about the bureau’s vision for incorporating their technology into the FBI’s new database.

So-called rapid DNA systems can draw up a profile in about 90 minutes.

The Next Generation Identification system, or NGI, the successor to the FBI’s criminal fingerprint database, is designed to quickly ID crooks through facial recognition, iris matching, tattoo cross-checks and vocal recordings, among other unique traits.

But critics say aggregating DNA along with all this other data makes it easier for authorities to track the general population.

Various FBI divisions “are collaborating to develop and implement foundational efforts to streamline and automate law enforcement’s DNA collection processes” including at arrest, booking and conviction, according to an Aug. 19 notice about the industry briefing. The ongoing groundwork is expected to facilitate the “integration of Rapid DNA Analysis into the FBI’s Combined DNA Index (CODIS) and Next Generation Identification (NGI) systems from the booking environment.”

CODIS is the government’s central DNA database.

Rapid DNA Has Already Helped Cops Clinch Case

Rapid DNA analysis can be performed by cops in less than two hours, rather than by technicians at a scientific lab over several days. The benefit for law enforcement is that an officer can run a cheek swab on the spot or while an arrestee is in temporary custody. If there is a database match, they can then move to lock up the suspect immediately.

The Arizona Department of Public Safety uses $270,000 Rapid DNA machines developed by IntegenX and Morpho to develop investigative leads. Slides from a presentation reviewed by Nextgov indicate one potential application for the technology might include “Upload of Arrestee and Convicted Offender profiles at intake to a database (CODIS or other database).”

Rapid DNA analysis this summer helped clinch a case in South Carolina.

The Richland County Sheriff’s Department identified and tracked down a suspect in an attempted murder by using a machine to process genetic material from the suspect’s discarded clothing, authorities announced.

According to police, Brandon Berry brandished a gun and demanded money from a man on the sidewalk in the early morning hours of July 29. Police said Berry then wrestled the man, shot him in the lower body and fled. After Berry was apprehended around 11 a.m. that same morning, police said scans of Berry’s clothing contained both his and the victim’s DNA.

Booking Saliva Is Legal

The Supreme Court ruled last year that analyzing DNA from saliva, for example, is a legal part of booking a suspect, just like fingerprinting.

But Congress would have to intervene for rapid DNA results to be entered into the FBI’s databases.

Current law states DNA in CODIS must be processed at an accredited laboratory. A legislative tweak is needed to allow DNA processed by a portable machine to be entered into the FBI’s systems, bureau officials acknowledge.

But some privacy advocates warn it’s not a huge leap to go from using rapid DNA at the police station to using it out in the field on anyone’s discarded DNA.

Civil liberties groups were not invited to the November briefing, but the initiative has been discussed at various public conferences.

“The FBI invitation to vendors is essentially the same presentation with a focus on the technical specifications needed from the developers,” FBI spokeswoman Ann Todd said in an email.

Privacy Groups Worried About Police Stop-and-Swabs

Right now, congressional inaction and cost are the only difficulties standing in the way of pervasive use, said Jennifer Lynch, senior staff attorney for the Electronic Frontier Foundation.

“If you leave something behind, let’s say your trash on the sidewalk out in front of your house, then you’ve abandoned any kind of privacy interest in the trash,” she explained. “And so the cops can search through that trash without a warrant. That reasoning has been extended to DNA — if you leave your DNA behind, then the cops could get it without a warrant and test it.”

“If you consider DNA to be a form of ID, and the Supreme Court has already upheld state laws that allow officers to stop someone and ask for their ID, then this is the logical next step,” she added.

The civil liberties of minority groups, in particular, could be threatened by stop-and-swabs.

“If the cops are stopping more African Americans or Latinos and they have the ability to collect their DNA just at a stop, then it means that the DNA database is going to be even more heavily weighted with DNA from immigrant communities and different ethnic minorities,” Lynch said.

FBI officials say their program does not impact any laws currently governing the operation of CODIS. Rapid DNA techniques in booking stations, “will simply expedite the analysis and submission of lawfully obtained samples to the state and national DNA databases,” Todd, the FBI spokeswoman, said.

“The FBI will continue to apply cutting-edge technology to combat crime and protect the United States,” she added. “At the same time, the FBI remains vigilant in upholding the Constitution, the rule of law and protecting privacy rights and civil liberties.”

Not Ready to Roll Out Yet

In March, California Democratic Reps. Eric Swalwell, Mike Honda and Barbara Lee wrote a letter requesting the FBI test rapid DNA analysis at booking stations to “assess its viability for broad deployment.” They argued the shift would help ID or clear suspects quickly and free up lab resources to reduce a multiyear rape kit backlog.

FBI officials say there are multiple matters, including changing the accredited lab statute, that must be dealt with before rolling out rapid DNA matching. The machines would have to be certified, for instance, and police would have to be trained to handle the tools.

“Given the number of important issues that need to be addressed, coupled with the need for legislative changes, it is difficult to estimate when law enforcement agencies will be able to search DNA profiles developed by a rapid DNA instrument,” Todd said.

In the meantime, the potential cataloging of hordes of DNA samples in a central government database is compounding concerns about domestic espionage.

“Your DNA data could be linked to all the other biometric and biographic information about you that is already in NGI,” Lynch said. “Because we discard DNA wherever we go, this allows the government the ability to further surveil people without their knowledge.”

Aliya Sternstein , Nextgov

For Sale: Your Name and Medical Condition

Dan Abate doesn’t have diabetes, nor is he aware of any obvious link to the disease. Try telling that to data miners. The 42-year-old information technology worker’s name recently showed up in a database of millions of people with “diabetes interest” sold by Acxiom (ACXM), one of the world’s biggest data brokers. One buyer, data reseller Exact Data, posted Abate’s name and address online, along with 100 others, under the header Sample Diabetes Mailing List. It’s just one of hundreds of medical databases for sale to marketers.

As the population ages and consumers share more health data about themselves online, a burgeoning industry of data miners has emerged, scooping up often-personal medical data and selling it to marketers. While that’s a boon for companies trying to pitch products, privacy advocates warn that collection practices can cross the line. “People would be shocked if they knew they were on some of these lists,” says Pam Dixon, president of the nonprofit advocacy group World Privacy Forum. “Yet millions are.”

The lists sell for pennies a name and cover some of the most sensitive medical conditions. A database of 1.2 million people taking medication for depression costs 9.5¢ a name, and a list of almost 900,000 erectile dysfunction sufferers goes for 18.5¢ a name. For 15¢ apiece, you can buy 2.2 million households where someone has Alzheimer’s disease. The same fee will buy access to 600,000 with Parkinson’s disease.

More than 1,400 companies sell consumer data. Corporations spent $7 billion in 2012 for access to lists and databases with bits of information on individuals—ranging from whether someone owns a pet to what medication he takes—to better target their ads, according to a study commissioned by the Direct Marketing Association, a data broker trade group. Acxiom reported revenue of $1.1 billion last year.

Americans are used to being sliced and diced along demographic lines. Yet collecting massive quantities of intimate health data is relatively new territory, and many privacy advocates say it has gone too far—especially as data companies refuse to identify buyers of their lists, citing confidentiality. “It is outrageous and unfair to consumers that companies profiting off the collection and sale of individuals’ health information operate behind a veil of secrecy,” says U.S. Senator Jay Rockefeller (D-W.Va.). “Consumers deserve to know who is profiting.”

In May, the Federal Trade Commission recommended that Congress put more protections in place to ensure consumers know how the details they’re sharing are going to be used. Although there is a federal law protecting patient privacy, the Health Insurance Portability and Accountability Act, it applies only to information shared with health-care providers, medical facilities, pharmacies, and insurers along with their business associates. Everything shared outside that context is fair game to marketers, making it legal for data brokers to sell information about someone’s maladies if it was obtained or shared on a website registration form or an online survey.

“It’s not illegal at all,” Dixon says. “If a person reveals health information to a third party outside of the health-care context, that information doesn’t have any legal protection under HIPAA.”

The companies selling the data say it’s secure and contains information only from consumers who want it shared with marketers so they can learn more about their condition. The Direct Marketing Association says it has mandatory guidelines to ensure the data is ethically collected and used, and a website that allows consumers to opt out of receiving marketing material. “We have very strong self-regulation—we have for more than 40 years,” said Rachel Nyswander Thomas, the association’s vice president for government affairs.

Yet the ease with which data about Dan Abate was found in a Google search suggests the process isn’t always secure or transparent. Abate says he never agreed to be included on a list related to diabetes, and the only connection he can think of that may have landed him on the list are a few cycling events he participated in to raise money for the disease. “I don’t have diabetes,” he says, “and I don’t want my information out there to be sold.”

The diabetes mailing list containing Abate’s name was on the website of Exact Data in a section of sample lists that included dozens of other categories, such as gamblers and pregnant women. The diabetes list contained 100 names, addresses, and e-mails. Exact Data Chief Executive Officer Larry Organ says the list posted on its website shouldn’t have included last names and street addresses, and the company has since deleted any identifiable information. He says the data came from Acxiom, and Exact Data was reselling it. The Acxiom list was compiled by various sources—surveys, website registrations, and summaries of retail purchases—that indicated someone in the household has an interest in diabetes, said Ines Gutzmer, an Acxiom spokeswoman.

By Shannon Pettypiece and Jordan Robertson, Bloomberg Businessweek

FBI Adds Facial Recognition To Biometric ID Toolkit

Dimples, creases and hair patterns could soon supplement the art of fingerprinting now that the FBI’s Next Generation Identification System is fully operational. The facial recognition system has yet to be proven effective but has police agencies as excited as it has privacy groups nervous. The ambitious technology, dubbed the NGI System by the bureau, has been in development for years in an attempt to expand the FBI’s biometric abilities.

Used as a form of identification, examples of biometric characteristics include an individual’s DNA, palm veins, retina, gait and voice characteristics, among other traits. Indeed, facial recognition is only one component of the FBI’s system.

“This effort is a significant step forward for the criminal justice community in utilizing biometrics as an investigative enabler,” the FBI said in a statement Monday.

“Rap Black” is one of the first FBI services to use the technology. It allows agents to receive “ongoing status notifications” on any criminal activity reported “on individuals holding positions of trust, such as schoolteachers,” the statement said.

Another is the Interstate Photo System, which deploys facial-recognition technology to help law enforcement, including probation officers, parole officers and more than 18,000 police agencies, compare images captured with cameras on the interstate system with those in criminal databases. The IPS has drawn the attention of privacy watchdogs, though, for its reported plan to mix mug shots with non-criminal images, including pictures from employment records and background-check databases.

“Currently, if you apply for any type of job that requires fingerprinting or a background check, your prints are sent to and stored by the FBI in its civil print database,” the Electronic Frontier Foundation said in August.

“However, the FBI has never before collected a photograph along with those prints. This is changing with NGI. Now an employer could require you to provide a ‘mug shot’ photo along with your fingerprints. If that’s the case, then the FBI will store your face print and your fingerprints along with your biographic data,” EFF said.

The IPS, which is expected to collect 52 million facial images, is only one phase of the NGI system, the FBI said. It also includes enhanced fingerprint capabilities and could focus on beards and social media tendencies. Documents obtained by the EFF indicate the database will include 4.3 million civilian images that will be stored in two categories “Special Population Cognizant” and “New Repositories,” neither of which were defined. Bureau officials have argued the pictures will appear on a “candidate list” meant to produce an “investigative lead,” not an effective identification.

The FBI has almost completely eliminated the need for a manual fingerprint review and has reduced the fingerprint processing time to approximately 0.7 seconds, according to bureau figures. The next step is to improve on that, biometrically.

“The National Palm Print System will provide a centralized repository for palm print data that can be accessed nationwide,” the FBI said in an explanatory blog post. The new method aims to increase accuracy while improving search capabilities for an agent trying to identify a murder suspect, for example, who left only an imprint of his palm veins, not a traditional fingerprint.

While such police tactics have made privacy advocates nervous, a recent investigation by Boston police made it clear facial recognition technology remains far short of the capabilities found in science-fiction.

Police officials conducted a pilot facial recognition program at the Boston Calling music festival in 2013, working to match attendees’ faces with their social media profiles. They used software that identified people based on physical characteristics including skin tone, eyeglasses, torso dimensions and hair volume. The technology would have had Philip K. Dick — whose works inspired cautionary tales like “Minority Report” — rolling in his grave, only it proved largely unreliable and still years off the mark.

Jeramie Scott, national security counsel with the Electronic Privacy Information Center, previously told the National Journal the new investigative techniques could come with strings attached. “One of the risks here, without assessing the privacy considerations, is the prospect of mission creep with the use of biometric identifiers,” he said.

Jeff Stone, International Business Times

Disappearing Privacy

The other day, I got an email from the National Institute of Justice, the arm of the United States Department of Justice that funds much of the research that’s conducted on crime and justice issues.  The title of the email was “Purchasing Through-the-Wall Sensors? Read a New Report.”  Even though I’m not in the market for a “through-the-wall” sensor, I read the report anyway.  In a nutshell, it discussed the value and effectiveness of various devices that can essentially, well, see through walls.  Indeed, such devices could come in handy for law enforcement when buildings are on fire, or collapse, or during tactical or hostage situations.  But this got me thinking….  Might this technology, or a more advanced variant of it, be used for other applications as well?  Wouldn’t this sort of technology also be useful for the police as they drove down the streets to see, or hear, what is going on inside of houses?  Wouldn’t this be great?  Fights and arguments could be interrupted before they turn into homicides!

There is only one problem: Do you want the police to have the ability to see what you are doing inside of your house?

A couple hundred years ago we came to the conclusion that individual privacy is precious and is to be protected.  Privacy was seen as a basic right of citizens.  The 4th Amendment to the United States Constitution said so.  When the 4th Amendment was first crafted, searches of citizens could only be conducted by authorities when they had good reason, or probable cause, to suspect involvement in criminal activity and when they had a warrant.  But over time, the 4th Amendment has been re-defined and re-interpreted.  Now, the overwhelming amount of searches that are conducted by the police are without “probable cause” or a warrant, and these searches are perfectly legal.  Some people would argue that the 4th Amendment is but a shell of what it used to be.

Generally speaking, the police can conduct searches without a warrant or probable cause in emergencies, of vehicles and certain other places, in stop and frisk situations, when citizens consent to searches, as well as in several other situations.  With the passage of the USA Patriot Act in the aftermath of the terrorist attacks of September 11th, governmental authority to conduct searches expanded again, as we were reminded with the revelations of Mr. Edward Snowden last year.

It is fair to say that our privacy continues to slowly disappear.  As I explain to my students in my Criminal Investigation class at UW Milwaukee, it is kind of like watching grass grow or paint dry.  Because it is happening slowly, many people don’t even realize its happening.  Or, at least for the younger generation, because they never realized they had it, they don’t realize they have anything to lose.   At the least, some of the loss of privacy we enthusiastically accept.  For example, if you’ve used Google Maps, satellite or street view, if you’ve talked on your cell phone in public to have a private conversation, or used certain features on Facebook or other social media sites, then you know what I’m talking about.  Each of these things whittles away our privacy.  By the way, some listeners might remember before there were cell phones there were public pay phones, and often those phones were located in booths, where you would step inside and shut the door in order to keep your conversation private.  Not anymore!

The technology available to law enforcement continues to challenge what the courts call “reasonable expectation of privacy.”  For example, the law prohibits the police from conducting strip and body-cavity searches on the street, but when I went to the airport last week, I and everyone else who passed through security underwent a perfectly legal electronic strip search.

That same logic could be applied to other technologies as well; some are under development, some are already available, such as “through-the-wall sensors.”  Or how about cameras that are located everywhere?  Or cameras that can see through clothing?  What about tiny drones outfitted with cameras that can follow people or look through windows?  Or devices that can detect brain activity as an indicator of deception?  Or technology that can quickly search billions of email messages for specific senders, recipients, and key words.  Law enforcement technology that effectively tracks the location of cell phones is continuing to advance.  DNA is being collected, and stored, from more and more people.  Work is being done in various places to create massive databases of personal information for law enforcement purposes.  All of this is being done for the benefit of crime detection and criminal apprehension.

Is this what we want?

Well, it depends on your perspective.  At the very least, it is important to realize three things.  First, technology is not inherently all good.  We should realize that for as much good that technology produces, there is also bad.  In this light, technology is a double-edged sword.  Second, and more specifically, we must realize that the development and use of technology for law enforcement purposes has costs and benefits.  Some costs are financial:  It cost money, taxes, to develop and deploy technology.  If we think technology is great, then we have to be willing to pay for it.  Other costs are in the form of less privacy and fewer individual freedoms.  Finally, we must realize that less privacy doesn’t necessarily mean less crime, or more effective criminal apprehension.  The deployment of some of these technologies may impact the ability of the police to prevent and detect certain crimes, but not always.

The bottom line here is this: Technology and laws are slowly eroding our privacy.  That might be okay for most of us if there are crime control benefits that follow, but that is not necessarily the case.  What we are left with then is just less privacy.

Steve Brandl , NPR

Appellate judges hear arguments on police use of DNA test

Three Connecticut Appellate Court judges heard arguments over whether Kevin Benefield’s consent to provide a saliva sample in 1986 covered a more sophisticated DNA test in 2009 that helped get him convicted.

“In 1986, no objective reasonable person could have known they could get a DNA profile from a saliva test,” said Benefield’s appointed lawyer, Daniel Krisch. “The development of DNA testing was a quantum leap in police work.”

In 2012, Benefield was convicted of murder in the killing of Barbara Pelkey, a mother of four children who worked the overnight shift in a Wallingford industrial park. Benefield was one of dozens of park workers who agreed to provide saliva samples in the early days of the murder investigation. Another man, Kenneth Ireland, was ultimately charged and convicted of the crime and spent 21 years in prison. But a DNA test sought by Ireland’s lawyers at the Connecticut Innocence Project cleared Ireland and brought a fresh round of testing that eventually implicated Benefield.

Senior Assistant State’s Attorney Ronald Weller argued that Judge David Gold made the right decision when admitting the DNA evidence at the trial.

“Once the defendant gave that sample, he relinquished all expectations of privacy in that sample,” Weller said. “He can’t put it back in his mouth. A defendant who doesn’t place a scope of limitation on consent cannot place a limitation on appeal.”

Judges Douglas Lavine, Michael Sheldon and Raheem L. Mullins questioned the attorneys on cases in the Connecticut Supreme Court and U.S. Supreme Court regarding law enforcement and ever-evolving technology.

Lavine asked Weller if a person gives consent to search his home and a year later new technology develops does that mean that police have unlimited power to return to the home? Weller responded that a new warrant would be needed, but that another test of a saliva sample is not the same as another search of a home.

Sheldon asked Krisch that if the saliva sample was taken in September 1986 but a new saliva test was introduced in October 1986, would Benefield’s sample be exempt from undergoing that test. Where is the time cutoff?

Weller argued that Benefield had ample time to restrict his consent on the saliva sample when it was taken and after Ireland was incarcerated and released. He also had the option not to consent to a sample.

“If you want to limit the search, you have to do it,” Weller said outside of court.

But Krisch countered it’s unreasonable to expect a defendant to say you can do test A but not test B.

A written decision is expected in two to five months, Krisch said.

Mary Ellen Godin Record-Record Journal


Judge warns privacy of DNA at stake after ruling

As the state’s highest court upheld this week a Harford County rape conviction based on DNA collected from the arm of a police station chair, a veteran judge issued a stark warning about the consequences of the ruling.

“The majority’s approval of such police procedure means, in essence, that a person desiring to keep her DNA profile private, must conduct her public affairs in a hermetically sealed hazmat suit,” Judge Sally D. Adkins wrote in a dissenting opinion.

The rapist, Glenn Joseph Raynor, had challenged his conviction, arguing that police were wrong to swab his genetic material from the chair after he had refused to consent to giving a sample. But four judges of the Court of Appeals disagreed, ruling that police are free to scoop up DNA wherever they may come across it.

Raynor’s attorney could not be reached for comment.

The case reflects the continuing debate in Maryland and across the nation about the use of DNA and other technology to solve crimes. Forensic and digital evidence can be powerfully persuasive at trial, but some privacy advocates worry that it could be abused — especially as the technology to analyze the information improves.

Writing for the majority in Raynor’s case, Chief Judge Mary Ellen Barbera said the way police got Raynor’s DNA and what they did with it is just like how they might have acted if they got his fingerprints.

“The police would have analyzed the fingerprints to reveal their identifying characteristics and compared them to any fingerprint evidence collected at the victim’s home,” she wrote. “The only distinction that reasonably can be drawn is that the DNA test results in the present case directly linked Petitioner not merely to the crime scene but also directly and with certainty to the rape of the victim.”

But Adkins looked at the decision as giving police the unfettered ability to scoop up DNA and use it, and said people should be given better privacy protections over information that can be collected even without physically intruding on their body or property.

“The ongoing debate regarding cloud technology and collecting intangible data depicts the tremendous intrusions that can occur without a physical invasion,” she wrote.

Adkins compared the issue to another battle over technology and crime fighting that is brewing over the use of cell tower location information. One federal appeals court has already required police to get a warrant before collecting that data; lawyers for two convicted Baltimore robbers are seeking a similar ruling.

“I strongly submit that a person’s DNA deserves at least as much protection as one’s whereabouts based on cell phone data,” Adkins wrote.

 Ian Duncan, The Baltimore Sun

When Big Data & Infants’ Privacy Collide

For decades, hospitals have conducted blood tests on newborns, checking babies for various conditions, treatable and not. Today’s less costly tests, genomic research, and technological advances, coupled with differing policies across states, worry some privacy and ethics advocates.

Whereas some states allow parents to opt-in for testing, others have an opt-out approach. Critics argue parents have little to no say in whether this data is collected, where and how long it’s stored, and what organizations do with this information. Lower genome testing costs sparked debate about researchers’ right to use this information; who should learn of infants’ chronic conditions and when; and the type of data government, researchers, payers, or healthcare providers can cull. Other concerns surround the storage and transmission of data that’s not de-identified and its potential theft.

“With genetic testing, you always have to find out the results. You need counseling. You deprive the child of genetic privacy forever,” said Twila Brase, president and co-founder of the Citizens’ Council for Health Freedom. “The only person who should sequence a person is the person.”

Policies vary by state — and by legislation.

In May, Minnesota Gov. Mark Dayton signed a law allowing the state to indefinitely store blood spots for future research. Parents can opt out. In New York, parents can decline testing for religious reasons, said the Wadsworth Center, NY Department of Health, which screens the state’s newborns for more than 40 inherited metabolic conditions.

Opting out of a process, especially when parents typically receive a pamphlet on DNA collection within 24 hours of birth, is not informed consent, said Brase. In response to a lawsuit, Minnesota in 2011 destroyed all previously collected blood samples. Likewise, in 2009 Texas destroyed more than 5 million samples after plaintiffs successfully argued the state failed to get parental authorization. Parents, fearful their infants’ DNA would be stored in perpetuity and potentially used by groups such as law enforcement or insurance companies, argued the collection violated constitutional protections against unlawful search and seizure. After this lawsuit, another family worked with the Texas Civil Rights Project to sue Texas regarding at least 8,800 samples that could not be destroyed because they were in the hands of the federal government for use in a DNA database designed to identify missing persons and solve cold criminal cases. This national database of mitochondrial DNA includes de-identified DNA information, Texas officials told the Texas Tribune at the time.

Some people wanted Texas officials to individually contact parents for retroactive permission to store the data. But that would have been expensive and time consuming.

“The state kept those blood spots, de-identified them, and then stored and used the blood spots for research. People found out about this and were upset because the government kept their infants’ DNA without parental consent,” Brenda Tso, a healthcare attorney at Khouri Law Firm told InformationWeek. “In reaction to the Texas Department of State Health Services blood spot fiasco, the legislature passed a law requiring that a disclosure statement be given to parents about their infant’s blood spots being collected, stored, and used for research. Under the law, parents can request to have the blood spot destroyed. When the infant reaches adulthood, he can also request to have his blood spot destroyed.”

As a result, millions of blood spots were destroyed, said Tso, who worked on public health legislation for the Texas House of Representatives in 2011.

Destroying samples after researchers conduct infant tests and allowing parents to opt-in to further testing would promote transparency and trust, privacy advocates have said. This way, healthcare organizations could continue checking babies for inherited diseases while preventing newborns’ DNA from further use or inclusion in any database, state or national.

Alison Diana , Information Week