The BIOSECURE Act, now rolling through Congress, aims to protect the DNA data of Americans from companies with perceived national security risks. That is a noble goal. But the legislation’s misguided approach would single out a small number of companies, including the California-based company I founded in 2005, Complete Genomics, despite the fact that we have no access to such data. It would also let many companies with large volumes of DNA data sell or transfer this data without any legal protections.
Personal DNA data is some of the most sensitive data humans now possess. It contains a blueprint of who individuals are, from their hair and eye color to clues about diseases that may one day affect their lives. While it is critically important that this information be explored by leading laboratories and researchers, it is just as important that it is kept secure, particularly in an increasingly connected world.
The approach to data protection embodied in the BIOSECURE Act is flawed. It not only narrowly targets a small number of companies like mine that don’t have access to personal DNA data, but it also would leave large swaths of personal DNA data held by companies not subject to this legislation — including companies that trace family histories and maintain data on millions of Americans — uncovered, potentially leaving huge numbers of Americans vulnerable to data breaches that could place their most sensitive information in the hands of bad actors.
This article is exclusive to STAT+ subscribers
Unlock this article — plus in-depth analysis, newsletters, premium events, and news alerts.
Already have an account? Log in
To submit a correction request, please visit our Contact Us page.
