tl;dr
In this post, we summarise the comments we submitted in response to WHO’s Draft Principles for Human Genome Data Access, Use and Sharing, 2024. The past two decades have witnessed a rapid growth of genomics and biotechnology—unfortunately also underscored by a marked increase in instances where genetic information of tribal, indigenous, and local communities has been accessed for a variety of research and development purposes, without their consent or knowledge, and used without due credit or benefits being shared. Through our comments, we highlight our concerns on the present version of the draft principles, including reminding WHO of fundamental privacy principles it should adhere to while building this framework, suggesting expanding its scope of application, critiquing its erroneous presumption that Member States, especially of the Global South, possess the necessary health infrastructure and legal frameworks to protect human genome data subjects against potential breach and infringement of their right to privacy and data security, and so on.
Background
Human genome data (“HGD”) is a distinct category of uniquely identifiable personal information which can be used for a variety of purposes in research, welfare and governance. Its unique and inimitable quality lends to HGD being a highly sensitive category of biometric data which may easily be misused—if accessed, stored, or processed in poorly regulated or unsecure legal environments.
The incumbent Draft Principles for Human Genome Data Access, Use and Sharing, 2024 (“draft principles”) released by the World Health Organization’s (“WHO”) attempt to create an international framework to govern how entities—public or private—access, process, use and store HGD across Member States. It builds on the commonly respected equitable principle of benefit sharing in exchange for access to information, especially knowledge or data belonging to communities collectively.
The use of HGD can lead to better medical services for individuals and informed health governance for Member States, but it can also become a tool for widening social inequities. Prevalent practices of accessing and using gene data, especially in the global south countries like Africa, Latin America and some parts of Asia, have often lead to the disenfranchisement of data subjects by facilitating racial or ethnic profiling and resulting in targeted surveillance, or sociocultural exploitation of indigenous, tribal, and local communities for commercial gains.
Practices known as ‘ethics dumping’ or ‘helicopter research’, where researchers and commercially motivated entities from Global North countries travel southward to conduct clinical trials or acquire genetic samples, regrettably persist in the present day. It is perhaps these lacunae that the draft principles attempt to fill, which is a welcome endeavour. However, in our comments we tried to highlight other checkpoints, considerations and principles the draft must include in order to make it an equitable and mutually beneficial governance framework.
Summary of comments
Draft erroneously presumes health and legal infrastructure
The principles have been drafted in a manner which operates on the presumption that Member States possess the necessary health infrastructure, technical capacity—and most importantly—a robust legal framework to protect data subjects against breach or infringement of their right to privacy and data security of highly sensitive health data. A strong legislative framework includes but is not limited to an overarching data protection legislation anchored in globally accepted norms. Further, the right to privacy must also be judicially and legislatively recognized as a fundamental human right, along with legal safeguards, and prescriptive regulation for individual health data processing.
Additionally, a conducive infrastructure for accessing, processing or using HGD entails health system preparedness of Member State(s), i.e. existing capacities for extraction and sequencing, research leadership, medical record documentation, health information exchange, human oversight, and rights-affirming legal safeguards on data sharing, including grievance redressal mechanisms.
In this context, it must be highlighted that many jurisdictions in the global south lack one or both requirements mentioned above. Therefore, we recommended that the draft principles should establish minimum standards for cooperation, capacity building, technology transfer, and HGD collection and use by local and global entities to facilitate smooth adoption and governance by Member States with deficient or absent domestic frameworks.
Fails to distinguish between public and private use
We submitted that the principles must explicitly distinguish between access to and use of HGD by public and private entities. In light of the rapidly evolving role of genomics and DNA profiling in criminal justice systems across jurisdictions, law enforcement agencies are often able to process vast amounts of individual biometric samples without following preliminary consent and privacy frameworks. Private entities are legally bound by data protection laws, but the same cannot be said for law enforcement and public agencies which are typically exempt from these duties. Such public entities then become capable of using genetic traits, coupled with other personally identifiable information, to identify and profile individuals based on their ethnicity, religion, caste, class, location, political opinions, and so on.
Some governments are increasingly looking to create vast databases of genetic information for profiling or even targeted persecution. An often cited example in this regard is the use of DNA data by the Chinese government in its oppressive policies against the Muslim Uyghur population. In India, the controversial Criminal procedure (Identification) Act, 2022 allows law enforcement agencies to collect various biometric measurements of persons who are suspects, accused or incarcerated for the purposes of criminal identification, investigation, and documentation. Inherently lacking in consent mechanisms, such practices can help governments amass a large amount of detailed genetic information on their citizens, and use it for targeted policing and surveillance or to stifle dissent. Such databases are also easily shared within government departments, eventually creating 360 degree profiles of many unsuspecting data subjects. This procedure lacks preliminary safeguards like purpose limitation, and legitimise indefinite retention of highly sensitive identifiable data—of not only records of measurements in digital format, but also measurements themselves.
Vague terms may lead to data maximisation
The draft principles focus on human genome data, but this data is often linked with other health information crucial for interpretation of HGD. WHO encourages linking HGD with other health data when necessary without imposing unacceptable risks as one of its principles. We believe that such wide articulation of what comprises HGD can prove dangerous on implementation. This is because of the following reasons:
- No Definition of ‘critically important to interpreting human genome data’
The draft principles do not define health information “critically important to interpreting human genome data” but strongly encourage data subjects to share it. By sharing a large amount of health data along with HGD, the data subject may become vulnerable to their data being leaked, breached or misused, or make it possible for the processor to create 360 degree profiles which may be used to profile, target or surveil them. Safeguards must be strictly enforced against these possibilities, as genetic and associated data concerning the health of individuals falls under ‘special categories of data’ under commonly adopted privacy principles like GDPR which merits a higher degree of protection due to their sensitive personal nature. The easiest way to ensure that is by not encouraging collection of such excessive ancillary data.
- Overlinking of Health Information
The package-deal approach to gene data with other health data may pose many complex questions and create uncertainties for data subjects. An encouragement from WHO to collect ancillary health data alongside HGD may allow those seeking data to ask for an expansive amount of information without limitations or accountability, and data subjects may be compelled to comply due to lack of clarity. The processor may then permanently link health data with an individual and share it with third parties, potentially affecting research outcomes. This also sets the precedent for HGD to always be sought linked with health information, which is not always necessary to meet the processor’s objectives.
- Oversharing of Personal Information
Urging data subjects to liberally give access to more personal information than is asked for or required may undermine their data empowerment and make them unfairly used to oversharing personal information without asking requisite questions—a likely outcome in the Global South. Communities themselves may have reservations on giving away more data than required, an example is the Te Mata Ira Guidelines for Genomic Research with Maori in New Zealand which emphasised the need for communities to be cautious about sharing more health information with their genetic samples. Moreover, excessive data collection contradicts the commonly adopted principle of data minimisation, which is the expectation that a data processor will only collect information which is “adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.”
Member States have diverse legal environments when it comes to data protection, so what constitutes “necessary” and not imposing “unacceptable risks” will vary across the globe. The principles should have attempted to either define or standardise harms, especially if it wishes to keep the definition of HGD this wide and vague.
Inadequate consent framework
- Prior informed consent provisions can be bolstered
The draft principles state that consent should be specific and granular about potential data uses, detailing who is intended to benefit. Commonly accepted data protection norms stipulate that prior consent for data processing must be: freely and clearly given; informed as to the scope of the consent; specific as to the purposes of collecting or processing the data; and capable of being withdrawn at any time. This entails that the data subject should be familiarised with all relevant aspects of the use and destination of the sample—what kind of investigations the HGD will be subject to; what its conditions of storage and transfer will be; and what effect on the use of data the revocation of consent will have—as postulated in the Committee of Ministers’ recommendation on research on biological materials of human origin.
Further, any risks associated with providing access to their HGD must be clearly and most explicitly articulated at the time of seeking consent. Article 9 of the International Declaration on Human Genetic Data contemplates the right of a data subject to revoke their consent unless their HGD has been masked or anonymised, and though this is difficult to operationalise in research settings, the right (with its limitations) must be conveyed to the data subject. Along the same lines, there must exist an opt-out mechanism where the data subject can choose not to participate in subsequent secondary research.
Overall the draft principles provide vague guiding principles for consent but encourage communities, which may mean tribal, indigenous, and local communities, to participate in the development of consent models and processes. While we appreciate the inclusivity encouraged, we hope this principle is not misinterpreted by accessing entities to place the burden of developing and complying with consent requirements squarely on the communities providing HGD.
Low levels of data empowerment and digital literacy in such communities, and the global south generally, will surely impede data subjects’ ability to give free, informed, meaningful and enthusiastic consent. It is then incumbent upon those seeking data to make all feasible attempts to make the subjects comfortable, confident, and certain while giving consent.
- Must solve language barriers
The consent metrics provided in the draft principles are comprehensive, but WHO may consider adding the requirement to seek consent in the local language of the data subject or community. Language is a huge communication barrier for tribal, indigenous, and local communities, which has historically led to profound mistrust and failure to communicate requisite information.While the challenge of accurately translating words and concepts across dialects and cultures persists, those seeking access to HGD must make the closest possible attempt.
- Broad consent can set a dangerous precedent
The draft principles mention a scenario where specific consent is not adopted, proceeding with broad consent may be permissible in certain cases. We believe that providing any room for broad and sweeping consent sets an extremely dangerous precedent for data subjects—especially tribal, indigenous, and local communities. In 1990, the isolated and protected Havasupai tribe had consented to the collection and processing of their DNA samples by a set of Arizona University researchers in the hopes that they might find solutions to their fatal predisposition to diabetes; But they soon learned that their samples had been used to make a range of other research investigations that hurt their cultural sentiments or promulgated harmful rhetorics about the tribe—from inquiring into mental illness in their lineage and finding contradicting theories of their geographical origins. This is one among countless examples of consent given by data subjects, especially communities, being abused to pursue other objectives and other secondary research.
We recommended that this leeway be removed and commonly accepted data protection norms be prioritised for the collection of consent. Such loose exceptions only continue to create room for abuse against those least empowered. WHO may also supplement this framework with guided actions or checklists that help data processors ensure they are taking the requisite degree of consent.
If broad consent is sought in the beginning stages of accessing HGD, it must be accompanied by specific consent taken at each instance of data processing and sharing. Specific consent must be informed as to the entity with whom information is to be shared, the specific purpose for sharing, and the information that is necessary to facilitate the purpose. Moreover, ‘research’ is not a specific enough purpose—consent must be renewed at every new ‘research’ or investigation conducted on the collected samples.
- Data life cycle approach may create consent irregularities
The draft principles mention that the data life cycle of HGD can far exceed the life of the data subject—which raises the question of who becomes capable of giving consent after the death of a data subject, and whether taking substituted consent from the subject’s next-of-kin is proper legal or cultural practice. This may widely vary across Member States as substituted consent is a complex issue in both medicine and genomics due to diversity of beliefs. Some argue that processing one's genome data compromises their biological family's shared genetic information, requiring family members to give substituted consent on behalf of the data subject. The European Union’s Article 29 Data Protection Working Party postulated in 2004 that family members could collectively be considered data subjects when it came to genetic data processing.
Traditional genomics suggests that healthcare research is a shared societal responsibility that addresses fundamental human needs, without prioritising consent. Given these contradictions, the draft principles may face non-uniform interpretation and application by Member States, potentially leading to rifts in crossborder access and benefit sharing. Therefore, the draft principles must explore the complexities of consent or suggest uniform practices or interpretations for parties to follow.
WHO can set data security baselines
WHO recommends developing policies and procedures to prevent stigmatisation and discrimination arising from the association between genome data, community membership, and health status. However, due to varying legal landscapes and capacities of Member States, we believe that WHO may attempt to prescribe baselines for such protection. One of these may take the form of anonymisation of HGD which is one way of securing sensitive identifiable data from breaches and disclosures. However, anonymisation also has a few shortfalls like anonymising HGD will not make the data non-personal. The carte blanche given for processing and using anonymised personal data as ‘non-personal’ data ignores several attendant security hazards, and must be accompanied with access controls.
In a de-anonymised or raw state, certain genetic markers can reveal an individual’s geographical provenance with a high probability, and, in the wrong hands, can become precise tools in population genetics and forensic studies. We encourage WHO to add guidance on efficient methods and models of anonymisation of HGD.
“Benefit-sharing” cannot substitute states’ duties to provide entitlements
Though access and benefit sharing models are prevalent and respectable ways of equitably compensating data subjects for their contributions, the concept of “benefits” in exchange for access to data must never substitute the duty of the sovereign state to provide essential entitlements and services to its citizens. For instance, access to primary healthcare can never be contingent upon whether a citizen has first given access to their health data. Citizens have a fundamental and natural right to access equitable health services and security as a human right. Member States have a responsibility to consistently ensure citizens' constitutional and legal protections, regardless of their participation in clinical trials.
Ensuring transparent access and benefit sharing frameworks
Data subjects may have a right to know the general results of the scientific research and advancement in which their samples are used—drawing from their recognised right to science and the right to informational self determination. The International Data Sharing Global Alliance for Genomic and Health’s Framework for Responsible Sharing of Genomic and Health-Related Data is an insightful guiding resource that requires its researchers to provide transparent information on data transfer to third parties; international transfer of data; terms of access; duration of data storage; identifiability of individuals and data and limits to anonymity or confidentiality of data; communication of results to individuals and/or groups; oversight of downstream uses of data; commercial involvement; proprietary claims; and processes of withdrawal from data sharing. We recommend WHO to suggest model benefit sharing agreements to guide new or small researchers on what equitable contracts may look like.