Radio Interview about DNA

I was listening to the Today programme and came across this interesting discussion (realplayer) on DNA and privacy between Lord Mackenzie and Simon Davies from Privacy International. The introduction to the interview was about the following:

The number of crimes solved by DNA has quadrupled in five years. But what if there are mistakes?

What was interesting was the discussion about potential mistakes that could be made from contaminated DNA? It was defended on the grounds that such opposition (not the actual words used) could apply to fingerprints. What needed to be tightened were the procedural aspects when collecting the DNA of individuals.

Another area of discussion was the use of DNA collected. One example given by Davies was the reluctance by many police officers to volunteer their own DNA in a National DNA database on the grounds that this would be used for other purposes such as paternity testing.

Looking at this subject from a data protection perspective, it is disconcerting to find potential misuses arising from the collection of DNA ie. collected and used for purposes other than that which was originally intended. The Data Protection Principles (under Art. 6 of the Data Protection Directive 95/46/EC) states that:

1. Member States shall provide that personal data must be:

(a) processed fairly and lawfully;

(b) collected for specified, explicit and legitimate purposes and not further
processed in a way incompatible with those purposes. Further processing of
data for historical, statistical or scientific purposes shall not be considered as incompatible
provided that Member States provide appropriate safeguards;

(c) adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed;

(d) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that data which are inaccurate or incomplete, having regard to the purposes for which they were collected or for which they are further processed, are erased or rectified;

(e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the data were collected or for which they are further processed. Member States shall lay down appropriate safeguards for personal data stored for longer periods for historical, statistical or scientific use.

2. It shall be for the controller to ensure that paragraph 1 is complied with.

The data protection principles can be found in Schedule 1 of the UK Data Protection Act 1998. Although, we cannot ignore the potential benefits that have arisen through the use of DNA testing, we must also guard against the potential misuse from the DNA collected. The UK Data Protection Act 1998 and the Data Protection Directive 95/46/EC goes some way to address this, but more awareness (in my view) of this legislation in the context of genetic information is required.

For more information about genetic information, see the Human Genetics Commission website and a report (pdf) published back in 2000 on the public attitudes to the use of genetic information.