Brooklyn Law School graduate does research on growing trend of genetic data collection

BLS grad: HIPAA doesn’t always protect us when it comes to emerging technologies

July 16, 2018 By Rob Abruzzese, Legal Editor Brooklyn Daily Eagle

Recent Brooklyn Law School graduate Brittany Bell got the idea from her research paper after talking to her professor about HIPAA protections and realizing that they do not extend to modern technologies. Eagle photo by Rob Abruzzese

Share this:

Concerns over the sharing of private data are regular for users of social media like Facebook, banks such as Wells Fargo and even stores like Target. One Brooklyn Law School student hopes that consumers need to protect themselves from bad actors like that, but must be increasingly aware of privacy breaches concerning our DNA.

“Yes, Facebook has some personal information, like they know that I’m a runner and they’re out there selling that information to companies, but DNA is something so much more personal and it’s you can’t change,” said Brittany Bell, a recent graduate of Brooklyn Law School. “You can change your hobbies, you can even change your hair color, but you cannot change your DNA.”

Bell is a Queens native who graduated from the law school in May. As part of her independent research project required to graduate, Bell looked at the collection of genetic information and other health and medical information by groups such as Ancestry.com and the owners of Fitbit.

“It started when I was talking to a professor about HIPAA [the Health Insurance Portability and Accountability Act of 1996] and how it determines how and when companies and doctors can turn over or sell our health records,” Bell recalled. “I was thinking about that at the same time a friend was talking about their Fitbit and it started to creep me out because Fitbit wouldn’t be an entity covered under HIPAA.”

Despite the fact that this is not an issue often debated, it is one of growing concern. Law enforcement agencies are more often relying on emerging technologies, including use of Ancestry.com’s database, to solve crimes. But there are currently very few laws on the book regarding what can and cannot be turned over or even sold to private companies.

“There are privacy settings, but when you look into it, it states that some of them can be changed without your notice,” Bell said. “Sometimes it says they’ll give it to police only in limited circumstances, but for HIPAA, that means something, it’s defined. It’s not a company thinking, ‘I don’t really want a scandal, just take the info.’”

There have been published reports about law enforcement agencies that have successfully made arrests when working with the Ancestry.com database. However, there have also been published reports of innocent victims being locked up for as long as a month based on a false-positive using that same database.

Then there are also data breaches to worry about. Without regulations in place, companies are not motivated to prevent attacks similar to the one on Ancestry.com in December that leaked 300,000 user credentials, according to reports. More recently, the website MyHeritage.com was hacked and data on more than 92 million users was compromised, according to reports. That company denies that the data included medical histories and biological relationships

Bell said that she wanted to put forward research that will hopefully raise awareness so that people can protect themselves and advocate for changes in the law. A start, Bell said, would be to enact similar privacy laws in the U.S. that the European Union just enacted that gives people the right to know what information is being collected on them and how it’s being shared.

“Brittany is in the vanguard of a trend uplifting Brooklyn Law Students and their cohort of peers in law schools across the country,” said Brooklyn Law School’s former Dean Nicholas Allard, who recently resigned to write a book. “Simply put, they are discovering that law and law school are the gateway to meaningful engagement in the issues of our age, and that they do not have to wait to earn the JD and law license to tackle developments that most matter to them and society — such as privacy, equal rights, immigration laws, international trade and business regulation, to mention a few ripped from the headlines.”