Dagstuhl Seminar 13412
Genomic Privacy
( Oct 06 – Oct 09, 2013 )
Permalink
Organizers
- Kay Hamacher (TU Darmstadt, DE)
- Jean Pierre Hubaux (EPFL - Lausanne, CH)
- Gene Tsudik (University of California - Irvine, US)
Contact
- Andreas Dolzmann (for scientific matters)
- Annette Beyer (for administrative matters)
Schedule
Recent advances in genomics prompt a formidable privacy challenge: As the price of a complete genome profile has plummeted to as low as 99 USD for genome-wide genotyping, wide-spread usage of genomic information is about to become reality. Whole genome sequencing is also offered through the same direct-to-consumer model, albeit, at a higher price. Substantial progress is expected in the near future in terms of improved diagnoses and better preventive medicine.
The impact of increased availability of genomic information on privacy, however, is unprecedented, for obvious reasons: First, genetic conditions and predisposition to specific diseases (such as Alzheimer's) can be revealed. Second, one’s genomic information leaks substantial information about one’s relatives. Third, complex privacy issues can arise if DNA analysis is used for criminal investigations, epidemiological research, and personalized medicine purposes.
In order to begin the process of exploring both challenges and potential solutions, this workshop aims to bring together researchers in bioinformatics, genetics, computer science, as well as scholars in law and ethics. The goal is to discuss many facets of genomic privacy and jointly identify measures and techniques to protect genomic data. Examples of issues to be debated include:
Technical Perspective
- How to secure genomic data after sequencing?
- To what extent do intermediate data (e.g., BAM files) need to be secured?
- How to authorize and secure sequencing labs?
- How to authenticate sequenced (digitized) genomic data?
- How to ensure that individuals can sequence (only) their own genomes?
- How long does individual’s genomic data need to be protected?
- How real is the risk of being incriminated by synthetic genomic material planted at a crime scene?
- What privacy enhancing techniques can be envisioned specifically for genomic data?
Privacy Mechanisms & Regulations, Ethics
- Does it make sense to quantify genomic privacy?
- What if some people publish their genome online against the will of their relatives?
- Which ethical guidelines can be adopted from traditional privacy regulations?
Medicinal Perspective
- Would medical specialists accept to have only a partial view on genomic data?
- How are epidemiological studies and biobanks affected by legal and/or technical restrictions?
Patients’ Perspective
- What are the privacy implications of direct-to-consumer genetic offers such as 23andMe and Knowme?
- How relevant are health-related online social networks such as PatientLikeMe or CureTogether in terms of privacy?
- Can one’s genomic information be outsourced to some (perhaps specialized) cloud storage service?
Economics
- What are economic implications of genomic privacy? Of its neglect? Is there potential for a service industry securing genomic data? What would be the relation between secure genomic data providers/handlers and cloud companies?
The Dagstuhl seminar 13412 "Genomic Privacy" was a short two-and-a-half-day seminar, the first one on this topic ever, which took place from October 6th to 9th, 2013. The aim was to bring together researchers, from various research areas related to genomic privacy, and to inspire them to exchange theoretical results, practical requirements and ethical and legal implications related to the protection of genomic data. The rise of personalized medicine on the background of available, individual genomic sequences is taken for granted in the biomedical community. Impressive advances in genome sequencing have opened the way to a variety of revolutionary applications in modern healthcare. In particular, the increasing understanding of the human genome, and of its relation to diseases and its response to treatments brings promise of improvements in preventive and personalized healthcare. However, because of the genome's highly sensitive nature, this progress raises important privacy and ethical concerns that need to be addressed. Indeed, besides carrying information about a person's genetic condition and his predisposition to specific diseases, the genome also contains information about his relatives. The leakage of such information can open the door to a variety of abuses and threats not yet fully understood. During the seminar, these points were addressed in particular:
- Expression and Requirements: What should be protected? For how long? Against whom? Who should be liable? Who would manage cryptographic keys? Anonymity vs. cryptography?
- Privacy Mechanisms & Regulations: What privacy enhancing techniques can be envisioned specifically for genomic data? What if some people publish their genome online against the will of their relatives? Which ethical guidelines can be adopted from traditional privacy regulations?
- Medical Perspective: Would medical specialists accept to have only a partial view on genomic data? How are epidemiological studies and biobanks affected by legal and/or technical restrictions?
- Patient Perspective: What patient's involvement can be reasonably expected? `Can a person's genomic information be outsourced to some cloud storage service?
- Economics: What are the economic implications of genomic privacy; of its neglect?
The seminar fully satisfied the expectations. All participants briefly self-introduced themselves. Some of them were invited by the organizers to give survey talks about their recent research on genomic privacy, thus facilitating and encouraging inter-disciplinary discussions during the morning sessions. There were talks focusing both on the definition of the requirements for the efficient and secure implementation of genomic medicine and on the possible solutions to be addressed. The afternoon sessions were devoted to working groups.
The second day was focused on the possible technical solutions that can be used to ensure genomic privacy. If, on one hand, there are computational expensive cryptographical approaches such as homomorphic encryption or secure multi-party computation that guarantee accuracy at the expense of flexibility and increasing complexity, on the other hand there are also statistical-based solutions such as differential privacy, which are less accurate but more flexible and less expensive in terms of computational and complexity costs. The first speaker of the day, Andreas Peter (University of Twente, NL), described his ongoing work on how to securely outsource genomic sequences in a privacy-preserving way by relying on an oblivious RAM construction. The second talk, by Erman Ayday (EPFL - Lausanne, CH), provided an overview of the activities on genomic privacy in Lausanne. Ayday first focused on how to protect and evaluate genomic privacy in the clinical context, he then showed how to process in a privacy-preserving fashion raw genomic data; and finally he described how to quantify kin genomic privacy. The third speaker of the morning, Vitaly Shmatikov (University of Texas - Austin, US), discussed about how to conduct privacy-preserving exploration in Genome-Wide Association Studies (GWAS). He presented a set of privacy-preserving data mining algorithms that produce significantly accurate results while guaranteeing differential privacy. Finally, the second-day morning session was closed by Emiliano De Cristofaro's (University College London, GB) survey about how to begin to address privacy-respecting genomic tests by relying on privacy-enhancing techniques based on private set intersection operations.
The final day started with a talk by Xiaofeng Wang (Indiana University - Bloomington, US) about the privacy-preserving sharing and analysis of human genomic data. In particular, he described some techniques for secure outsourcing of genome analysis, and differentially-private pilot data release and data source selection. The remaining part of the morning was devoted to a general discussion about the seminar's outcomes. Due to the seminar and the multi-disciplinary interactions, it became clear that protection of simple genomic sequences is not enough for a full-privacy preserving approach. The organizers, together with the participants, agreed that this problem should be addressed in a sequel Dagstuhl-seminar. Hence, they set up a future work agenda in order to organize again such a fruitful gathering.
We thank Schloss Dagstuhl for the professional and inspiring atmosphere it provides. Such an intense research seminar is possible because Dagstuhl so perfectly meets all researchers' needs.
- Gergely Acs (INRIA - Grenoble, FR) [dblp]
- Erman Ayday (EPFL - Lausanne, CH) [dblp]
- Marina Blanton (University of Notre Dame, US) [dblp]
- Jurgi Camblong (Sophia Genetics SA - Lausanne, CH)
- Emiliano De Cristofaro (University College London, GB) [dblp]
- Zekeriya Erkin (TU Delft, NL) [dblp]
- Sky Faber (University of California - Irvine, US) [dblp]
- Jacques Fellay (EPFL - Lausanne, CH) [dblp]
- Kay Hamacher (TU Darmstadt, DE) [dblp]
- Urs Hengartner (University of Waterloo, CA) [dblp]
- Zhicong Huang (EPFL - Lausanne, CH) [dblp]
- Jean Pierre Hubaux (EPFL - Lausanne, CH) [dblp]
- Mathias Humbert (EPFL - Lausanne, CH) [dblp]
- Murat Kantarcioglu (The University of Texas at Dallas, US) [dblp]
- Florian Kerschbaum (SAP SE - Walldorf, DE) [dblp]
- Regine Kollek (Universität Hamburg, DE) [dblp]
- Klaus A. Kuhn (TU München - Klinikum Rechts der Isar, DE) [dblp]
- Reginald Lagendijk (TU Delft, NL) [dblp]
- Bradley Malin (Vanderbilt University - Nashville, US) [dblp]
- Srdan Marinovic (ETH Zürich, CH) [dblp]
- Satoru Miyano (University of Tokyo, JP) [dblp]
- Andrzej Mizera (University of Luxembourg, LU) [dblp]
- Muhammad Naveed (EPFL - Lausanne, CH) [dblp]
- Andreas Peter (University of Twente, NL) [dblp]
- Jean-Jacques Quisquater (University of Louvain, BE) [dblp]
- Jean-Louis Raisaro (EPFL - Lausanne, CH) [dblp]
- Roded Sharan (Tel Aviv University, IL) [dblp]
- Vitaly Shmatikov (University of Texas - Austin, US) [dblp]
- Amalio Telenti (University of Lausanne, CH) [dblp]
- Gene Tsudik (University of California - Irvine, US) [dblp]
- Xiao Feng Wang (Indiana University - Bloomington, US) [dblp]
Related Seminars
- Dagstuhl Seminar 15431: Genomic Privacy (2015-10-18 - 2015-10-23) (Details)
Classification
- security / cryptology
Keywords
- genomics
- genetics
- health data
- privacy protection
- differential privacy
- privacy by design
- information security
- cryptography
- secure computation