Response to Open Peer Commentaries on Toward a Framework for Assessing Privacy Risks in Multi-Omic Research and Databases.

In ‘Toward a Framework for Assessing Privacy Risks in Multi-Omic Research and Databases’ (Dupras and Bunnik 2021), we argued against the assessment of privacy risks and protection requirements based on broad biological data types. More specifically, we questioned the assumption that genomic data generally deserves greater caution than other omic data types. Rather, we argued, it is the presence or absence of privacy-relevant data properties—and their specific combination—that affect the level of risk and call for more or less elaborate privacy protection strategies. Privacy-relevant properties are not unique to genomic data; many are shared across various data types (cf. epigenomics, microbiomics, transcriptomics, proteomics, lipidomics, metabolomics, neuromics, phenomics, exposomics). Following an analysis of the similarities and dissimilarities between genomic and epigenomic data, we identified ten properties that may increase risk of reidentification using the data and/or the level of sensitivity of the information potentially conveyed by it. We also identified two potential interaction effects between data types (synergetic and correlative effects) that may further increase privacy risks. We then proposed the backbone of a framework for the assessment of privacy risks in the current time of unprecedented biological data diversification and integration. We are grateful to everyone who read and wrote commentaries in response to our proposal. These contributions rightfully highlight some of the limitations of our approach. Here, we expand on three important observations made by the commentators in relation to: (1) our focus on privacy as information concealment; (2) the difficulty of distinguishing intrinsic and extrinsic factors influencing privacy risks; and (3) the possibility that our framework may still be too exceptionalist. DIGNITY, PRIVACY AND CONFIDENTIALITY RISKS