PRIVACY + SECURITY BLOG

News, Developments, and Insights

Genetic Privacy

In his first post to the relatively new Chicago Law Faculty Blog(which has turned out to be a really interesting blog by the way), Professor Richard Epstein argues against my recent post about genetic testing in the workplace. Epstein disagrees with my general view that it is better to restrict employers from using genetic information in making employment decisions.

Epstein’s argument is based in part on his view that privacy is a form of misrepresentation, tantamount to a kind of fraud by concealing disreputable and harmful information. In this regard, he agrees with his colleague, Richard Posner, who makes a similar argument. If a person knows he will drop dead in a month from a fatal disease, it would be fraud to deliberately conceal this information on a life insurance application. So why not when seeking employment, Epstein asks, since employers often invest heavily in training a person?

Epstein contends that genetic information should not be treated differently than other information – there is nothing that makes genetic information any more special than other health information. He argues that “genetic information is in principle no different from any other kind of information that can be asked about a given person.”

Genetic information, however, is sometimes different than other forms of health information in that genetic testing often doesn’t reveal the presence of a particular disorder, just the fact that a person is at a higher risk than normal to develop such a disorder. People with genetic predispositions for certain disorders can be perfectly fine at present, and they may never develop the debilitating condition. Should they be treated disadvantageously because of the greater possibility of developing some future condition? In a way, they are being treated differently from others because we are better able to assess the risk for their potential health disorders. In other words, people with predispositions to develop genetic conditions often come with more information than people who might develop non-genetic conditions. The information becomes a curse, a form of baggage that can result (at least partially) in that person already being treated as if she has the condition she is predisposed for.

It is true that it is rational for employers to discriminate against people with genetic conditions. But I believe it is rational for society to limit the extent to which employers can discriminate on this basis and the extent to which employers can learn this information. That’s because the employer’s ability to make efficient business decisions is not the only social value at stake.

One countervailing social value is ensuring individual freedom and autonomy. Work for many people is more than just an income stream. It is a central part of their life. I, for one, do my job because I see it as essential to who I am, not because of the money, as I could be earning much more working for a law firm or in other position. Work isn’t just about “show me the money.” As I asked in my initial post, do we want a world like that in the movie Gattaca, where people cannot pursue their dreams because of genetic predispositions?

Another countervailing social value is privacy. In an article I published a few years ago, I took on Epstein on this point. There is a lot of information that employers might find useful in determining an employee’s health risks: her eating habits, sex life, family health history, hobbies (does she like to do risky things like skydiving?), financial condition, children’s health (after all, if an employee has an unhealthy child, this can detract from workplace productivity), and more. There are limits, however, imposed both by law and by social norms, on what employers can demand to know about employees. And for good reason. Even though the information might help the employer make a rational decision, we value privacy. Privacy certainly isn’t free – it comes at a cost, but that cost might well be worth paying.

Epstein also takes issue with the argument that without privacy, people will be deterred from undergoing genetic testing:

One argument is that people will shy away from finding out their genetic position if they are subject to the test. Don’t believe all this. By assumption, there is good reason to believe that the information that is acquired from genetic sources is of value not only to the employer but also to the employee. Suppose that a women has the gene that renders her susceptible to breast cancer, which if identified would allow for certain prophylactic choices. Does it really make sense to think that she would choose not to get that information if she had to disclose it to a prospective employer? Hard to believe that workers would take that kind of risk with their own lives.

Ultimately, the extent of deterrence is an empirical question that neither of us has the data to answer. Epstein makes his argument in terms of what the hypothetical rational person would do. And at that level, I can offer a counterargument. In his example of the woman getting genetic testing for breast cancer, he assumes that the woman would clearly not want to risk her life just to keep her job. But many people risk their lives for their jobs. Look at the soldiers in Iraq, police officers, firefighters, and others. Thus, it is not entirely clear that the rational person wouldn’t put her health at risk for her job. And people don’t always act as the rational economic actors as assumed by some law and economics scholars. There are many people who are already reluctant to find out information about their health, even when it could help them. Risking damage (or even an end) to one’s career can make this reluctance all the greater.

Originally posted at Concurring Opinions

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.

Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum and International Privacy + Security Forum, annual events designed for seasoned professionals.

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
*
LinkedIn Influencer blog
*
Twitter
*
Newsletter

TeachPrivacy Ad Privacy Training Security Training 01