The draft of the Human DNA Profiling Bill is scheduled to be presented in Parliament during the ongoing monsoon session. While a law to regulate the collection, storage and use of the human genetic code is long overdue, this draft has faced strong criticism from civil liberties experts. The act of profiling DNA (or deoxyribonucleic acid) is intrusive in nature. In the absence of a specific privacy law, this draft has substantial scope to violate the privacy of individuals. The draft could also open a political can of worms in that DNA may be used to try and determine caste and religious markers. Ideally, a privacy law that adheres to the recommendations of the A P Shah Commission on Privacy should have been passed before presenting the DNA Bill - and indeed, before rolling out the Aadhaar system, which collects biometric data. However, the government is obviously reluctant to move on the privacy front. Indeed, the Attorney General recently argued that there was no fundamental right to privacy in a recent submission to the Supreme Court. Whatever may be its legal merit or demerit, this is a dangerous and illiberal position to take, and the government should reconsider.
DNA profiling is useful in many criminal cases, to identify bodies in the aftermath of accidents and disasters, and in civil paternity and maternity suits. DNA analysis can also help pinpoint susceptibility to conditions like asthma and diabetes. Medical institutions collect DNA. Inexpensive do-it-yourself kits are also available for DNA collection. In many countries, law enforcement agencies maintain a digital database of the DNA of convicted criminals, and of DNA collected from the scene of unsolved crimes. But any DNA data can also be obfuscated, tampered with, or they can suffer from contamination, or from simple filing error. DNA can be tied to sensitive information such as caste and religion, since criminals and accused in the Indian penal system are automatically classified by caste and religion. For example, the CDFD (Centre for DNA Fingerprinting & Diagnostics) states that it will create DNA marker databases of different caste populations. The framework and utility of this are not in the least clear. Conversely, the possibility of abuse is obvious. DNA can be combined with biometric information and financial attributes like the permanent account number or PAN, medical insurance data, etc, to create a repository of private information about a large number of individuals. These dangers must be guarded against.
The collection, digital storage and use of DNA must be regulated, with best practices mandated and penalties imposed for illegal collection and use. It must also be clearly defined when informed consent is required, and where DNA may be collected without consent. Individuals should be allowed access to their own DNA data. There is also a need to establish norms for deletion, and for control of access to such databases. Most of this is ignored in the draft, which just suggests the establishment of a board to set norms. There must also be clear external oversight of such a DNA Board to ensure that sweeping regulatory powers don't lead to over-reach. Again, this is ignored in the draft. Given the omission of safeguards and the lack of clearly defined regulatory checks and balances, the privacy of both individuals and communities could be at risk if the draft is passed in its current format. If the government is unwilling to first draft and pass an overarching privacy law, these gaps in the proposed DNA Bill must be addressed in detail.
