Genetic Access Control
What is Genetic Access Control?
Using the 23andme API it is now possible to
utilize genetic profile information and likely phenotypes in custom applications. This
means you can restrict access to your site based on traits including sex, ancestry,
disease susceptability, and arbitrary characteristics associated with
single-nucleotide polymorphisms (SNPs) in a person's genotype.
How does it work?
GAC uses the standard third-party authentication mechanism OAuth2 to request minimal
permissions from 23andme on behalf of the user. The user is presented with a dialog
asking them to approve the sharing of certain genetic data with your application.
If the request is approved a temporary access token is passed to your application
which can be used to make API requests to retrieve information, such as ancestry
composition and SNP nucleotide sequences. This data can then be used to grant
or restrict authorization.
Possible uses
- Creating "safe spaces" online where frequently attacked and trolled victim groups
can congregate, such as a female-only community
- Ethnoreligious sects may wish to limit membership, e.g. Hasidic Jewish groups
restricting access to Ashkenazi or Sephardic maternal haplogroups with the "Cohen" gene
- Safer online dating sites that only partner people with a low likelihood of offspring
with two recessive genes for congenital diseases
- Pharmaceutical applications that check for genetic predisposition to negative drug
interactions before dispensing
- Groups defined by ethnic background, e.g. Black Panthers or NAACP members
Flaws
- It is possible to register a new account, obtain a genetic testing kit for about $100
and submit a saliva sample from a person who would normally fit the criteria for granting
access, after about six weeks of waiting.
- Many traits such as ancestry composition are speculative and statistical in nature, not
precise. There are adjustible settings for threshold and speculation in the sample code.
- There are unresolved ethical issues regarding trans-*-identifying persons such as
transgender and transethnic users.
Demonstration
- Ancestry Authorization Demo
- You must have a genotyped 23andme account to access the demo. It checks to see if your
ancestral makeup is primarily composed of European (minus Ashkenazi) genetic markers to
determine whether or not access is permitted.
Running