There are no genetic privacy guarantees

I have published some stuff on genetic data privacy in the past.   This includes a policy forum that claims that technical means for guaranteeing anonymity and privacy are likely to fail.  It also includes a call for patient consent mechanisms that do not guarantee absolute security, but honestly explain that substantial efforts will be made, but absolute security can not be guaranteed.  Thus, people who participate in genetic research should be somewhat altruistic and willing to take on some risk.  Of course, there are those for whom this will not be acceptable, but we speculated that there would still be plenty of people willing to participate.
Why do I mention these?  Because there has been a furor this week over a very interesting paper in PLoS Genetics that showed that aggregated genetic data (previously thought to be secure from de-identification) might not be as secure as thought.  It has caused folks at major genetic databases to carefully (and quickly–I understand some folks had emergency meetings on this topic when the paper appeared) rethink their strategies of data release and data sharing, and some have even taken down sites pending evaluation of safety.  This is all reasonable, but not surprising at all.   Efforts to have bullet proof genetic databases are unlikely to be successful, so I can only once again urge that people (1) recognize that guarantees of confidentiality are misleading and difficult to deliver, and (2) use consent mechanisms that include language admitting the potential risks but falling short of making absolute guarantees.
Yes, this is all hard, but I think it is the honest way to proceed.   We are trying to do similar things in the PharmGKB database.  I don’t know that we have it exactly right, but these are our guiding principles.