Buried in a 2400-page bill approved last week by the U.S. Senate to help the United States compete with China is language that is drawing fire from human genome researchers. It would require the National Institutes of Health (NIH) to develop new security protocols aimed at preventing the misuse of U.S.-funded genomic data by China and other nations.
The provision is not based on any substantiated security risks, and “could slow biomedical advances and impose unintended burdens,” the American Society of Human Genetics (ASHG) warned last week in a letter to lawmakers. The Association of American Medical Colleges cautioned in a statement that “any additional protections or restrictions … should be commensurate with the actual risk.”
Research advocates are applauding many provisions of the massive Senate bill, the United States Innovation and Competition Act (S. 1260). It calls for ramping up federal research spending, as well as creating a new technology directorate at the National Science Foundation.
They’re less enthusiastic about a section of the bill reflecting concerns that China is amassing DNA data on U.S. citizens. Some fear China could use such data to give its drug industry an economic advantage, devise bioweapons tailored to Americans’ genetics, or even blackmail people by threatening to publicize private information. To reduce those risks, Senator Marco Rubio (R–FL) and other lawmakers have been pushing NIH to take additional steps to strengthen security protections for genome data, and more intensively scrutinize foreign scientists who request access to those data.
The bill would require federal officials to “ensure” that research backed by NIH and other agencies that involves “the sequencing of human genomic information, and collection, analysis, or storage of identifiable, sensitive information … is conducted in a manner that appropriately considers national security risks.” NIH must work with intelligence agencies to issue, within 1 year, “a comprehensive framework” for managing risks, such as requiring more training for NIH-funded investigators and peer reviewers and including security experts on data access committees.
In the past, NIH has responded to such calls by arguing that existing privacy and security measures are adequate. Researchers already strip identifying information from genome data, for example, and NIH already reviews—and sometimes turns down—scientists seeking access. But in 2019, the Office of Inspector General (OIG) of the Department of Health and Human Services, NIH’s parent agency, suggested NIH do more, for example by adding new controls for foreign scientists who use U.S. genome data.
In a response to OIG, NIH questioned the seriousness of the threat. It noted such national security concerns were largely based on “a single Congressional testimony,” from an FBI agent named Edward You who has long warned of the potential risks of sharing genomic research data. Fears of economic harm were “theoretical,” NIH said, noting that many stakeholders and members of Congress argue that sharing data promotes innovation. And it scoffed at the “improbability” of weaponizing human genetics data. Research would “come to a halt,” NIH said, if it had to write policies “to counter every theoretical risk.” It said more training, for example, would not stop someone with “nefarious intent.”
ASHG makes similar points in its 10 June letter opposing the Senate provision to Representatives Frank Pallone (D–NJ) and Cathy McMorris Rodgers (R–WA). They are senior members of the House of Representatives Committee on Energy and Commerce, which will have a say in any final legislation that might emerge later this year from negotiations between the House and Senate. ASHG wants Congress to remove the Senate provision from any final bill, and instead have a panel of scientific and security experts determine “what national threats exist, if any,” then work together on new policies.