🚨BREAKING: Private Covid testing company Dante Labs appears to have been using lax data privacy laws in order to advertise its genomic sequencing services to customers. THREAD: 
Hundreds of companies have been making money from the huge private Covid-19 travel testing industry created by the UK government. Among these, some companies also offer DNA sequencing which offers ‘insights into your health, life and risk for hereditary disease’.
Dante Labs owns Immensa Health, which has been awarded £169,435,000 in two contracts for PCR testing of Covid-19 samples by the Department for Health and Social Care (DHSC).
contractsfinder.service.gov.uk/notice/b608182…
contractsfinder.service.gov.uk/notice/b608182…
Dante Labs’ privacy policy says the company will process emails to send newsletters and marketing communications “based on your consent”. Under GDPR and PECR data privacy regulations, companies need to obtain explicit, informed consent to market other services to customers.
We asked Dante Labs if they had obtained consent from their customers, but they did not respond to our emails. The page on their website which Covid customers were directed to has now been removed, and displays a 404 error message.
Dante Labs did tell us that “We do not share genetic data with any parties beyond Immensa, a Dante Labs company, and Public Health England, as per Government requirements. We do not sell this data, whether individual or aggregated.”
However, a review of their genetic tests in 2018 noted that “The raw data generated by the sequencing machine is then stored in Amazon’s cloud known as AWS (Amazon Web Services). Amazon also analyzes the raw sequencing data generated by Dante Labs.”
sequencing.com/blog/post/dant….
sequencing.com/blog/post/dant….
Lucie Audibert, Legal Officer at Privacy International, says that "Covid-19 testing providers shouldn't be exploiting the various mandatory testing requirements for their own marketing.”
“The contact details people provide to receive results of their tests should be used for just that - not to contact you at a later date to try and sell you other services. Without sufficient information and obtaining valid consent, this can be a serious breach of privacy laws."
Mariano delli Santi, Legal Officer at Open Rights Group, told us that “consent may not be the only issue at stake. Dante Labs affirms in their privacy policy that they use Standard Contractual Clauses to secure international data transfers.”
“This measure does not adequately protect against the power of US authorities to access cloud data without a judicial order. If Dante Labs is processing genomic data with Amazon Web Servers, they are exposing those data to the US bulk surveillance regime.”
Dante Labs assured us that it does not collect DNA information from Covid-19 testing customers. We do not have evidence that the company has violated data privacy laws.
Genomic sequencing is a rapidly advancing technology which offers the promise of preventative healthcare which could save the NHS a lot of money. However, it also comes with serious negative consequences if such valuable data were to get into the wrong hands.
But if big genomics companies cannot offer clarity on whether they use basic customer data according to data privacy laws, it raises important questions about whether they will keep much more sensitive and important genomics data safe.
For the full @BylineTimes write-up from @jwsal, please follow the link below:
bylinetimes.com/2021/10/14/gen…
bylinetimes.com/2021/10/14/gen…
The Competition and Markets Authority (CMA) announced on the 24th September that it was launching a formal investigation into Dante Labs following complaints to the CMA from customers:
gov.uk/government/new…
gov.uk/government/new…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
