The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years

On the surface the GDPR appears to be a good thing and perhaps something I'd wish to see here in the U.S., however I've always tried to envision unstated scenarios from both sides with regard to legislation. (Yup, I'm Libertarian, lol).

But in this case I'm an interested party but so far on the sidelines. There are some sections that are vague enough that will require clarification via either rule making or arbitration when they come up (and they will). I have not read the legislation so I'm relying on those that have within the fields of Genealogy and Genetic Genealogy. Yes, Genetic Genealogy is becoming a very misunderstood and misreported news topic lately here in the U.S., over the methods that were used to capture the Golden State killer. (I find Trump somewhat palatable but it's a great example of "fake news" in action on this particular topic!)

My stake is that I've been deeply involved in Genetic Genealogy for the last 2 years when I first found out that I was adopted. (I was 64 years old when I found out!) I've been doing genealogy for about 20 years and it's expected that everyone who does has run across "that" 4th Cousin who thinks their/your 3rd Great Grandparent and all of his/her information is the sole property of them, but not you as well. And in the last 2 years I've learned much about the public & ALWAYS voluntary sharing of genetic information (DNA). As an adoptee searching for and entering an entirely "new" family as an "outsider" I've gained many new perspectives on privacy from quite a varied array of people. Even now that I have found both of my birth parents, there are huge privacy concerns as well as incentives to make information public, from many different perspectives. All of which I'm confident that any legislative body can't imagine or if they could, are not likely to get right in the wording of legislation, especially the initial draft.

Without making this any longer, I'll just say that legislation like this needs deep thought & consideration and everyone in the Genealogical arena is cautiously awaiting the outcome. The penalties for what is considered an infraction are extremely severe and could undo a lot of good work that good people are doing. The current E.U. legislation also affects U.S. companies with E.U. citizen "data", btw.

In the 80's, one of my employers approached us (en-mass) to donate DNA samples to "Build the Human Genome."

Over lunch for several weeks, several of us had respectful yet spirited conversations about how this kind of data could be used in the future.

For example acceptance / rejection into:

-Life Insurance
-Medical Insurance
-Auto Insurance
-Affects on our families ability to acquire various forms of insurance
-Criminal Proceedings
-Biometric tracking (some of this was already existed and in use)

The concerns about data and privacy were well underway.

So let's ask this question. Let's say, you have a predisposition to developing a medical condition that you've not yet developed. Without having your genetic data, it would, on the surface seem like an insurance company would have no reason to increase your premium. But, what happens when your someone in your genetic linage donates DNA and your predisposition is discovered via the insurance company. Is it fair for the insurance company to increase your premium to you for something you didn't allow them to have access to personal genetic information you didn't provide? More questions than answered.

That said, the question is this. What data needs to be protected so the individual is protected adequately from many facets.

Oh, as to our participation, we all en-mass declined to participate and when we were polled why, we'd discussed why we shoudn't share our observations.

But it's more than DNA, it's your financial, health, and and and and and... and then more!

Information when used ethically seems on the surface to be a good thing for businesses to function.

But the question is about what's ethical...

Ethics in business is as solid as in private life. Depends on who is defining boundaries. Everything can be "moral" if you have power to back up your view. In extreme cases it's call war.

In long run data collection and mining will expand. And government will not stop it, because they will have somebody to do dirty work for them. As data mining goes ever heard of ECHELON? It's old news and you may be sure it's growing in size and scope of data collected every week.

https://techcrunch.com/2015/08/03/uncovering-echelon-the-top...

And if they wand data from private entity you think they won't get it? Ever heard of Apple stunt of refusing to decode iPhone to gov? Well, if they classified it as "lawful" they have no objection to give away what they can. And they are not the only one.

https://qz.com/620423/heres-how-often-apple-google-and-other...