Upcoming Data Protection Regulation to Hampers Genetic and Pharmaceutical Research

The privacy hysteria that since twenty or so years affects policy makers and data protection authorities, reached a new peak with the upcoming data protection regulation whose text has been published last Dec, 18, 2015.

While, thanks God, the text clearly states that “biosample” as such aren’t “personal data”

genetic data should be defined as personal data relating to the genetic characteristics of an individual which have been inherited or acquired as they result from an analysis of a biological sample from the individual in question, in particular by chromosomal, deoxyribonucleic acid (DNA) or ribonucleic acid (RNA) analysis or analysis of any other element enabling equivalent information to be obtained

Nevertheless there is no clear reference to the fact that genetic (and, in general, health-related) researches can’t be pre-emptively limited to specific processing since scientists work with microscopes and not with crystal balls.

The result is that every research project that deals with patient (and patient’s relatives) records might face enormous bureaucratic burdens every time a new path of study emerges from the current one.

Furthermore, the regulation says that:

Member States may maintain or introduce further conditions, including limitations, with regard to the processing of genetic data, biometric data or health data

In other words, then, we will likely face a flood of local regulation that will make harder to perform researches that save human life.

Sure, there will always be the possibility to challenge in court the letter of the law, claiming that no provision can be interpreted in such a way to endanger human life and that data protection, in constitutional terms, is a “lesser right” when compared to the right to health. But this takes time, money and an open-minded court.

In the meantime, scientists will either slow down their activities or risk to be taken in court.

Does it make sense?

Wrongful Conviction and Protection of the Innocent

Tomorrow, at the University of Milan, I shall participate to a round-table organized by the Italy Innocence Project. The topic is: The Italian Legal System and the Judiciary Mistake.

Here is the full program:




VENERDÌ 6 GIUGNO 2014 9.30 – 18.30


SALUTI INTRODUTTIVI: LUCA LUPÁRIA (Professor of Criminal Procedure at the University of Milan, Director of the Italy Innocence Project); VINICIO NARDO (Segretario dell’Unione delle Camere Penali )


ARK GODSEY (Professor at the University of Cincinnati, Director of the Ohio Innocence Project)
JUSTIN BROOKS (Professor at the California Western School of Law, Director of the California Innocence Project)

ICHAEL NAUGHTON (Director of the University of Bristol Innocence Project, Director of the Innocence Network UK)
DAVID LANGWALLNER (Professor at the Griffith College of Dublin, Director of the Irish Innocence Project)
SYLVAIN CORMIER (Attorney, Director of the Innocence Project of France)
EVELYN BELL (Chief Scientist of the Knoops’ Innocence Project)
MARIA EJCHART-DUBOIS (Member of the Helsinki Foundation for Human Rights and of the Innocence Legal Clinic in Warsaw)


ARTIN KILLIAS (Expert in Criminology, Professor at the Universities of St. Gallen, Lausanne and Zurich) DANIEL VANEK (Expert in forensic DNA identifications, Professor at the Charles University in Prague) ERIC VOLZ (International Innocence Expert, Director of The David House Agency)
ULF STRIDBECK (Professor in Criminal Law at the Faculty of Law, University of Oslo)

LUCA LUPÁRIA (Professor of Criminal Procedure at the University of Milan, Director of the Italy Innocence Project) GIUSEPPE GENNARI (Judge at the Court of Milan)
ANDREA MONTI (Attorney, Expert in forensic DNA)
MARTINA CAGOSSI (Junior researcher at the University of Milan)



Evento accreditato dall’Ordine degli Avvocati di Milano (n. 6 crediti formativi)

Data Protetcion, MTA, Human Samples and Identity Backtracing

To comply with privacy and data-protection regulations, Material Transfer Agreements for human samples often state that the samples are either anonymous (meaning: the donor institution doesn’t know at all the ID of the patient) or anonymized (the donor institution only knows and keeps secret the patient ID.) But this compliance approach won’t work anymore, since the probability of backtracing the ID of patient accessing third parties provided information is not only a proof-of-concept but an “actual reality.”

Amending the MTA to handle this issue is far more complicated than ask the lawyers to just re-phrase their lingo, because what is actually needed is a thorough analysis of the human sample collection process back to the first ring of the donor chain.

The sooner the biobank community will address this issue, the better for the research, the pharma industry and – first of all – the patient himself.

Faked DNA and Criminal Trials in Italy

Authentication of forensic DNA samples” is a paper released on the last Forensic Science International: Genetics issue by a group of Israeli researchers. Authors claim to have found a method to fabricate artificial biological samples (and the way to tell the differences from the original one) and wish that their finding will become a standard in forensic procedures to maintaini “the high credibility of DNA evidence in the judiciary system.”

Does this method really affect criminal investigations and trials?

“We still are in the “bad cop” (or evidence tamperer) field who planted faked biological samples on the crime scene” – says Andrea Cocito, researcher at IFOM, Milan (IT.) In fact, the “fabricated-genetic-evidence defense” has been proven viable in the  OJ Simpson case tried between 1994 and 1995 in Los Angeles, USA. Mr. Simpson’s lawyers were able to raise the suspicion that the results of the analysys on the biological samples coming from the crime scene – aiming at Mr. Simpson as “owner” of the DNA – weren’t reliable enough because of the police handling lack of care. “If” – Cocito argues – “a biological sample has  really been found on the crime scene, if the sample isn’t planted and if it’s not been degraded, then I might analyze both samples (the crime scene one and the one belonging to the defendant) to see if I get a match. In these case, there couldn’t be reasonable doubts on the results.” Thus, matching the defendant biosample collected in a controlled environment with the sample found on the crime scene it is possible to tell the probability of a reciprocal match.

The actual problem, then, is not the intrinsic scientific reliability of a genetic analysis-produced evidence. The problem is the strength of the chain of custody (i.e. the possibility of tracking all the intermediary steps, from the crime scene to the Court.) It is evident that if during the journey some part of it is not verifiable, a possibility comes to arise a legitimate doubt that what came in Court might not be what has been found on the crime scene.

On this issue, Italian law n. 85/2009 that creates a local National DNA Database is very lazy. There is neither any explicit duty of guaranteing the chain of custody, nor a provision that prevent the use in Court of wrongly-handled biological samples.

This is the translation of an article I’ve written for Nova-IlSole24Ore. The Italian version is available here.

Italian NDNA database. The devil is in the details

On June 30, 2009, the Italian Parliament finally passed Law No. 85 that ratifies the Prum Convention and forms the legal ground for the creation of an Italian National DNA Database (NDNAD.)

Although this law might have benefited from UK and USA court experience in the field of DNA forensics, the current text indicates that neither British nor American case law have been taken into consideration. Furthermore, the law is flawed by a foggy understanding of the technicalities behind DNA profiling and sloppy wording that certainly will not facilitate the work of lawyers, prosecutors or judges. Just to highlight a few of these inconsistencies, it must be noted that art. 8 (Attivita` del laboratorio centrale per la banca dati nazionale del DNA – Activity of NDNA Database Central Laboratory) lacks any general provision that would oblige all the responsible parties to adopt serious and adequate security measures against unauthorized access, data tampering, and illegal handling of data and information. Continue reading

Italian data protection authority to (apparently) sanction Carabinieri’s DNA forensics biobank

On May, 25 2009 the Italian Data Protection Authority (DPA) disclosed the results of an investigation over the DNA forensics database run by the Carabinieri’s Raggruppamento Investigativo Speciale (RIS.) 1

According to the laconic press release, the DPA ordered RIS to enforce stricter security measures to track who access the database. Although the DPA (as often) didn’t release the full decision, it is a legitimate inference to say that RIS didn’t take DNA security seriously enough. DPA decision shares the same (flawed) cultural milieu of the Italian National DNA Database Institution Bill, soon to become into full force. The DPA objected nothing about RIS ( (as well as the NDNAD bill) to retain  both biological sample and DNA profile. By doing so, the DPA laid the foundation for the most pervasive, State-controlled citizen mass privacy violation.

Current DNA profiling methods, such as the SNPs (read “snips”) are powerful enough to allow the identification of a person, without the need of preserving the biological sample that provided the genetic profile. By saying that Carabinieri (and the Parliament) are allowed to do the contrary, means bear the effective risk of having analysis of a very diferrent (and uncontrolled) kind to be performed on the genetic code of the inhabitant of the Italian NDNAD.

Pandora’s pot would be – then – ready to be opened.

  1. One of the three main police force in Italy. The others are Polizia di Stato and Guardia di Finanza

One step ahead towards the Italian National DNA Database

On Dec. 23 2008 the Italian Senate passed the law that allows the creation of an Italian National DNA Database (NDNAD.) When the Camera dei deputati (a sort of Lower Chamber) will grants its approval the law is approved. Technically speaking, there is room for amendments, but this is improbable and, even if amendments come, they wouldn’t change the foundation of this law.

The law is flawed by several weak points: a scientific and cultural lack of perspective (poor understanding of molecular biology and DNA forensics issues); an incredible exemptions for white-collar crimes, so corruption and other political and economic-related crimes  never fall into the NDNAD; very light punishment for NDNAD abuse.

A more detailed analysis will follow soon.

Towards an Italian National DNA Database

Italy started the legal process to establish a National DNA Database.

A draft law proposed by Goverment (and not yet approved by the Parliament) establish the power for Law Enforcement officer to obtain DNA samples with moderate use of force, inflicting a minimum pain.This provision is said to be necessary in case the suspect refuses to volounteerly provide the sample.

It is still unclear which structure the DNA database will assume, but is seems that both DNA samples and profiles will be collected and stored in a central facility.

Italian Biotech Law Conference 2008

IBLC fourth edition deals with the impact of building a forensic oriented Italian DNA database.

Just for the curious, here is the programme:

Tuesday, Apr 8, 2008 – h 14,00/18,15
Palazzo delle Stelline Sala PORTA
Corso Magenta 61 – Milano (IT)

h. 14,00/14,15 – Registration

h. 14,15/14,30
Opening and welcome speech

Leonardo Santi President
National Committee for Biosecurity, Biotechnology and Life Science – Council of Ministers

Guido Romeo, Journalist, Nòva24 – IlSole24Ore


h. 14,30/15,00
Personal DNA-based identification: from collection to sample analysys
Salvatore Pece
Researcher, IEO – Europea Institute of Oncology

h. 15,00/15,30
DNAbase Security: hardware and software infrastructures
Andrea Cocito, Campus IEO-IFOM

h. 15,30/16,00
Biobanks and Italian Biotech industry role
Leonardo Biondi, Biopolo S.c.r.l.

h. 16,00/16,30 – Coffee break

Case history: the National DNA Database in the UK
Stephen Firth, Firth Consulting

h 17.00/17.30
Myth and reality of DNA-based investigations
Andrea Monti,
Vice President, ALCEI – Electronic Frontiers Italy

h 17.30/18.00
“Of Crime and Gene”
Giovanni Boniolo, Professor of philosophy of Science, Università degli Studi di Padova – IFOM Milano

h. 18.00/18.10
Leonardo Santi


IBLC stands for Italian Biotech Law Conference, the first Italian scientific conference dealing, from an interdisciplinary perspective, with life-science, information technology and law.

IBLC father is Andrea Monti, an Italian lawyer and legal scholar,researching, since more than 14 years, the field of ICT legal issues.

IBLC was born in 2004 as an Italian Cyberspace Law Conference; spinoff, with title Bioinformatics Research between IP protection and information free flow.

The discussant where dr. Marcella Attimonelli (associate professor of molecular biology at the University of Bari) and dr. Paolo Vezzoni (researcher at the National Research Council’s Institute of Biomedical Technologies).

IBLC second edition (2005) the title Protection of Biotech Assets, Market, Freedom of Research has been discussed by dr. Enrico Dainese (associate professor at Teramo University Comparative Biomedical Science Dept.), dr. Giampiero Di Plinio (professor of Public Comparative Law at the University of Chieti), dr. Piero Fariselli (researcher at the Department of Biology – University of Bologna), dr. Andrea Cocito (FIRC Foundation of Molecular Oncology’s bioinformatics group.)

Third edition (2007) has been possible with the invaluable help ho FIRC Institute of Molecular Oncology and asked the question: Who owns bioinformation? (Possible) answers came from the following high profile scholars and researchers, managed by Giovanni Boniolo (conference chair – University of Padova, IT, Dept. of Philosophy): Pier Paolo Di Fiore – Andrea Cocito FIRC – IFOM, Luciano Floridi – Oxford University (UK), Giovanni Ziccardi – University of Milan, IT, Marco Ventura – University of Siena.

IFOM-FIRC and Biopolo sustained the fourth edition: Gen-ethics and BioBanks: between market and law enforcement profiling that obtained the endorsment of the National Committee for Biosecurity, Biotechnology and Life Science – Council of Ministers.

Past edition’s speakers talked about:

* What is bioinformatics (M. Attimonelli)

* Human genome variability: privacy and social-ethics issues (M. Attimonelli)

* Open source and bioinformatics software licensing (A. Cocito)

* Bioinformatics and protein structure analysys (E. Dainese)

* Biosequences analysys: database, technics and standard. A technical introduction for “the rest of us” (P. Fariselli)

* Open source, copyrights and bioinformatics (A. Monti)

* Genetic research, biotechnology, information access, economic applications (P. Vezzoni)

* How to build bioinformation (A.Cocito)

* What is bioinformation (L.Floridi)

* Semantic ambiguities, intellectual property, law (G.Ziccardi)

* Bioinformation and Public Policies (M.Ventura)